urlscan.io logo urlscan.io
SecurityTrails logo

www.cutimes.com Open in urlscan Pro
2606:4700::6812:3b7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://linkmktg.cutimes.com/click/29850548.10088/ahr0chm6ly93d3cuaw5zdgfncmftlmnvbs9maw50zwnobwvldhvw/5f49174cbf50145c257e00...
Effective URL: https://www.cutimes.com/?slreturn=20221106142122
Submission: On December 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 135 IPs in 12 countries across 123 domains to perform 733 HTTP transactions. The main IP is 2606:4700::6812:3b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cutimes.com. The Cisco Umbrella rank of the primary domain is 506980.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 21st 2022. Valid for: a year.
This is the only time www.cutimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.226.166.212 14618 (AMAZON-AES)
3 53 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 192.226.82.212 16524 (METTEL)
10 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2606:50c0:800... 54113 (FASTLY)
43 23.35.237.151 16625 (AKAMAI-AS)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 23.35.236.209 16625 (AKAMAI-AS)
15 104.18.35.151 13335 (CLOUDFLAR...)
1 35.178.31.183 16509 (AMAZON-02)
1 3.11.121.237 16509 (AMAZON-02)
1 3 52.16.99.144 16509 (AMAZON-02)
1 204.180.130.159 53866 (QTS-AS)
21 2a00:1450:400... 15169 (GOOGLE)
1 35.201.104.135 15169 (GOOGLE)
8 45.133.44.3 7018 (ATT-INTER...)
3 6 142.250.181.230 15169 (GOOGLE)
11 2a0c:5c81:514... 55081 (24SHELLS)
1 13.32.99.71 16509 (AMAZON-02)
1 99.80.8.77 16509 (AMAZON-02)
2 13.36.218.177 16509 (AMAZON-02)
1 1 54.77.60.152 16509 (AMAZON-02)
5 12 185.89.210.82 29990 (ASN-APPNEX)
2 18.207.9.29 14618 (AMAZON-AES)
1 54.69.168.64 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
1 76.223.111.18 16509 (AMAZON-02)
1 80.77.87.163 46636 (NATCOWEB)
1 1 54.38.197.123 16276 (OVH)
1 62.149.1.122 15497 (COLOCALL ...)
3 72.251.249.13 32475 (SINGLEHOP...)
1 34.223.137.203 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
10 13 142.250.185.130 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
9 37.157.6.253 198622 (ADFORM)
2 213.19.147.42 26120 (RHYTHMONE)
32 52.28.203.152 16509 (AMAZON-02)
10 2602:803:c003... 26667 (RUBICONPR...)
1 2 147.75.85.234 54825 (PACKET)
11 99.81.146.243 16509 (AMAZON-02)
2 19 185.184.8.90 204995 (RTB-HOUSE...)
7 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 145 34.247.72.166 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 80.77.87.217 46636 (NATCOWEB)
2 18.158.78.170 16509 (AMAZON-02)
6 135.125.163.79 16276 (OVH)
13 51.89.9.254 16276 (OVH)
1 192.226.85.63 16524 (METTEL)
2 3.74.80.218 16509 (AMAZON-02)
3 18.208.125.13 14618 (AMAZON-AES)
4 34.111.234.236 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.232.136.157 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
2 2600:9000:223... 16509 (AMAZON-02)
3 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 44.195.176.242 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 18.66.112.94 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 23.35.236.201 16625 (AKAMAI-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 54.224.15.253 14618 (AMAZON-AES)
1 69.166.1.15 27630 (AS-XFERNET)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
1 104.18.33.19 13335 (CLOUDFLAR...)
4 2a02:2638::3 44788 (ASN-CRITE...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
5 10 2a02:2638::1c 44788 (ASN-CRITE...)
8 178.250.0.157 44788 (ASN-CRITE...)
6 141.95.33.111 16276 (OVH)
6 10 69.173.144.138 26667 (RUBICONPR...)
1 2600:1901:0:8... 15169 (GOOGLE)
8 35.71.131.137 16509 (AMAZON-02)
2 162.19.138.82 16276 (OVH)
2 23.35.236.188 16625 (AKAMAI-AS)
1 13.32.99.85 16509 (AMAZON-02)
8 23.205.235.133 16625 (AKAMAI-AS)
1 184.30.20.22 16625 (AKAMAI-AS)
1 4 185.64.189.115 62713 (AS-PUBMATIC)
1 52.18.174.19 16509 (AMAZON-02)
1 2 185.86.139.93 201081 (SMARTADSE...)
2 6 172.64.154.237 13335 (CLOUDFLAR...)
2 2 23.1.110.85 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
2 2 72.251.249.9 32475 (SINGLEHOP...)
4 4 213.19.147.44 26120 (RHYTHMONE)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 69.166.1.12 27630 (AS-XFERNET)
6 6 18.156.0.31 16509 (AMAZON-02)
1 1 3.223.157.197 14618 (AMAZON-AES)
3 4 37.157.2.234 198622 (ADFORM)
4 4 185.29.134.248 30419 (MEDIAMATH...)
17 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.168 1299 (TWELVE99 ...)
2 2 178.250.0.163 44788 (ASN-CRITE...)
3 5 52.95.125.22 16509 (AMAZON-02)
3 198.47.127.20 62713 (AS-PUBMATIC)
1 1 141.94.171.214 16276 (OVH)
3 54.77.35.234 16509 (AMAZON-02)
1 35.204.74.118 396982 (GOOGLE-CL...)
4 4 185.89.210.46 29990 (ASN-APPNEX)
1 4 185.86.139.114 201081 (SMARTADSE...)
1 1 162.254.186.187 33695 (SCALEMATRIX)
1 8.43.72.97 26667 (RUBICONPR...)
1 17 34.247.233.198 16509 (AMAZON-02)
3 4 35.157.180.193 16509 (AMAZON-02)
2 2 23.23.131.203 14618 (AMAZON-AES)
3 3 64.202.112.223 22075 (AS-OUTBRAIN)
1 1 72.246.169.24 16625 (AKAMAI-AS)
2 2 198.148.27.140 19189 (PULSEPOINT)
3 3 70.42.32.255 13789 (INTERNAP-...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 5 2a05:d018:d29... 16509 (AMAZON-02)
1 1 54.80.89.182 14618 (AMAZON-AES)
1 150.136.25.38 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 4 52.46.151.131 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
3 3 151.101.66.49 54113 (FASTLY)
2 2 18.158.8.202 16509 (AMAZON-02)
1 1 124.146.215.48 2514 (INFOSPHER...)
1 8 185.80.39.216 27381 (CASALE-MEDIA)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 104.18.36.94 13335 (CLOUDFLAR...)
6 6 52.30.134.174 16509 (AMAZON-02)
2 66.155.71.149 13768 (COGECO-PEER1)
2 2 3.122.156.110 16509 (AMAZON-02)
1 172.64.151.162 13335 (CLOUDFLAR...)
1 1 2620:116:800d... ()
1 1 85.114.159.118 ()
2 2 35.201.96.126 ()
1 185.64.189.229 ()
1 2 77.243.60.138 ()
1 2606:4700:10:... ()
1 2 54.84.251.28 ()
2 2 34.243.37.252 ()
1 2a02:fa8:8806... ()
1 1 35.214.223.115 ()
1 2 2606:4700::68... ()
1 195.5.165.20 ()
1 162.55.120.196 ()
1 1 141.95.171.141 ()
1 1 141.94.171.213 ()
1 72.251.241.206 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
1 1 2001:678:cb4:... ()
1 1 178.62.202.251 ()
1 1 34.102.253.54 ()
733 135
1    3.226.166.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com
linkmktg.cutimes.com
53    2606:4700::6812:3b7 (United States)

ASN13335 (CLOUDFLARENET, US)
cutimes.com
www.cutimes.com
store.cutimes.com
images.cutimes.com
3    192.226.82.212 (New Haven, United States)

ASN16524 (METTEL, US)
store.law.com
10    2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)
owlcarousel2.github.io
43    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2606:4700::6812:d5a (United States)

ASN13335 (CLOUDFLARENET, US)
imageserver.amlaw.com
5    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2606:4700:10::6816:38ae (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
telemetries.jeeng.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    23.35.236.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-209.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
15    104.18.35.151 (None, )

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
data.dianomi.com
1    35.178.31.183 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-31-183.eu-west-2.compute.amazonaws.com
mb.moatads.com
1    3.11.121.237 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-121-237.eu-west-2.compute.amazonaws.com
geo.moatads.com
3    52.16.99.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-99-144.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    204.180.130.159 (Rolling Meadows, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com
olytics.omeda.com
21    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
1    35.201.104.135 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 135.104.201.35.bc.googleusercontent.com
vi.ml314.com
8    45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.mediafuse.com
player.hbmp.mediafuse.com
p.safeservingcdn.com
player.adtelligent.com
6    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
11    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.hbmp.mediafuse.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
1    13.32.99.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-71.fra60.r.cloudfront.net
s.dpmsrv.com
1    99.80.8.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-8-77.eu-west-1.compute.amazonaws.com
alm.demdex.net
2    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
b.law.com
1    54.77.60.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-60-152.eu-west-1.compute.amazonaws.com
cm.everesttech.net
12    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    18.207.9.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-9-29.compute-1.amazonaws.com
a.dpmsrv.com
1    54.69.168.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-168-64.us-west-2.compute.amazonaws.com
a.ad.gt
16    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
1    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
3    72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    34.223.137.203 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-137-203.us-west-2.compute.amazonaws.com
id.hadron.ad.gt
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e7c2159e96b923b6b7cb187a0e4ff5ea.safeframe.googlesyndication.com
d910a9d0ebc618408a0ffc15f94592d2.safeframe.googlesyndication.com
16    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
9    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
cm.adform.net
2    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
32    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
10    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
11    99.81.146.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
ads.servenobid.com
19    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
7    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
145    34.247.72.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    80.77.87.217 (Clifton, United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
2    18.158.78.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-78-170.eu-central-1.compute.amazonaws.com
collect.tealiumiq.com
datacloud.tealiumiq.com
6    135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
rtb.adxpremium.services
13    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    192.226.85.63 (Newport, United States)

ASN16524 (METTEL, US)
geoip.alm.com
2    3.74.80.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-80-218.eu-central-1.compute.amazonaws.com
visitor-service-eu-central-1.tealiumiq.com
3    18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com
pi.pardot.com
go.alm.com
4    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:223c:9200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2600:9000:223d:a600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    44.195.176.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-176-242.compute-1.amazonaws.com
ping.chartbeat.net
6    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    18.66.112.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-94.fra56.r.cloudfront.net
cdn1.opstag.com
4    2606:4700::6810:d835 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.adventive.com
6    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    54.224.15.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-15-253.compute-1.amazonaws.com
in.ml314.com
1    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
os4m-d.openx.net
us-u.openx.net
u.openx.net
1    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
4    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    2606:4700::6812:1640 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.adventivecdn.com
10    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
10    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    13.32.99.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-85.fra60.r.cloudfront.net
public.servenobid.com
8    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.18.174.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-174-19.eu-west-1.compute.amazonaws.com
g2.gumgum.com
2    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
6    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    23.1.110.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-110-85.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    2600:9000:223f:2600:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
2    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
4    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
6    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    3.223.157.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-157-197.compute-1.amazonaws.com
ssp.disqus.com
4    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
17    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
3    54.77.35.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
4    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.254.186.187 (Escondido, United States)

ASN33695 (SCALEMATRIX, US)
PTR: www.abcbymebath.com
demand.trafficroots.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
17    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
4    35.157.180.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-180-193.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    23.23.131.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-131-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
5    2a05:d018:d29:3602:7f9a:bd97:bacb:ca94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    54.80.89.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-89-182.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    124.146.215.48 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    2a05:d018:cc3:fe04:f373:8994:d3a2:58c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
6    52.30.134.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-134-174.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    3.122.156.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-156-110.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()
cms.quantserve.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
1    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
2    54.84.251.28 (None, )

ASN- ()
a.audrte.com
2    34.243.37.252 (None, )

ASN- ()
ads.avct.cloud
1    2a02:fa8:8806:20::2010 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    35.214.223.115 (None, )

ASN- ()
csync.loopme.me
2    2606:4700::6812:19ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
1    141.95.171.141 (None, )

ASN- ()
green.erne.co
1    141.94.171.213 (None, )

ASN- ()
pixel-eu.onaudience.com
1    72.251.241.206 (None, )

ASN- ()
cm.adgrx.com
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    178.62.202.251 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
145 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 719
52 KB
54 cutimes.com
linkmktg.cutimes.com
cutimes.com — Cisco Umbrella Rank: 322769
www.cutimes.com — Cisco Umbrella Rank: 506980
store.cutimes.com — Cisco Umbrella Rank: 981969
images.cutimes.com — Cisco Umbrella Rank: 558084
617 KB
45 moatads.com
z.moatads.com — Cisco Umbrella Rank: 448
mb.moatads.com — Cisco Umbrella Rank: 706
geo.moatads.com — Cisco Umbrella Rank: 724
px.moatads.com — Cisco Umbrella Rank: 464
856 KB
43 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 970
ups.analytics.yahoo.com — Cisco Umbrella Rank: 317
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
6 KB
40 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
353 KB
34 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
e7c2159e96b923b6b7cb187a0e4ff5ea.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
d910a9d0ebc618408a0ffc15f94592d2.safeframe.googlesyndication.com
298 KB
33 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 533
image6.pubmatic.com — Cisco Umbrella Rank: 734
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 1051
image4.pubmatic.com — Cisco Umbrella Rank: 982
simage4.pubmatic.com — Cisco Umbrella Rank: 1288
aud.pubmatic.com
114 KB
31 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 498
pixel.rubiconproject.com — Cisco Umbrella Rank: 351
eus.rubiconproject.com — Cisco Umbrella Rank: 587
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1032
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1178
token.rubiconproject.com — Cisco Umbrella Rank: 615
53 KB
27 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2441
dis.criteo.com — Cisco Umbrella Rank: 752
21 KB
19 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6154
creativecdn.com — Cisco Umbrella Rank: 598
4 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1425
usersync.gumgum.com — Cisco Umbrella Rank: 2277
6 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
acdn.adnxs.com — Cisco Umbrella Rank: 627
secure.adnxs.com — Cisco Umbrella Rank: 486
48 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588
13 KB
15 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 6772
data.dianomi.com — Cisco Umbrella Rank: 9827
58 KB
13 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 847
2 KB
13 adform.net
adx.adform.net — Cisco Umbrella Rank: 4061
cm.adform.net — Cisco Umbrella Rank: 1674
c1.adform.net — Cisco Umbrella Rank: 718
4 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1908
public.servenobid.com — Cisco Umbrella Rank: 3832
8 KB
12 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 969
101 KB
11 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6425
ghb.adtelligent.com — Cisco Umbrella Rank: 6025
sync.adtelligent.com — Cisco Umbrella Rank: 4649
ghb1.adtelligent.com — Cisco Umbrella Rank: 7697
ghb2.adtelligent.com — Cisco Umbrella Rank: 10009
95 KB
11 typekit.net
use.typekit.net — Cisco Umbrella Rank: 532
p.typekit.net — Cisco Umbrella Rank: 696
222 KB
9 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1057
s.amazon-adsystem.com — Cisco Umbrella Rank: 302
7 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 87
www.google.com — Cisco Umbrella Rank: 2
3 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364
2 KB
7 adventivecdn.com
assets.adventivecdn.com — Cisco Umbrella Rank: 66695
199 KB
7 mediafuse.com
player.mediafuse.com — Cisco Umbrella Rank: 84089
player.hbmp.mediafuse.com — Cisco Umbrella Rank: 49510
ghb.hbmp.mediafuse.com — Cisco Umbrella Rank: 73836
160 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 549
3 KB
6 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1001
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 602
3 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 476
4 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
261 KB
6 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9776
9 KB
6 ml314.com
vi.ml314.com — Cisco Umbrella Rank: 22729
ml314.com — Cisco Umbrella Rank: 2001
in.ml314.com — Cisco Umbrella Rank: 10801
22 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 458
www.linkedin.com — Cisco Umbrella Rank: 640
px4.ads.linkedin.com — Cisco Umbrella Rank: 6742
3 KB
5 gstatic.com
fonts.gstatic.com
165 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 635
ce.lijit.com — Cisco Umbrella Rank: 1000
2 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 242
58 KB
5 law.com
store.law.com — Cisco Umbrella Rank: 92269
b.law.com — Cisco Umbrella Rank: 136272
8 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 322
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 509
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
2 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 675
114 KB
4 openx.net
os4m-d.openx.net — Cisco Umbrella Rank: 40013
us-u.openx.net — Cisco Umbrella Rank: 468
u.openx.net — Cisco Umbrella Rank: 738
806 B
4 adventive.com
ads.adventive.com — Cisco Umbrella Rank: 62814
71 KB
4 tealiumiq.com
collect.tealiumiq.com — Cisco Umbrella Rank: 2569
visitor-service-eu-central-1.tealiumiq.com — Cisco Umbrella Rank: 51117
datacloud.tealiumiq.com — Cisco Umbrella Rank: 6335
2 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 7808
www.google.de — Cisco Umbrella Rank: 5234
2 KB
4 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1131
sync-tm.everesttech.net — Cisco Umbrella Rank: 638
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 222
alm.demdex.net — Cisco Umbrella Rank: 152016
6 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 361
fonts.googleapis.com — Cisco Umbrella Rank: 51
8 KB
4 jeeng.com
users.api.jeeng.com — Cisco Umbrella Rank: 30979
telemetries.jeeng.com — Cisco Umbrella Rank: 29181
151 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
740 B
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 820
1022 B
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 617
2 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 930
794 B
3 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1614
sync.go.sonobi.com — Cisco Umbrella Rank: 1010
2 KB
3 opstag.com
cdn1.opstag.com — Cisco Umbrella Rank: 37132
111 KB
3 dpmsrv.com
s.dpmsrv.com — Cisco Umbrella Rank: 32141
a.dpmsrv.com — Cisco Umbrella Rank: 26748
30 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 avct.cloud
ads.avct.cloud
894 B
2 audrte.com
a.audrte.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
625 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 886
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 655
382 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 653
cdn.indexww.com — Cisco Umbrella Rank: 1673
2 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1216
529 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 572
868 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 784
873 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3226
pixel-eu.onaudience.com
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5758
562 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1209
809 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
203 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1122
376 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
112 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4450
4 KB
2 alm.com
geoip.alm.com — Cisco Umbrella Rank: 146412
go.alm.com — Cisco Umbrella Rank: 154490
1 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
contextual.media.net — Cisco Umbrella Rank: 600
9 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1033
413 B
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 904
163 B
2 ad.gt
a.ad.gt — Cisco Umbrella Rank: 4158
id.hadron.ad.gt — Cisco Umbrella Rank: 4446
13 KB
2 safeservingcdn.com
p.safeservingcdn.com — Cisco Umbrella Rank: 27031
29 KB
2 github.io
owlcarousel2.github.io — Cisco Umbrella Rank: 138401
2 KB
1 playground.xyz
ads.playground.xyz
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 turn.com
ad.turn.com
518 B
1 adgrx.com
cm.adgrx.com
283 B
1 erne.co
green.erne.co
367 B
1 truffle.bid
matching.truffle.bid
1 iprom.net
core.iprom.net
280 B
1 loopme.me
csync.loopme.me
244 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 zeotap.com
mwzeom.zeotap.com
382 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 quantserve.com
cms.quantserve.com
588 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3708
622 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1621
181 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9590
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1052
694 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1722
619 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1017
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1397
293 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1101
465 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 296
593 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 579
767 B
1 trafficroots.com
demand.trafficroots.com — Cisco Umbrella Rank: 4010
633 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 985
610 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1395
490 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 887
731 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 3822
485 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2029
296 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1215
201 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 613
394 B
1 t.co
t.co — Cisco Umbrella Rank: 511
376 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 967
5 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1329
15 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 678
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
52 KB
1 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1684
242 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 392
api.rlcdn.com Failed
98 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10265
259 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1259
189 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 404
140 B
1 omeda.com
olytics.omeda.com — Cisco Umbrella Rank: 27126
3 KB
1 amlaw.com
imageserver.amlaw.com — Cisco Umbrella Rank: 79730
108 KB
0 agkn.com Failed
fid.agkn.com Failed
733 123
Domain Requested by
145 ad.360yield.com 1 redirects player.mediafuse.com
32 c2shb.pubgw.yahoo.com player.mediafuse.com
31 www.cutimes.com 1 redirects www.cutimes.com
cdnjs.cloudflare.com
30 px.moatads.com www.dianomi.com
www.cutimes.com
20 images.cutimes.com www.cutimes.com
18 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.cutimes.com
www.googletagservices.com
17 usersync.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
17 prebid-eu.creativecdn.com player.mediafuse.com
player.adtelligent.com
16 pagead2.googlesyndication.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
16 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
13 onetag-sys.com player.adtelligent.com
public.servenobid.com
13 cm.g.doubleclick.net 10 redirects g2.gumgum.com
13 www.dianomi.com www.cutimes.com
www.dianomi.com
13 z.moatads.com www.cutimes.com
z.moatads.com
ad.doubleclick.net
securepubads.g.doubleclick.net
12 simage2.pubmatic.com ads.pubmatic.com
public.servenobid.com
12 ib.adnxs.com 5 redirects player.mediafuse.com
cdn1.opstag.com
acdn.adnxs.com
12 tags.tiqcdn.com www.cutimes.com
tags.tiqcdn.com
11 ads.servenobid.com player.mediafuse.com
public.servenobid.com
ssbsync.smartadserver.com
g2.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
10 gum.criteo.com 5 redirects static.criteo.net
10 fastlane.rubiconproject.com player.mediafuse.com
cdn1.opstag.com
10 use.typekit.net www.cutimes.com
use.typekit.net
8 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
8 eus.rubiconproject.com player.mediafuse.com
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
cdn1.opstag.com
8 match.adsrvr.org ads.pubmatic.com
public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
8 mug.criteo.com
8 adx.adform.net player.mediafuse.com
player.adtelligent.com
7 assets.adventivecdn.com srcdoc
7 bidder.criteo.com player.mediafuse.com
player.adtelligent.com
6 match.prod.bidr.io 6 redirects
6 ups.analytics.yahoo.com 6 redirects
6 ssum-sec.casalemedia.com 2 redirects public.servenobid.com
ssum-sec.casalemedia.com
js-sec.indexww.com
6 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
6 id5-sync.com player.adtelligent.com
ads.pubmatic.com
player.mediafuse.com
g2.gumgum.com
6 ads.pubmatic.com www.cutimes.com
player.mediafuse.com
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
cdn1.opstag.com
6 www.googletagservices.com securepubads.g.doubleclick.net
www.cutimes.com
6 www.google.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
6 rtb.adxpremium.services player.adtelligent.com
6 ad.doubleclick.net 3 redirects www.dianomi.com
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
public.servenobid.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 image2.pubmatic.com ads.pubmatic.com
5 fonts.gstatic.com fonts.googleapis.com
5 ghb.adtelligent.com p.safeservingcdn.com
player.mediafuse.com
5 cdnjs.cloudflare.com www.cutimes.com
ads.adventive.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 x.bidswitch.net 3 redirects g2.gumgum.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 secure.adnxs.com 4 redirects
4 sync.mathtag.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.1rx.io 4 redirects
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 static.criteo.net player.mediafuse.com
static.criteo.net
player.adtelligent.com
4 ads.adventive.com securepubads.g.doubleclick.net
ads.adventive.com
www.cutimes.com
4 ml314.com tags.tiqcdn.com
ml314.com
z.moatads.com
4 ghb.hbmp.mediafuse.com player.hbmp.mediafuse.com
3 sync-tm.everesttech.net 3 redirects
3 sync.outbrain.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 sync.crwdcntrl.net ads.pubmatic.com
public.servenobid.com
3 cdn1.opstag.com securepubads.g.doubleclick.net
cdn1.opstag.com
3 px.ads.linkedin.com 2 redirects
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 ap.lijit.com cdn1.opstag.com
public.servenobid.com
3 player.adtelligent.com p.safeservingcdn.com
player.mediafuse.com
player.adtelligent.com
3 dpm.demdex.net 1 redirects
3 fonts.googleapis.com www.cutimes.com
ajax.googleapis.com
srcdoc
3 store.law.com 1 redirects www.cutimes.com
2 cr.frontend.weborama.fr 2 redirects
2 ads.avct.cloud 2 redirects
2 a.audrte.com 1 redirects public.servenobid.com
2 uipglob.semasio.net 1 redirects public.servenobid.com
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 pixel-sync.sitescout.com ssum-sec.casalemedia.com
public.servenobid.com
2 creativecdn.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 us-u.openx.net 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
public.servenobid.com
2 dis.criteo.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.go.sonobi.com public.servenobid.com
2 ce.lijit.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 acdn.adnxs.com player.mediafuse.com
cdn1.opstag.com
2 lb.eu-1-id5-sync.com player.adtelligent.com
player.mediafuse.com
2 pubads.g.doubleclick.net 1 redirects www.cutimes.com
2 www.facebook.com
2 cdn.linkedin.oribi.io snap.licdn.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 pi.pardot.com tags.tiqcdn.com
pi.pardot.com
2 visitor-service-eu-central-1.tealiumiq.com tags.tiqcdn.com
2 hbopenbid.pubmatic.com player.mediafuse.com
cdn1.opstag.com
2 prebid.a-mo.net 1 redirects player.mediafuse.com
2 targeting.unrulymedia.com player.mediafuse.com
2 telemetries.jeeng.com users.api.jeeng.com
2 a.dpmsrv.com
2 b.law.com tags.tiqcdn.com
2 p.safeservingcdn.com player.mediafuse.com
p.safeservingcdn.com
2 data.dianomi.com www.dianomi.com
2 player.mediafuse.com www.cutimes.com
2 users.api.jeeng.com www.cutimes.com
2 owlcarousel2.github.io www.cutimes.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 idsync.frontend.weborama.fr public.servenobid.com
1 cm.adgrx.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 pubmatic-match.dotomi.com public.servenobid.com
1 mwzeom.zeotap.com public.servenobid.com
1 aud.pubmatic.com public.servenobid.com
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 js-sec.indexww.com cdn1.opstag.com
1 u.openx.net cdn1.opstag.com
1 id.a-mx.com cdn1.opstag.com
1 d.adroll.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 tg.socdm.com 1 redirects
1 sync.inmobi.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 c.bing.com g2.gumgum.com
1 stags.bluekai.com 1 redirects
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 demand.trafficroots.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 ssp.disqus.com 1 redirects
1 p.rfihub.com 1 redirects
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 contextual.media.net player.mediafuse.com
1 public.servenobid.com player.mediafuse.com
1 lexicon.33across.com ads.pubmatic.com
1 cm.adform.net
1 d910a9d0ebc618408a0ffc15f94592d2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 htlb.casalemedia.com cdn1.opstag.com
1 os4m-d.openx.net cdn1.opstag.com
1 apex.go.sonobi.com cdn1.opstag.com
1 in.ml314.com ml314.com
1 go.alm.com pi.pardot.com
1 www.google.de
1 googleads.g.doubleclick.net www.googletagmanager.com
1 ping.chartbeat.net
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 analytics.twitter.com
1 t.co
1 snap.licdn.com tags.tiqcdn.com
1 datacloud.tealiumiq.com
1 static.chartbeat.com tags.tiqcdn.com
1 static.ads-twitter.com tags.tiqcdn.com
1 www.googletagmanager.com tags.tiqcdn.com
1 geoip.alm.com cdnjs.cloudflare.com
1 collect.tealiumiq.com tags.tiqcdn.com
1 colossusssp.com player.mediafuse.com
1 prebid.media.net player.mediafuse.com
1 ghb2.adtelligent.com player.mediafuse.com
1 ghb1.adtelligent.com player.mediafuse.com
1 idsync.rlcdn.com
1 e7c2159e96b923b6b7cb187a0e4ff5ea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 id.hadron.ad.gt player.mediafuse.com
1 sync.adtelligent.com
1 a4p.adpartner.pro 1 redirects
1 cs.admanmedia.com player.hbmp.mediafuse.com
ssbsync.smartadserver.com
1 eb2.3lift.com player.hbmp.mediafuse.com
1 a.ad.gt player.hbmp.mediafuse.com
1 cm.everesttech.net 1 redirects
1 alm.demdex.net tags.tiqcdn.com
1 s.dpmsrv.com www.cutimes.com
1 player.hbmp.mediafuse.com player.mediafuse.com
1 vi.ml314.com www.cutimes.com
1 olytics.omeda.com tags.tiqcdn.com
1 geo.moatads.com z.moatads.com
1 mb.moatads.com z.moatads.com
1 ajax.googleapis.com www.cutimes.com
1 imageserver.amlaw.com www.cutimes.com
1 p.typekit.net use.typekit.net
1 store.cutimes.com 1 redirects
1 cutimes.com 1 redirects
1 linkmktg.cutimes.com 1 redirects
0 fid.agkn.com Failed cdn1.opstag.com
0 api.rlcdn.com Failed ads.pubmatic.com
733 199
Subject Issuer Validity Valid
cutimes.com
Cloudflare Inc ECC CA-3		 2022-05-21 -
2023-05-21		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-18 -
2023-11-18		 a year crt.sh
*.law.com
Go Daddy Secure Certificate Authority - G2		 2022-02-09 -
2023-03-13		 a year crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2022-08-13 -
2023-08-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2022-05-03 -
2023-05-03		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.omeda.com
SSL.com RSA SSL subCA		 2022-06-24 -
2023-06-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
vi.ml314.com
GTS CA 1D4		 2022-10-27 -
2023-01-25		 3 months crt.sh
player.mediafuse.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
player.hbmp.mediafuse.com
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
ghb.hbmp.mediafuse.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.dpmsrv.com
Amazon		 2022-04-17 -
2023-05-16		 a year crt.sh
p.safeservingcdn.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
b.law.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-10 -
2023-10-11		 a year crt.sh
player.adtelligent.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
id.hadron.ad.gt
Amazon RSA 2048 M02		 2022-10-31 -
2023-11-29		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-07 -
2023-01-05		 3 months crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-07 -
2023-01-05		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2022-09-08 -
2023-10-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.tealiumiq.com
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.alm.com
Go Daddy Secure Certificate Authority - G2		 2021-12-23 -
2023-01-24		 a year crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-13 -
2023-09-12		 a year crt.sh
ml314.com
GTS CA 1D4		 2022-10-17 -
2023-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-15 -
2022-12-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
go.alm.com
R3		 2022-11-21 -
2023-02-19		 3 months crt.sh
*.opstag.com
Amazon		 2022-09-29 -
2023-10-27		 a year crt.sh
adventive.com
Cloudflare Inc ECC CA-3		 2022-05-03 -
2023-05-03		 a year crt.sh
*.ml314.com
Amazon		 2022-11-16 -
2023-12-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
adventivecdn.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-09		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 81 frames:

Primary Page: https://www.cutimes.com/?slreturn=20221106142122
Frame ID: D3456965F01864EC4E036F0C8CEBD3BC
Requests: 369 HTTP requests in this frame

Frame: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Frame ID: 587F395EC362F47F716382D062C4A13D
Requests: 9 HTTP requests in this frame

Frame: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Frame ID: 18F687E63F80C38DAF0855566BC01FE0
Requests: 17 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 1638486F23379D68D1B311F6323C9BE8
Requests: 1 HTTP requests in this frame

Frame: https://p.safeservingcdn.com/prebidlink/19332/j.html?i=11598
Frame ID: AAAEEDE123486C8FD153799E6A4CB5F9
Requests: 52 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: C1C7229C78A17A7CD9697D0F30FCC540
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Frame ID: 825531FDF105A4F06D8BDB757E1F28C5
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: 850BC38C147DB003F4F9600253A33138
Requests: 1 HTTP requests in this frame

Frame: https://e7c2159e96b923b6b7cb187a0e4ff5ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 41F75D7C95E5FD1F1B233C3151DE6AEB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A38FDE40A370658CD3E5E856186D21CF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BC009A581CC34DC3C6747837521FAA75
Requests: 3 HTTP requests in this frame

Frame: https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670342400
Frame ID: B907141E43D4E6969D6B324B1AC7E37D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0ACA892DEB6702AB9EF1E99BEADD15CD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E2644ED7CBE993EF174436B989F8F2D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvho9AJXZmBUpcCwOTJzHLBlRDR4FPlcQ-HuTrGoee3TxqEtSdqC43LpcH7ecVjgHlfw5s1jPR3V-qwtIELB9ETyYQLXHM6t9_gzFrFdf0mLR3y742MasM2dedDv87ha5uZsRzBcHMTU_A9JtBtk8oyiolJFpVzekojauSbBaCFvKvwm6kVKMCrLyPzOnaZ1bR3LPCtYPxOvEAhO8Bez8k0WeQ6hrRmZglds6Ga2whOrcPdZQQbchihL5fwe3DDhjXPgRqhGtMuEKBWpJ4hwciYlcKSah6zmxHz0Ud2bprlOiJ0yqpkAdQzZKIwCISor55aqHMtFIXu&sai=AMfl-YTnW8vMXPvUasceZ1uspEZs59hyU2TNIsscv33r5OO01rsVvOjhyvSkqzVx03GLJkc11VngxO5yWm07BJiAdKRHWNloJfz0tnad05Uo0ObYgtzpac2SlLXCwNVzvsUf3g&sig=Cg0ArKJSzBZAK35hw47yEAE&uach_m=[UACH]&adurl=
Frame ID: D3F8BB337616D5A0E83FB7AB5C588B96
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtgcwdp7DIkmBPSBcCz_npn-2ycSd1K9I7YvVzpaCuXSK73XggNgFcfHtBL4lSEXrAPIm82qJ7o_NGxPZ-VDBqnAtIr2sjd47jtU9uS3dkkVJLSDRIsO-FuyPqCR9l_lt4nV2omBvu4NULfmZ77I7vf-BNVit2-lIm8wivO1HExb8u0VvFn2GbIojyRW3zebZ5f6qs7zzCj3Ojs5m_tn2Q3wjhQvDPyejnosHANdRpmXiH-Niv6E2PJ0DR5_DaSKD_6Bf3aY-XRtOrN14deSNDpAM2DNYgKorWEepW6yDC0v6jVbWoNtiCihtXK5c7ylvF43NoiyH5&sai=AMfl-YQF05fzXdOm6zeLG3HR6SrCr3jmSyCzwMknnlpiM_9mrag-t5GkNl0O1hcgBdBnF9YNGv8r4WghxuaYKr6SKsRuldOkva-UXSkLsQdEh4TEW5Lzpd-6Aa0j1fXbkbuUMw&sig=Cg0ArKJSzHv9CIddHdMdEAE&uach_m=[UACH]&adurl=
Frame ID: C5ADEEE5D4A5A416867CD5A7881964EB
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspjzVBqWPWcHtoCJIt_dsxZEi0PoJzny3DkNSRqOQRN1bJdJyw218TeE6WtPTQLS9LgyDh4WqUEI2efX3KDuVn-lA0iW7ldZuzDbpoaNzFVCN7CtwWFYN9EmBnXaZUUcuVrMGaq5v_EgyIAt3bk5bjo6V6-d1khbfgGNEkMWPlHZA18hg_rkStF0wAzpASf4qAunce2wccoLJeT1jur_0q_iZMq2YNyO1lLnEnntIvoPvJ1aA2AiwX5XiMIPWsOeq5Ce2Smsri-c41zODkiO9wg6rPIps3I6Gc-udLJ-ZtDksQRe5llbKr8TmMTEMZWCjG2Y9rmq0&sai=AMfl-YSR5XzIzXRFIfGxd4XueNEOf7LyH5x47v18dqZ1xgzDEPQMNDYr81qYBTvxeTY0zJhbXZQ_7jLnF4n81QugKWpEqNRVw5sO-3lTjlCDbzN97qudtYCWLrYE0Y6PlqI3aA&sig=Cg0ArKJSzFiqYiRMhvm9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 282634ED2847301F5B71996FF0F4CBD2
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr9V8f1iJwXBWKBpZYRGejCdmx4hnhgYycI4MiQoiLcBiNWO-x1niPfEp7teOtmNSJKghe4PJ83yhQVm_tYHJjGYAuZJM94vfQRc0EHs-mq_H-D5Q9j2CjVeas2Gz00K48RtXb0HoWGCyz0tQkOTXBdlo-EvzVzqsNIXt1dIR4etGp90G9BdEOymzWTyGlJTdesTmYdZeN9tyqTcn7wni0Bu3mnV-8CljyA4xHDJ5Bxv3Sil-UHbakYcwcKd4pomCl_lhuujWWNSVD7-gCx96Hrptp3eH_vW0xNY9UTh4KWGmeACbiyvBgfSfDrWtpi_Qcn8KvQ9tqgg&sai=AMfl-YQiUv08uBvDti3pSFgVvBS6aBSW9g6lWGzFZpl60VUepivoeP2WD6WhiLaLztZ0tYgTXkHaPISby3Zbf7KA0uNQ_N5VHwnppOerLrCAjhC4E6aweTcQvdV9_pvHWWiieA&sig=Cg0ArKJSzLxXI7iiANz3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 022FD679016A9F1C1A6E2758F3E61825
Requests: 9 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14472/prebid.js
Frame ID: C8ABDA31DE070B6D0D537FF5297F3B75
Requests: 27 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:400,400&display=swap
Frame ID: 7ECB704DB22A74C5743D7678DEBB67AF
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cutimes.com
Frame ID: 3E1F1EF5E9F63D71A6C29FB55E39EDC7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cutimes.com
Frame ID: A238A6523E7096A9F65B138902FDF4ED
Requests: 2 HTTP requests in this frame

Frame: https://d910a9d0ebc618408a0ffc15f94592d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: E027B86680F330D3BB946D6783602018
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv74XD3zVxlowRkpJn8MjTwq_32dOHMEXUH9CtYo6pLDhOb_WEHp00uizRCq7CcyP6FNscUwCGcc50cP7I01YiWRxJKeTHxm3ErzAdmxmzEVJn1gt-nL67R0_3smHtRgHT1ddQJl9Z92dymc7N-cf8dpRzkKGhk9EuKlH-5Jf8Kvci3WZ3h4Ejz5QC8KXAvW_ftJ0rP2jFEDrcOoxnASzzfFyQJxuWoJJVyZXaVgP8GOlrXDKLisfCC0hEpZCb9c0CudidSOinb6Ibt8OIDevoDIThPJsaznLdkwp-v6KR23-EW8P4gl9FnNI3_ga924s0K1Yux4sovcLdzTBqUWZ48pxpAimmcYCicC-7SEntyHlph&sai=AMfl-YQGUXZ2_8J3Mjw1GYHOuJKSUmjG8rgfpc55CbmQw3ifuxZ9fC-Ely6MVzeQFfChmNySJr7uzpz2dO7Dd-g3Y7Pt1akEXHcaftfi_Xj24QNjlhl7n-Xw1kGCMQdmaHWZkQ&sig=Cg0ArKJSzAMNO4obLJ3QEAE&uach_m=[UACH]&adurl=
Frame ID: 963962D8A6C8FD3A3378B9EEE8D12AC6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3ECA4FBC56EEDCB3E111F3A5BF6D34E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C5AFE5ABE75DBB6331E82966F81039C6
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670354485293&gdpr=0
Frame ID: 127885A79415C814609287CAA10C3860
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670354485084&gdpr=0
Frame ID: 3EB8B49D3F2865D72F2BBCBC47E4A72B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670354485087&gdpr=0
Frame ID: 4D1339FFAAEF904764EB86713D8E10CC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670354485085&gdpr=0
Frame ID: 972E60A32706EF748FECFA500161CD08
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670354485086&gdpr=0
Frame ID: 9BA05F1C8D48DD2126D140CC9111BA1E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670354485357&gdpr=0
Frame ID: 8756673F0DDE296176393A801100AE51
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Frame ID: 47A3EA450928FD2021A6808C5CE5142E
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5EF12B49ED1A17E7F90412C2AEF61B6C
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: EC1E3B755F81088372CA7B8EE2C8A230
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: BD74CF41359053628DA242864B34F509
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2I9ST&prvid=2034%2C173%2C294%2C251%2C175%2C178%2C255%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C337%2C338%2C70%2C97%2C55%2C99%2C77%2C2022%2C3012%2C182%2C3010%2C141%2C186%2C222%2C244%2C201%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: EF6D9CDF9EBA544F7EDF12B240E9F567
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9C04C13FBDD9EE963ED7D087FC9E9315
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: D823A8FB074DBBC7E131A6B1F75D9850
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F79677304E5EAA2E7C38BC50C0CB6C55
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: B31372127E6DFC60D83A463E7389BCBC
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: B425F8C6AA57A0593763CE37EF5BB11F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 1F683FF4E1636374732DFEFE68106909
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: FD71986E4567EC4C84A175D7B063399C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
Frame ID: 2CEAEDE596F561E87AE37780EEBE70C0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
Frame ID: B380DBA6C03626F001F6E338EBA687AD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2828243996780583654
Frame ID: 1CA10D39CB423991D8080415EC7D783B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 247C71FDCAFDCF9650FA1A50FAAADDB4
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: B270104EAC02CD439756F99C673A3A02
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3696989970439279498&gdpr=0&gdpr_consent=
Frame ID: 5FAABF4DE64B8725E3ED3C49D8E5D7C5
Requests: 1 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: AE313582F2AC0F8F9193CF735D963B9D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 366D0F14D771C1751AC2EF7A619CAF35
Requests: 7 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 74349C15B1F6B87322A3FD63708073DF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
Frame ID: 9C8C26EC5487591A773CD4F423209BB2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
Frame ID: 1D5462AC30644453DEF2FF7D69966CC4
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84NzkyY2JiYS1mNTY0LTQyMWUtOTRiYi02ZTc1YzhhM2Q5Nzc=&gdpr=0&gdpr_consent=
Frame ID: 92EE595A5DE2069E85CF70376BC8BF94
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=3696989970439279498brt51531670354488930095f1
Frame ID: 3B5DA4AE04859C30E86462BF3CDED800
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y4.WOcCo8X8AAHQlDF0AAAAA
Frame ID: 623399CA2DE61AD1502D87A254A5E340
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y4.WOOAUdypKCekayna0dAAA%261129
Frame ID: 087DF09C98D420161B1D5433D05CB78C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=M7s1vpieblWpp00kUfTd&pi=gumgum&tc=1
Frame ID: 5EC887E68265CA19D9945D88869A4806
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 850477AF1E26FFFBC1BDA809A83875BE
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F98C113E0379821EF92F39ED955A3FC9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F1892C3C1DB8EDB0D8474C46DBCEF891
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: 948053BF9E8A6BA034D3B635BB8AD035
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 57F3BFDA234D8A4F3B5449E9568319F8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0D55AAFE6548B41BC7EB97E4AEB083B4
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2E100D84E57C454C139BAA758AF8B8C3
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GXpzCxZ_eA8CKngLS3xmDhp7fQwCentcFnka2mwf
Frame ID: F0C15A7BACAEA3954C90B6B7B766D040
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174117911603050643&gdpr=0&gdpr_consent=
Frame ID: ED3EAEFE1D45EFF9861D2C0581743E52
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=SgmfJMipSEl0uBWnN0dMGrnVm7A
Frame ID: 75899646551D6C5C5BD18EE62A40E641
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMGE7HHywAACC4EAEUiw&gdpr=0&gdpr_consent=
Frame ID: 428F1178C76A612D30377CA2EFFBE1A3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
Frame ID: BAEC39CD9E03C0997ABD1FDEC4BA2ACD
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
Frame ID: 7BECDDFFF7B9FFDA6A5DA40040E42098
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 3A29A1AC713A46B5AA2687E168506A3C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: AF377FE62927041C7CC774E60559A7D3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5114139123
Frame ID: A38E97135CED26701949CB4422A76795
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 81FF5420B92D95A8A131BBD0569EEF56
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: BEBDAD7ABCD6D60E47BAD130387EDEA9
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVanbaWRSRTSnQVWV
Frame ID: 78505B077B8DB4A4353E742A8CEED23F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 2D0698BCEAF915BA40D4EA8E03003FEF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
Frame ID: 56090FA2C34E03A009D2ADACF9DD0755
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Credit Union Times | Accurate and Timely CU News | Credit Union Times

Page URL History Show full URLs

  1. https://linkmktg.cutimes.com/click/29850548.10088/ahr0chm6ly93d3cuaw5zdgfncmftlmnvbs9maw50zwnobwvldhvw/5f... HTTP 302
    https://cutimes.com/ HTTP 301
    https://www.cutimes.com/ HTTP 302
    https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https... HTTP 302
    http://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=3abab719-8c04-4892-849d-0f1862d0d950... HTTP 302
    https://www.cutimes.com/?slreturn=20221106142122 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

733
Requests

90 %
HTTPS

27 %
IPv6

123
Domains

199
Subdomains

135
IPs

12
Countries

4677 kB
Transfer

11637 kB
Size

154
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://linkmktg.cutimes.com/click/29850548.10088/ahr0chm6ly93d3cuaw5zdgfncmftlmnvbs9maw50zwnobwvldhvw/5f49174cbf50145c257e0066c1476bad6 HTTP 302
    https://cutimes.com/ HTTP 301
    https://www.cutimes.com/ HTTP 302
    https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122 HTTP 302
    http://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=3abab719-8c04-4892-849d-0f1862d0d950&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20221106142122&debug=lawDomainIPWithRefRedirectAnon HTTP 302
    https://www.cutimes.com/?slreturn=20221106142122 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1670354483731 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1670354483731
Request Chain 72
  • https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.348529964;dc_trk_aid=540330490;dc_trk_cid=179800283;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.348529964;dc_pre=CO2xpq3b5fsCFUFW4Aod0uAAlg;dc_trk_aid=540330490;dc_trk_cid=179800283;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 73
  • https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325247;dc_trk_aid=541622209;dc_trk_cid=180572344;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325247;dc_pre=CLazpq3b5fsCFWyW_QcdFiEEnw;dc_trk_aid=541622209;dc_trk_cid=180572344;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 76
  • https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325244;dc_trk_aid=541622206;dc_trk_cid=180758759;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325244;dc_pre=CI2vpq3b5fsCFZ6S_Qcd_rYJag;dc_trk_aid=541622206;dc_trk_cid=180758759;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 89
  • https://cm.everesttech.net/cm/dd?d_uuid=80909429317373971682273141557739077265 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4_WNAAAAHjHCAOJ
Request Chain 91
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D614045%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%253Fslreturn%253D20221106142122 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D614045%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F%25253Fslreturn%25253D20221106142122 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?id=3696989970439279498&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=614045&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122
Request Chain 101
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=39527f37-86ba-426e-b75f-d9605f936484
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=3696989970439279498&pixelIndex=0 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3696989970439279498&pixelIndex=0&google_gid=CAESECcOhDylGQ5HhdOWPTrXppk&google_cver=1
Request Chain 380
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0184e8e2ba060067c6e0febf45c003073003006b00b08&tealium_account=alm&tealium_profile=main HTTP 302
  • https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0184e8e2ba060067c6e0febf45c003073003006b00b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEFhgMFeDvfzETGbQJhAFEqQ&google_cver=1
Request Chain 400
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1670354485193&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1670354485193%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%253Fslreturn%253D20221106142122%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1670354485193&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1670354485193&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&liSync=true&e_ipv6=AQKYP8MxSmDaYwAAAYTo4sIaQ4MqZONY53IDAwU2kkgATWXnNGWWSWrcSFIoOLUwVLXbM7T7
Request Chain 468
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
Request Chain 520
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7ZsoOHw2bzFUTHltVTVXL1dsTVhkMVZKblBQVVl4cXpqNWxqTUpzZ0JKckpTa3E0VjNBMmd2di9oL2JQY3lJemt5dVV5QTJuWnBhRkFLZG0yNWRxNThZN3NUQTVkT1B0eVFWdjRWbmRhSm1pb2FoZWRRb2RRN2ZaMUwzK0s5WjRkUVU3MURhSVBXVzVxT04xbjc2NGhKM2sxSGU3Mmw3aTFMWW9PYUZ1U0dzS1RIVlVnZEwvamEwSE9mRkQwd0xEMkdpTTdVL2tUTkdoWWFPTDMyRjZSZ2VKTEJ1K1dTc05ORE1lMjZLTGR3UGtHN1IrdGJibHZtTHRRemxPK3Zrb3BqZ1MxaHkrNDlBdUxIdWJMVXg1QUEvL1FCdz09fA&cppv=2
Request Chain 523
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.safeservingcdn.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=6RUMFnx1ODNRY3hxSE9Pdm9OajBWZEkwWkZqbjBZc2lBd0JkZUhyeWFaVlVrVjRxTGZJYk1qVE5YUUFYZ2VBZTFuL2FLUDBjTCsrV2VLbmdTYVp4NnVlUkIvWTRkRGFDSTBVWlNiSC9JblY0cE53R3RjeHpDN01yWGNFRE5VM0RNR3B4WXNFR2FRaWYyU3h4ZzVqdnhTVGNIU0FjR0luU2ZnOStpQnVOWDZobHUxS0VMekZtQlRxeUtkMC9aaTZwYW93dTVwS2tPWVNhM1VqWVR5ZkVWN3ZqQm1LcEhFVGxtSVFWQkI2TWVPclBPYTNOSEsxcDB1eVBxL0RDR3J3MVNseVBUTy9HakE3MXFMR2hKZytrVXRoVUJ5bzVuc1ZBMnkvRm43R282c1lud01aYz18&cppv=2
Request Chain 558
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.safeservingcdn.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=luIOmnxxck5rVUVsQTU0ZmIvZXY4S1dBT0F5ejJKQWsrdE43Q2FYOGpmNzBta2g2VkNWQzh6alJaOE8ySVc0QWpuOHk2S1N2SlYwZnhCc0hNaDBzNTUvL0ZLNzZZZVo3REdVQXhMYVFDeWR1QjNndlJjRUlDNXZPQlRhRkZ5R1hhbU4yb0w0YXZCbyt6dVBtMXcrVVl0STVOSm9QQis4dUNvUllHSXJpdVBnM3NoS2JDSEpNUmRVTzhsbmV6cXIxZkg1bGpoSklPWUN0RlgrRjhIekhuSVdCZlFUVTVRVUhpdC9XanFmNFAxMUdDa0drTytjRitZR2RNSHhsVzJwdEtxQ0FjbW9rVW45eDBySmdjbDgvZUpQVTdaRVNMbFRFSC9yTzg0SVV6WkFkS0pjND18&cppv=2
Request Chain 570
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cutimes.com%2F&domain=www.cutimes.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=mZG5W3xDTzdyL0lPYTFKYyt6K1o0RExUaHhJMXZoTlRDQklRSjBSZDJhdnlaK29DRHF6WU9iajZzVW9PSk11aFBGODB6dk1WR2NUS2d4MlJQMHBwVlNEWEkxTTJyLzNNK283Zm5VK3FVWjJvMXBRYWdPbTk4NkNxRHVrOVRuc3lSNGxZVnVDRnRKUlJjYmhiT0VNZGo1WFNTL0xlSEhmalJjVmJBZ0EzV3p3cmpQRG53aTh5WXJZQS9YaHRWcTVlYXR0MzBMamVTY1VROVdiWVRqSXdvQjcrckllOVovTG9JbEgwdGRpWVVmOVFTMkRUeUlVbmpYSklnRklPOFpSTDZXbDFva3ZQR3FhTmZ3WWtDNHMrcEVBR2JkMWF6SFVrMUlOTTZrbHZuNlFUY3l5RT18&cppv=2
Request Chain 581
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cutimes.com%2F&domain=www.cutimes.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=kpDEcHxmNWNnZGFtTzVLSVVUZ2xRc2daWTZLYmg4NERXZ3FpeUVjbUZIcmhPeDdhUUVSZHdpbzV0Y1BsQVd0cER5RjhneDlGOE1jTjI5OUtoN0dIUGhvallpeUpqaWZ6NDJoQ25BelRpQ216dG5lUk9JYnFEQXN6WFI1WDQxdUhyN0MrYmhqNmxGWGxiOHBLYlBmSnVWdDZEL001NlllMDVPOGFzd1NiZkZrc3BKdlV4Um9ISEl1SUEwWFZ3emZDeUNvOXhBbFMrSjU2cExEOFFyVjZxbDhvR2plOHJoanBRdERjbm81ejZ2YzRxQ2wzV1NnQVdvTENESTQ0emxJbFU2M0Yrc2NvdnJuSDYvTHNQOGFpbGRJcm44UDkwc0tET3lkUkpoNkFUbnQ5bU9QOD18&cppv=2
Request Chain 596
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 597
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 600
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3696989970439279498
Request Chain 601
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FxbJrRZHiDXC3DyCRFuFtvgG
Request Chain 603
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1670354488773 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8196119478
Request Chain 604
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5133329523337590869
Request Chain 606
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=f929bee8-85d6-44ca-9d6e-8bc017c9187a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 607
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
Request Chain 608
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kOGFhMzEzYi1hZDU4LTMyN2EtODg0NS01MmU5YTUzYTA5MWIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kOGFhMzEzYi1hZDU4LTMyN2EtODg0NS01MmU5YTUzYTA5MWIyAhIMOAE=
Request Chain 609
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
Request Chain 610
  • https://c1.adform.net/serving/cookie/match?party=14&cid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
Request Chain 611
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
Request Chain 612
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2828243996780583654
Request Chain 613
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 614
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 615
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3696989970439279498&gdpr=0&gdpr_consent=
Request Chain 616
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=at5km-SHSa2nskMUt85qJQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 617
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=04b0638f-9638-4200-afd4-e8dab7922975
Request Chain 618
  • https://pixel.onaudience.com/?partner=214&mapped=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=50e10498978ed545/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 619
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkFERTY0OUItRTQ4Ny00OUFELUE3QjItNDMxNEI3Q0U2QTI1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 620
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxcQxtgSPyI87IG_ReSDCg&google_cver=1
Request Chain 622
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7620339787543770961
Request Chain 626
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3696989970439279498&gdpr=0&gdpr_consent=
Request Chain 627
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e18c5baa-d7fb-49cd-87b0-68ae94da4095&gdpr=0&gdpr_consent=
Request Chain 628
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=76a43c1df3&gdpr=0&gdpr_consent=
Request Chain 632
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3696989970439279498
Request Chain 634
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4a099f24-c8a9-4849-74b8-15a737474c1a$ip$185.213.155.176
Request Chain 635
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_8792cbba-f564-421e-94bb-6e75c8a3d977&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=st_UGUQF0CMDBd0sY1Xp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT243UL5KUOVKRIYYEGTKEIJSDA42ZGFMHAJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT243UL5KUOVKRIYYEGTKEIJSDA42ZGFMHAJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=st_UGUQF0CMDBd0sY1Xp&us_privacy=1---
Request Chain 636
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5586030533
Request Chain 637
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=csMngY5k7Ylz&ev=1&pid=558355
Request Chain 638
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28prD4OVlsL-U2F2vNuVqWwz5_PZMqCRnxhsQJBonmmtYk-iZImjysjwQdGzf2-EVC%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28prD4OVlsL-U2F2vNuVqWwz5_PZMqCRnxhsQJBonmmtYk-iZImjysjwQdGzf2-EVC%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_8792cbba-f564-421e-94bb-6e75c8a3d977&obuid=ENC(prD4OVlsL-U2F2vNuVqWwz5_PZMqCRnxhsQJBonmmtYk-iZImjysjwQdGzf2-EVC) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Request Chain 639
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=d3d17cc0-3936-4e33-859b-a691ba3f3ee7
Request Chain 640
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-fGc3NeFE2ped4SQOgJME_X3nvJCZlk7AYnp1~A
Request Chain 641
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1996eedc-134b-4745-8889-ee384d3aec18
Request Chain 644
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=831dfa31-2b2d-4d0e-8e4b-2099f2d97591
Request Chain 645
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6856827104190220631
Request Chain 647
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9DqFy-n3QL-SAEfEzZNC9w&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9DqFy-n3QL-SAEfEzZNC9w&gdpr=0
Request Chain 648
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDTFhMMzUtMjEtNUtMRg==&gdpr=0
Request Chain 649
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_zeR4xsSQEeE75SjXS0BXA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_zeR4xsSQEeE75SjXS0BXA&gdpr=0
Request Chain 650
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/oIE7CKoamE8PguR-NxL2o8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qPU3_a5E2oK181F2EaTXeGL20EtWgUevtYHebw--~A
Request Chain 651
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDkVyPhxsbLsvzOwgXhIVnY&google_cver=1
Request Chain 652
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDgxMjM3OTJmODUyNjhlNGJkNjQ4ZTRjMjViMWQ5NjY1M2RiOWFlMQ&gdpr=0
Request Chain 654
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCLXL35-21-5KLF&gdpr=0
Request Chain 655
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 658
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
Request Chain 659
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
Request Chain 661
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3696989970439279498&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=3696989970439279498brt51531670354488930095f1
Request Chain 662
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y4.WOcCo8X8AAHQlDF0AAAAA
Request Chain 663
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y4.WOOAUdypKCekayna0dAAA%261129
Request Chain 664
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=M7s1vpieblWpp00kUfTd&pi=gumgum&tc=1
Request Chain 665
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 666
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4.WOOAUdypKCekayna0dAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKIlttw8tE2gj_RBhXK_97Y&google_cver=1&google_hm=2
Request Chain 668
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4-WOOAUdypKCekayna0dAAABGkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECRCvNEb6fBMKrFQshP5PBM&google_cver=1
Request Chain 673
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4_WNAAAAHjHCAOJ
Request Chain 690
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3696989970439279498
Request Chain 691
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4-WOOAUdypKCekayna0dAAABGkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4-WOOAUdypKCekayna0dAAABGkAAAAB
Request Chain 692
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADMGE7HHywAACC4EAEUiw&expiration=1671564090
Request Chain 693
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6e48638f-9638-4f00-aa5d-764c1d54e28d
Request Chain 694
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 695
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4-WOOAUdypKCekayna0dAAABGkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECRCvNEb6fBMKrFQshP5PBM&google_cver=1
Request Chain 697
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0yOG43Qk1P2Dvs5
Request Chain 705
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GXpzCxZ_eA8CKngLS3xmDhp7fQwCentcFnka2mwf
Request Chain 706
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174117911603050643&gdpr=0&gdpr_consent=
Request Chain 707
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=SgmfJMipSEl0uBWnN0dMGrnVm7A
Request Chain 708
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETUdFN0hIeXdBQUNDNEVBRVVpdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADMGE7HHywAACC4EAEUiw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6856827104190220631&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADMGE7HHywAACC4EAEUiw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6856827104190220631%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6856827104190220631&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADMGE7HHywAACC4EAEUiw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMGE7HHywAACC4EAEUiw&gdpr=0&gdpr_consent=
Request Chain 709
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
Request Chain 711
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&addseg=19,36,42
Request Chain 712
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 714
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25 HTTP 302
  • https://a.audrte.com/p
Request Chain 715
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=7bec5b54-230f-4b45-b369-16942f402d97&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac27263e-e366-4300-ac6a-4f415c6b54c6&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 717
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.fxXJCdE2uW8vuncbBE72_tpGdIRt9k-~A&gdpr=0&gdpr_consent=
Request Chain 721
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 722
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 723
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5114139123
Request Chain 726
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVanbaWRSRTSnQVWV
Request Chain 729
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=120529127 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
Request Chain 731
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7868335450913917825&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 732
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bbbcc5e2-a4c2-4252-a06a-ff05081edd9e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 733
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3696989970439279498

733 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cutimes.com/
Redirect Chain
  • https://linkmktg.cutimes.com/click/29850548.10088/ahr0chm6ly93d3cuaw5zdgfncmftlmnvbs9maw50zwnobwvldhvw/5f49174cbf50145c257e0066c1476bad6
  • https://cutimes.com/
  • https://www.cutimes.com/
  • https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122
  • http://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=3abab719-8c04-4892-849d-0f1862d0d950&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20221106142122&debug=lawDomainIPWithRefRed...
  • https://www.cutimes.com/?slreturn=20221106142122
115 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3233a3fa085a375f3cb18221c30b30cb364a2ee371e87ce5f87aacb871f67e4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
backend
templates_newlaw_director
cf-cache-status
DYNAMIC
cf-ray
7757625fbbde5b4a-FRA
content-encoding
br
content-language
de-DE
content-type
text/html;charset=utf-8
date
Tue, 06 Dec 2022 19:21:23 GMT
server
cloudflare
vary
accept-encoding
x-cache
MISS
x-frame-options
SAMEORIGIN
x-vnode
21

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7757625e1ce0bb7d-FRA
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Dec 2022 19:21:23 GMT
Location
https://www.cutimes.com/?slreturn=20221106142122
Referrer-Policy
origin-when-cross-origin
Server
cloudflare
Transfer-Encoding
chunked
X-AspNet-Version
4.0.30319
X-Powered-By
Server #1
X-Robots-Tag
noindex, nofollow noindex, nofollow
rocket-loader.min.js
www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Nov 2022 18:31:41 GMT
server
cloudflare
etag
W/"6387a18d-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
775762612de35b4a-FRA
expires
Thu, 08 Dec 2022 19:21:23 GMT
fa-icons-lib.min.css
www.cutimes.com/assets/build/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
2342
x-cache
HIT 2
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"4085-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
775762612de55b4a-FRA
x-vnode
27
expires
Tue, 06 Dec 2022 23:21:23 GMT
markets-lite.min.css
www.cutimes.com/assets/master-template/css/release/ 		221 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/markets-lite.min.css?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3567bf8c64166426845c7b54f1519132ea9a7ade0b4b9f3d2664bce803eb6955
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
99
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"226146-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
775762612de75b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
bootstrap-master-template.min.css
www.cutimes.com/assets/master-template/css/release/ 		105 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
2645
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"107730-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
775762612de95b4a-FRA
x-vnode
27
expires
Tue, 06 Dec 2022 23:21:23 GMT
falcon-ui.css
www.cutimes.com/assets/css/ 		771 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/css/falcon-ui.css?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 15
backend
templates_newlaw_director
cteonnt-length
771
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"771-1668685090000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
775762612deb5b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
qkq4rhw.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5a553da7ecb0174521c8c80f6b8d97a001481235b5a97cb0c270fc9ffe59a747
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
906
pagination.css
www.cutimes.com/assets/master-template/css/plc/ 		3 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/plc/pagination.css?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
659982ff5dc4222a830703646062215bbd21a2fb13e4cc2833461e7718ce2565
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
99
cf-polished
origSize=4295
x-cache
HIT 2
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
minify
server
cloudflare
etag
W/"4295-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
775762612ded5b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
nav-icon-mini-burger-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		58 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
4988
cf-polished
origFmt=png, origSize=2855
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-mini-burger-white.webp"
content-length
58
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"2855-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
775762615e395b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:23 GMT
nav-icon-search-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		362 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
4988
cf-polished
origFmt=png, origSize=3368
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-search-white.webp"
content-length
362
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"3368-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
775762616e655b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:23 GMT
social-fb-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		166 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
4988
cf-polished
origFmt=png, origSize=1222
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="social-fb-white.webp"
content-length
166
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1222-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
775762617e675b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:23 GMT
social-tw-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		354 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
4988
cf-polished
origFmt=png, origSize=1583
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="social-tw-white.webp"
content-length
354
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1583-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
775762618e7f5b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:23 GMT
social-li-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		256 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
4988
cf-polished
origFmt=png, origSize=1413
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="social-li-white.webp"
content-length
256
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1413-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
775762618e875b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:23 GMT
nav-icon-sign-in.png
www.cutimes.com/assets/master-template/images/ 		236 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
4988
cf-polished
origFmt=png, origSize=1322
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-sign-in.webp"
content-length
236
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1322-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
77576261aec35b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:23 GMT
ALM_Credit_Union_Times_white.png
www.cutimes.com/assets/master-template/images/market-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/ALM_Credit_Union_Times_white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
4988
cf-polished
origFmt=png, origSize=4365
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="ALM_Credit_Union_Times_white.webp"
content-length
2078
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"4365-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
77576261cee05b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:23 GMT
survey-results-findings-e1624384756642.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2021/06/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2021/06/survey-results-findings-e1624384756642.jpeg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d05368de9c4e1f9ed98ff9115f025efd0ad8a99c3cb1c1e2641701f157de88c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
99
cf-polished
qual=85, origFmt=jpeg, origSize=38971
x-cache
MISS
backend
contribsreimg_prod_director
content-disposition
inline; filename="survey-results-findings-e1624384756642.webp"
content-length
28492
cf-bgj
imgq:85,h2pri
last-modified
Tue, 22 Jun 2021 17:59:16 GMT
server
cloudflare
etag
"a83349-983b-5c55e8c64ba28"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
775762615e415b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:23 GMT
diversity-lending-e1608319496658.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/12/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2020/12/diversity-lending-e1608319496658.jpg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74105634e668ae317420c0d2ecaac7e2b9b6d64f8b333a7e114bf6949191b140
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
99
cf-polished
qual=85, origFmt=jpeg, origSize=58828
x-cache
HIT 1
backend
contribsreimg_prod_director
content-disposition
inline; filename="diversity-lending-e1608319496658.webp"
content-length
45770
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Dec 2020 19:24:57 GMT
server
cloudflare
etag
"e211f2-e5cc-5b6c210561352"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
775762615e3c5b4a-FRA
x-vnode
145
expires
Tue, 06 Dec 2022 23:21:23 GMT
dei-diversity-inclusion-community-members-support-underserved-1-e1624037072694.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2021/06/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2021/06/dei-diversity-inclusion-community-members-support-underserved-1-e1624037072694.jpeg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfad05ed034056b8effc21e74258bc4d9f299cfcec53c3a34a13ae00f43efb08
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
99
cf-polished
qual=85, origFmt=jpeg, origSize=32879
x-cache
MISS
backend
contribsreimg_prod_director
content-disposition
inline; filename="dei-diversity-inclusion-community-members-support-underserved-1-e1624037072694.webp"
content-length
22806
cf-bgj
imgq:85,h2pri
last-modified
Fri, 18 Jun 2021 17:24:32 GMT
server
cloudflare
etag
"a83111-806f-5c50d98d2075a"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
775762615e3b5b4a-FRA
x-vnode
27
expires
Tue, 06 Dec 2022 23:21:23 GMT
FR_1.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2021/05/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2021/05/FR_1.jpg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6816c3b693e74665d528b981d53b2a8293b1be0476ed090b55bc0c8d8dd641ad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
age
99
cf-polished
qual=85, origFmt=jpeg, origSize=31192
x-cache
HIT 8
backend
contribsreimg_prod_director
content-disposition
inline; filename="FR_1.webp"
content-length
17460
cf-bgj
imgq:85,h2pri
last-modified
Mon, 10 May 2021 14:42:52 GMT
server
cloudflare
etag
"1043f0f-79d8-5c1facace7370"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
775762615e405b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-fastly-request-id
f9a58c8301b9bccd93df8c2c067b1fac612260fd
date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
7
age
434
x-cache
HIT
x-proxy-cache
HIT
content-length
1068
x-served-by
cache-hhn4081-HHN
last-modified
Fri, 20 Apr 2018 13:22:52 GMT
server
GitHub.com
x-github-request-id
3BDE:B926:322FE2D:33C456C:638F0C43
x-timer
S1670354483.426518,VS0,VE1
etag
W/"5ad9e9ac-d17"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 06 Dec 2022 09:40:43 GMT
owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 		1013 B
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-fastly-request-id
1813902f5e31997653d1e956459c9624194a3b32
date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
5
age
112
x-cache
HIT
x-proxy-cache
MISS
content-length
479
x-served-by
cache-hhn4081-HHN
last-modified
Fri, 20 Apr 2018 13:22:52 GMT
server
GitHub.com
x-github-request-id
3B80:F02B:35568F:36DF5F:636D9D66
x-timer
S1670354483.426810,VS0,VE1
etag
W/"5ad9e9ac-3f5"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 11 Nov 2022 01:05:02 GMT
moatheader.js
z.moatads.com/almheader466656885399/ 		0
89 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almheader466656885399/moatheader.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:39:41 GMT
server
AmazonS3
x-amz-request-id
QVDRHDB7ZD9FS6FV
etag
"5ab9712e97e0c36483be7a62fe5ad480"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=13218
accept-ranges
bytes
content-length
90312
x-amz-id-2
Wvr3HvSufRvruWgwqOl+UQ/vCpPcM4qxJhsOMCiPYy4u/bbcJ2CRADfuRrHTKBXKKdemdGf5yFI=
qkq4rhw.css
use.typekit.net/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qkq4rhw.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
906
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qkq4rhw&ht=tk&f=139.169.175.5474.25136.14541.14546.14548&a=702529&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
ALM-21-422103%20Regulated%20Static%20Modules_CUT_300x250.jpg
imageserver.amlaw.com/images/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageserver.amlaw.com/images/ALM-21-422103%20Regulated%20Static%20Modules_CUT_300x250.jpg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee9691fae522eec0400aa4fef2c4ec6ea5c8ba12410d2bfbb1ee8a759a100a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 09 May 2022 12:27:07 GMT
server
cloudflare
age
6024
etag
"809fd518a063d81:0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
77576262496d9bb8-FRA
content-length
109967
expires
Tue, 06 Dec 2022 23:21:23 GMT
l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
etag
"fa20d38ca87af1153085d9146b698f2bb93b7223"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18468
l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
etag
"0373618e2db17cca6330e4b11556968310f08eb7"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33856
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32688
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
etag
"a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33660
l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
etag
"474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32384
l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
etag
"5cf72d8979177145b3e27e04c6afd6f60bee7a35"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19288
l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
etag
"b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33188
l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2022-12-06-14
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
server
nginx
etag
"70dc2d1e85f8b46c0851a31b57494c0bdb743209"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19412
river-load-more-pg.min.js
www.cutimes.com/assets/master-template/js/release/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/river-load-more-pg.min.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
99
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"4031-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
775762628ff65b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2165729
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15508
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-d04c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrBBxqIGn7d71jhy%2Ba9uR3Vf0fzDwtC1I6kv%2FUv6MFKZ5Vi8it8eROwbNe6Mn6aFgl4Ar%2BsctJtdXrfoIrFlOw%2BFESP5Ov9DPZZvmtrErq9H1uhiK6xA9EUMgdESLm4B8BYARTv3mWcpo8loTD2hOmC2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77576262aff89170-FRA
expires
Sun, 26 Nov 2023 19:21:23 GMT
TimeConversion.js
store.law.com/registration/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.law.com/registration/js/TimeConversion.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.226.82.212 New Haven, United States, ASN16524 (METTEL, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / Server #1
Resource Hash
815767dfc57a4a2e55b41de05e8da9d8cd3cc80fc39ecf244ce99ef392c3165a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:13 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
ClientProtocol
https
Last-Modified
Tue, 22 Nov 2022 23:00:19 GMT
Server
Microsoft-IIS/8.5
ETag
"80833531c6fed81:0"
X-Powered-By
Server #1
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
1875
sponsorships.js
www.cutimes.com/assets/multishared/js/ 		1 KB
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/multishared/js/sponsorships.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 13
backend
templates_newlaw_director
cteonnt-length
1454
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"1454-1668685090000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7757626288025b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
jquery.history.js
www.cutimes.com/assets/js/core/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/js/core/jquery.history.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
98
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"21571-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7757626288095b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
233124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6463
last-modified
Fri, 28 Aug 2020 22:36:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f4986fd-48b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eI37OPK7yLrjCdyaqV8KDo%2BQCUXlH68bU0Bzmljz3sAIid1fuWpSDZibqz7xaAS4feIatWtqENwNfYMsBACiUuDRy1Lh8%2FzvIT0A4EqYaEX9oBkQW3ir1qa858Pjii2DDDDQrqQqKUB5xYImfwCGDFLB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77576262a8009170-FRA
expires
Sun, 26 Nov 2023 19:21:23 GMT
jquery.touchSwipe.js
www.cutimes.com/assets/js/core/ 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/js/core/jquery.touchSwipe.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
98
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"67916-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
77576262880b5b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
tealium.js
www.cutimes.com/assets/master-template/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/tealium.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c2a4e30e5f3f4d4b6816d0b64b4906d588f2139ad1182fc97bdf4e60afedc3d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
98
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"4601-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
77576262880e5b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
overlayForm.js
store.law.com/Registration/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.law.com/Registration/js/overlayForm.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.226.82.212 New Haven, United States, ASN16524 (METTEL, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / Server #2
Resource Hash
30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:27 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
ClientProtocol
https
Last-Modified
Tue, 22 Nov 2022 23:00:36 GMT
Server
Microsoft-IIS/8.5
ETag
"082573bc6fed81:0"
X-Powered-By
Server #2
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=900
Accept-Ranges
bytes
Content-Length
3647
common.min.js
www.cutimes.com/assets/master-template/js/release/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/common.min.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
98
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"54571-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
77576262880f5b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
lazyloadXT.min.js
www.cutimes.com/assets/master-template/js/release/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
HIT
age
2336
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"2937-1668685090000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7757626288105b4a-FRA
x-vnode
27
expires
Tue, 06 Dec 2022 23:21:23 GMT
moatheader.js
z.moatads.com/almheader466656885399/ 		255 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almheader466656885399/moatheader.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6b2681d15e3868a8c2b4913461e3e7725761a78482d74c14491f34769c2a7260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:39:41 GMT
server
AmazonS3
x-amz-request-id
QVDRHDB7ZD9FS6FV
etag
"5ab9712e97e0c36483be7a62fe5ad480"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=13218
accept-ranges
bytes
content-length
90312
x-amz-id-2
Wvr3HvSufRvruWgwqOl+UQ/vCpPcM4qxJhsOMCiPYy4u/bbcJ2CRADfuRrHTKBXKKdemdGf5yFI=
cutimes.prebid.js
www.cutimes.com/assets/master-template/js/prebid/ 		2 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98763f678595955f460c238c499003122523882dc187f362c2b6c42a9daebc87
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 12
backend
templates_newlaw_director
cteonnt-length
1692
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"1692-1668685090000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7757626288115b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
bombora-rtvi.js
www.cutimes.com/assets/master-template/js/ 		1001 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2022-12-06-14
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 14
backend
templates_newlaw_director
cteonnt-length
1001
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
server
cloudflare
etag
W/"1001-1668685090000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7757626288125b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:23 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
596879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3592
last-modified
Thu, 25 Jun 2020 01:22:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ef3fc71-2b0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onFQGxeFbG55mUcpic%2FJc2iXFDTrhiZm3jXtb2wd6k4h0JqYJWCJLjWyyGEOi%2BWW7106KYgyHYIGQm3gi%2BY1%2FsYkHeVB3aV4sKUMvSxgrhve8b3z9NcF0pBI2RfRMz9JyxHwsvxRR5y8eoys1RW0Mv70"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77576262affd9170-FRA
expires
Sun, 26 Nov 2023 19:21:23 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2234405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR3LaYghPRt0mlaafOdDMmlvdrb0w10lmrocXNAr%2BsJsrew2ThPfjOvb68I%2BUxpr7uEUTFvLsWR4X13HVVNNoXu%2FlGIAtaXvbwWpdU7vVE4g6%2BZhgK5Gl%2FVRsaCD%2F%2FoMTQzlOoq1F5%2F%2B5Y1rA4itZsQU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77576262affc9170-FRA
expires
Sun, 26 Nov 2023 19:21:23 GMT
/
users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/ 		36 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"8038a-YOkL5fC0roBqp9MfNEBzSfsGHbU"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
77576262a8da8fd0-FRA
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:20:44 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 18:29:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 19:21:23 GMT
utag.js
tags.tiqcdn.com/utag/alm/main/prod/ 		149 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3a85313dac25c43c1ae22266962df201a68068d524fd9a9b42deaa76d7039a2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
last-modified
Fri, 02 Dec 2022 22:59:22 GMT
server
AkamaiNetStorage
etag
"f616498c4176f3e052faf27eb866fff2:1670021962.435395"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Tue, 06 Dec 2022 19:26:23 GMT
smart_cutimes.epl
www.dianomi.com/ Frame 587F 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77381d70d5771117aad8aac91aa0ed5490644f95d4baaf207d52fd94c8bb6163
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
775762630aa49b86-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:23 GMT
expires
now
link
</img/a/pss/1972/61.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
smart_cutimes.epl
www.dianomi.com/ Frame 18F6 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e1edc998a2592c9b26a70afdef9d7a0dfb0997a7219ebde4de89006e5aba8f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
775762630aa79b86-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:23 GMT
expires
now
link
</img/a/pss/2232/12.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
v2
mb.moatads.com/yi/ 		699 B
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&pcode=almheader466656885399&rx=306736847954&callback=MoatNadoAllJsonpRequest_40512551
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.31.183 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-31-183.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
3c5cb1a378d9b89fc005c4876889606648cb03985c9de949b555c0fa8679bdfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"65ab7198e6682b6fd957dc1a22c07f4f0142a19e"
content-length
699
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/ 		84 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=ALM_HEADER1&hp=1&wf=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1670354483662&de=159109219309&rx=306736847954&m=0&ar=67fa5e2a4e8-clean&iw=b88adce&q=1&cb=0&cu=1670354483662&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=true&la=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2345%3A2345%3A2397%3A2370&fs=201243&na=87749600&cs=0&callback=MoatDataJsonpRequest_40512551
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.121.237 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-121-237.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
c9d497e43f2ec10394985b406ac9619806aa3c5783644362494e357914823c9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"cea1762fd0276b72b220b35548f5275d69f00c84"
content-length
84
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame 1638 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=2796
content-length
1374
content-type
text/html
date
Tue, 06 Dec 2022 19:21:23 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-amz-id-2
tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id
7Y2H1YDSCY2G4ZCG
utag.119.js
tags.tiqcdn.com/utag/alm/main/prod/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.39.202211140121
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
57d9e7580c383e8caf4ed19b65a5038effe639a528ed84a071a95b65dacac325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 01:22:00 GMT
server
AkamaiNetStorage
etag
"83f7d6e88de795e268c4c15539348337:1668388920.884977"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3376
expires
Wed, 21 Dec 2022 19:21:23 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1670354483731
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1670354483731
362 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1670354483731
Protocol
HTTP/1.1
Server
52.16.99.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a711a7375dd7a44f0fb2190a508a18bb765486542262a2af7c5ba4efda810591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
94JYMakXTAc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.cutimes.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
306
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-0780584f2.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
C/j/+AmsTj0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.cutimes.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1670354483731
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
olytics.css
olytics.omeda.com/olytics/css/v3/p/ 		28 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/css/v3/p/olytics.css
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.39.202211140121
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 27 Aug 2021 04:05:28 GMT
Server
Apache
ETag
W/"28820-1630037128000"
X-Frame-Options
SAMEORIGIN
vary
accept-encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Accept-Ranges
bytes
Keep-Alive
timeout=5
Expires
Wed, 07 Dec 2022 01:21:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.39.202211140121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b28420d0edbaca1c9bdb0ecdf5856a094e48bc654c11331a5f7f3ecfd9dc39ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27550
x-xss-protection
0
server
sffe
etag
"1414 / 538 of 1000 / last-modified: 1670328320"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Dec 2022 19:21:23 GMT
get
vi.ml314.com/ 		264 B
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vi.ml314.com/get?eid=80951&tk=GfRuA1kFT83xUQHkDF2f342bL3qo62byam2QEUWYmUPbh03d&fp=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.104.135 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
135.104.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
via
1.1 google
date
Tue, 06 Dec 2022 19:21:23 GMT
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript
cache-control
private,max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb_302826_14704.js
player.mediafuse.com/prebidlink/463987/ 		389 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
0471050bb8cd28e22d4c099250cba112acfcc0ae25a8c8832b175b965171ceec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 13:27:20 GMT
server
nginx
etag
W/"636cfc38-61486"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Thu, 08 Dec 2022 19:21:23 GMT
wrapper_hb_302826_14704.js
player.mediafuse.com/prebidlink/463987/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.mediafuse.com/prebidlink/463987/wrapper_hb_302826_14704.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js?2022-12-06-14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
c9f5b4930cef37f8b1e6546841c08341f23493551b42d7341c7f66316789149c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 19:33:59 GMT
server
nginx
etag
W/"63768ca7-6c9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Thu, 08 Dec 2022 19:21:23 GMT
12.css
www.dianomi.com/img/a/pss/2232/ Frame 18F6 		2 KB
953 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/2232/12.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1223600
cf-polished
origSize=2446
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 19 Nov 2022 19:39:13 GMT
server
cloudflare
etag
W/"98e-5edd7fa2229a6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
77576263bc839b86-FRA
expires
Fri, 06 Jan 2023 05:21:23 GMT
viewability11.js
www.dianomi.com/js/ Frame 18F6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/viewability11.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
19
cf-polished
origSize=13022
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 17 Nov 2022 09:07:22 GMT
server
cloudflare
etag
W/"32de-5eda6eac3f39f"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
77576263cc9d9b86-FRA
expires
Tue, 06 Dec 2022 19:23:23 GMT
VfG99MCoyKoAAGpDgiIAAAAI.png
www.dianomi.com/img/uploads/ Frame 18F6 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/uploads/VfG99MCoyKoAAGpDgiIAAAAI.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
437632
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="VfG99MCoyKoAAGpDgiIAAAAI.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Aug 2020 16:33:27 GMT
server
cloudflare
etag
"f64-5ac380c3ca3c0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
77576263ccb49b86-FRA
expires
Fri, 06 Jan 2023 05:21:23 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/280076/4/ Frame 18F6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/280076/4/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3194ff30a355ad3cc9c578feaf1996e237605ffff67f66516de9235923b30d4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
989224
cf-polished
qual=85, origFmt=jpeg, origSize=50646
content-disposition
inline; filename="263x200.webp"
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 25 Nov 2022 08:34:19 GMT
server
cloudflare
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
true
cf-ray
77576263ccbc9b86-FRA
expires
Tue, 13 Dec 2022 19:21:23 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/273521/4/ Frame 18F6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/273521/4/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f784dd6f90d3de47732c6480b099cb70bcc3f635034358fe198471502393bb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
102133
cf-polished
qual=85, origFmt=jpeg, origSize=23674
content-disposition
inline; filename="263x200.webp"
content-length
7164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Nov 2022 21:37:44 GMT
server
cloudflare
etag
"5c7a-5eea2cc636044"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
77576263ccc39b86-FRA
expires
Fri, 06 Jan 2023 05:21:23 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/275507/4/ Frame 18F6 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/275507/4/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a845cda67701ef509fbbbe857ceab63702a0271a537578efb846f14bc5aac2c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
406401
cf-polished
degrade=85, origSize=22639, status=webp_bigger
content-length
12549
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 02 Nov 2022 00:12:25 GMT
server
cloudflare
etag
"586f-5ec71b2050ac9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
77576263ccc59b86-FRA
expires
Fri, 06 Jan 2023 05:21:23 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/212358/9/ Frame 18F6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/212358/9/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac10419c7731c0156d77f0b4b4e8bf296f911abc427223ab08c0cf76eee723c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
188870
cf-polished
qual=85, origFmt=jpeg, origSize=15908
content-disposition
inline; filename="263x200.webp"
content-length
6752
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Dec 2022 13:51:43 GMT
server
cloudflare
etag
"3e24-5eed8a34e580b"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
77576263cccb9b86-FRA
expires
Fri, 06 Jan 2023 05:21:23 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/265507/8/ Frame 18F6 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/265507/8/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c296228d9f50c9161e1dcb5d3b8bead50dfdcd139b31ba44484c0bd6f3f6ae43
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
432582
cf-polished
qual=85, origFmt=jpeg, origSize=17813
content-disposition
inline; filename="263x200.webp"
content-length
9962
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 01 Nov 2022 18:42:33 GMT
server
cloudflare
etag
"4595-5ec6d164e5512"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
77576263cccf9b86-FRA
expires
Fri, 06 Jan 2023 05:21:23 GMT
B26980385.348529964;dc_pre=CO2xpq3b5fsCFUFW4Aod0uAAlg;dc_trk_aid=540330490;dc_trk_cid=179800283;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./ Frame 18F6
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.348529964;dc_trk_aid=540330490;dc_trk_cid=179800283;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.348529964;dc_pre=CO2xpq3b5fsCFUFW4Aod0uAAlg;dc_trk_aid=540330490;dc_trk_cid=179800283;ord=1670354483;dc_lat=;dc_rdid=;tag_f...
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.348529964;dc_pre=CO2xpq3b5fsCFUFW4Aod0uAAlg;dc_trk_aid=540330490;dc_trk_cid=179800283;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.348529964;dc_pre=CO2xpq3b5fsCFUFW4Aod0uAAlg;dc_trk_aid=540330490;dc_trk_cid=179800283;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27452628.350325247;dc_pre=CLazpq3b5fsCFWyW_QcdFiEEnw;dc_trk_aid=541622209;dc_trk_cid=180572344;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/ Frame 18F6
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325247;dc_trk_aid=541622209;dc_trk_cid=180572344;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
  • https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325247;dc_pre=CLazpq3b5fsCFWyW_QcdFiEEnw;dc_trk_aid=541622209;dc_trk_cid=180572344;ord=1670354483;dc_lat=;dc_rdid=;tag_for...
18 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325247;dc_pre=CLazpq3b5fsCFWyW_QcdFiEEnw;dc_trk_aid=541622209;dc_trk_cid=180572344;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
f0de91c10e26b0cef20c6c0360b299928e84582bd82ec3156b451c363c31269a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12740
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325247;dc_pre=CLazpq3b5fsCFWyW_QcdFiEEnw;dc_trk_aid=541622209;dc_trk_cid=180572344;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
61.css
www.dianomi.com/img/a/pss/1972/ Frame 587F 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/1972/61.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1221494
cf-polished
origSize=2947
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sun, 23 Oct 2022 05:08:40 GMT
server
cloudflare
etag
W/"b83-5ebacab0b13c5"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
77576263ed049b86-FRA
expires
Fri, 06 Jan 2023 05:21:23 GMT
viewability11.js
www.dianomi.com/js/ Frame 587F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/viewability11.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
19
cf-polished
origSize=13022
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 17 Nov 2022 09:07:22 GMT
server
cloudflare
etag
W/"32de-5eda6eac3f39f"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
77576263fd1f9b86-FRA
expires
Tue, 06 Dec 2022 19:23:23 GMT
B27452628.350325244;dc_pre=CI2vpq3b5fsCFZ6S_Qcd_rYJag;dc_trk_aid=541622206;dc_trk_cid=180758759;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/ Frame 587F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325244;dc_trk_aid=541622206;dc_trk_cid=180758759;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
  • https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325244;dc_pre=CI2vpq3b5fsCFZ6S_Qcd_rYJag;dc_trk_aid=541622206;dc_trk_cid=180758759;ord=1670354483;dc_lat=;dc_rdid=;tag_for...
18 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325244;dc_pre=CI2vpq3b5fsCFZ6S_Qcd_rYJag;dc_trk_aid=541622206;dc_trk_cid=180758759;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
2e35d827c66f026cf449dc94900c3065c109aaf181bbcc674cdefd68b29f52f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12933
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325244;dc_pre=CI2vpq3b5fsCFZ6S_Qcd_rYJag;dc_trk_aid=541622206;dc_trk_cid=180758759;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixeljs
data.dianomi.com/frontend/ Frame 18F6 		266 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xA4DD95EFF602464BAA56C072E00C5D37&third_party_tracking=1&consent_string=&smartad_id=3420&partner_id=1012
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974ce3d8439f63bedd014fa327b725b32569b1ce6d292b538a0e339b66f514f4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
via
1.1 google
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
775762640d439b86-FRA
hbw_master_302826_14704.js
player.hbmp.mediafuse.com/prebidlink/19332/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hbmp.mediafuse.com/prebidlink/19332/hbw_master_302826_14704.js
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/wrapper_hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
1496e38b68a13f1a11111de8fc06d2012a08aaadb25425f7e81f92a346cccaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 19:33:59 GMT
server
nginx
etag
W/"63768ca7-1bb8f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Thu, 08 Dec 2022 19:21:23 GMT
/
ghb.hbmp.mediafuse.com/geo/ 		154 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hbmp.mediafuse.com/geo/
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/19332/hbw_master_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
635df5b5bcde52cf3a1f8eeb0a8eabdbd0890e54c6045503492f1eef0034fffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
154
tracking
ghb.hbmp.mediafuse.com/adunit/ 		43 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hbmp.mediafuse.com/adunit/tracking?event=11&type=0&client_id=302826&site_id=14704&pbjsv=v6.25.1-d&full_page_url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&adid=clxkf7.37&features=81952&vpbv=N097&tte=129&lifecycle_tte=2651
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/19332/hbw_master_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
s.dpmsrv.com/ 		347 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-71.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5f98791125eccdd706594d1a73e7e4b37ac8d964f4852a713c2ac75fbb6f6b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 18:39:00 GMT
Content-Encoding
gzip
Via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
Last-Modified
Thu, 17 Nov 2022 22:30:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
Age
2654
ETag
"750a61cd89c764cc0eeca2d45fcd9d9c"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28740
X-Amz-Cf-Id
qGfVPsIzk5YRWwITZ0DM6BIrwldg15vg_GrLhlf1oP-_uJpo39_Umw==
j.html
p.safeservingcdn.com/prebidlink/19332/ Frame AAAE 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/19332/j.html?i=11598
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 19:21:23 GMT
etag
W/"620bee41-43d"
expires
Thu, 08 Dec 2022 19:21:23 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
/
users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/ 		513 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6fa1bd48518ccf6e0f204b269ec8ad3a7aab2c0d6fe33dae8c44604d005575fc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"8038a-xD8qRVuaUk48bgJ6q6opkKzTpw0"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
775762644c718fd0-FRA
pixeljs
data.dianomi.com/frontend/ Frame 587F 		266 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x70A642A03EE74762A9DAA29F9EA01F78&third_party_tracking=1&consent_string=&smartad_id=3421&partner_id=1012
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974ce3d8439f63bedd014fa327b725b32569b1ce6d292b538a0e339b66f514f4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=2592000
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
via
1.1 google
server
cloudflare
cf-cache-status
DYNAMIC
content-encoding
br
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
775762645de09b86-FRA
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 13:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Dec 2023 13:06:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		136 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cutimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d775daae9c814d8868a58f6dd47e23dcae39ec686c2c727e5a57c3a9ab0868a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84
x-xss-protection
0
expires
Tue, 06 Dec 2022 19:21:24 GMT
dest5.html
alm.demdex.net/ Frame C1C7 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alm.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.8.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-8-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
FGyA74vSRt8=
content-encoding
gzip
date
Tue, 6 Dec 2022 19:21:24 GMT
last-modified
Fri, 28 Oct 2022 11:02:57 GMT
vary
accept-encoding
id
b.law.com/ 		48 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.law.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=90815545051666375521282178142757400785&ts=1670354483929
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e0f51bd19b08f4014583811b15316f4c3a07ec34a43bc1531fccfc3bc36cc605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y4_WNAAAAHjHCAOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=80909429317373971682273141557739077265
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4_WNAAAAHjHCAOJ
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4_WNAAAAHjHCAOJ
Protocol
HTTP/1.1
Server
52.16.99.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-99-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0c67d0b74.edge-irl1.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
udiyxL36Qro=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4_WNAAAAHjHCAOJ
Date
Tue, 06 Dec 2022 19:21:24 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
hbw_master_307825_11598.js
p.safeservingcdn.com/prebidlink/y19332/ Frame AAAE 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/y19332/hbw_master_307825_11598.js
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/19332/j.html?i=11598
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
cfff6a221c1c5025036ba4781552ac76be236e145989f04dd6d69d9f04c7657f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/prebidlink/19332/j.html?i=11598
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 20:04:24 GMT
server
nginx
etag
W/"638e4ec8-148dc"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Thu, 08 Dec 2022 19:21:23 GMT
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D614045%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%2...
  • https://a.dpmsrv.com/dpmpxl/index.php?id=3696989970439279498&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=614045&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122
248 B
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?id=3696989970439279498&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=614045&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122
Protocol
HTTP/1.1
Server
18.207.9.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-9-29.compute-1.amazonaws.com
Software
/
Resource Hash
22e8d75cea3592698fb63fce2ea901582e868860c5240cb040052871127c7f15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
218
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:24 GMT
AN-X-Request-Uuid
87d96342-f5e3-4199-9adc-1ed67b512a97
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://a.dpmsrv.com/dpmpxl/index.php?id=3696989970439279498&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=614045&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb_307825_11598.js
player.adtelligent.com/prebidlink/ex19333/ Frame AAAE 		278 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19332/hbw_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
058c448ef7bc5d59756ff2fb94c1dc10cbf6c8dd8d97468a9ec133cb0ce34329

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires
Thu, 08 Dec 2022 19:21:24 GMT
date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 19:30:36 GMT
server
nginx
etag
W/"638900dc-45658"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ Frame AAAE 		154 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19332/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
635df5b5bcde52cf3a1f8eeb0a8eabdbd0890e54c6045503492f1eef0034fffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
154
tracking
ghb.adtelligent.com/adunit/ Frame AAAE 		43 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11598&full_page_url=https%3A%2F%2Fwww.cutimes.com&adid=clxki5.jd&features=16416&vpbv=N104&lifecycle_tte=101
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19332/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
csyncs
ghb.hbmp.mediafuse.com/ 		649 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hbmp.mediafuse.com/csyncs?aid1=735395
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/19332/hbw_master_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1a0200f2f799c79a16e9c43694a958af8669beddf15f61cfe51a4c67e4a10efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
353
170
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/170
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/19332/hbw_master_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.168.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-168-64.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
b3f8db780e62f51e513454f4e7dc449a40b7ba61ae989283e133c11c65465b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
moatad.js
z.moatads.com/ptarmiganmediadcm677757797954/ Frame 587F 		306 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/ptarmiganmediadcm677757797954/moatad.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325244;dc_trk_aid=541622206;dc_trk_cid=180758759;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e2aec5a0a46826dc0155b487346625900deb7d411044e57199a3ef5c2e9164d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:26:34 GMT
server
AmazonS3
x-amz-request-id
X6QS4ZS56PGRNGVS
etag
"382714fd7bf4d46555c8fd4525d12b43"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=62361
accept-ranges
bytes
content-length
106718
x-amz-id-2
wCy8mzfbxsedZhe6wzLWJizKR4TrRw4qFl3C9o2ZkiuxLQqyxrVCNtmU2op1hd7HZ+h97kGaB6g=
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 587F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325244;dc_trk_aid=541622206;dc_trk_cid=180758759;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 07:06:25 GMT
getuid
eb2.3lift.com/ Frame 8255 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/19332/hbw_master_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 06 Dec 2022 19:21:24 GMT
981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame 850B 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/19332/hbw_master_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 06 Dec 2022 19:21:30 GMT
Server
nginx
Transfer-Encoding
chunked
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=39527f37-86ba-426e-b75f-d9605f936484
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=39527f37-86ba-426e-b75f-d9605f936484
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Server
Adtelligent
Etag
945a2df9d3b97b06
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=39527f37-86ba-426e-b75f-d9605f936484
date
Tue, 06 Dec 2022 19:21:24 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Dec 2022 19:21:24 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
moatad.js
z.moatads.com/ptarmiganmediadcm677757797954/ Frame 18F6 		306 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/ptarmiganmediadcm677757797954/moatad.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325247;dc_trk_aid=541622209;dc_trk_cid=180572344;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e2aec5a0a46826dc0155b487346625900deb7d411044e57199a3ef5c2e9164d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:26:34 GMT
server
AmazonS3
x-amz-request-id
X6QS4ZS56PGRNGVS
etag
"382714fd7bf4d46555c8fd4525d12b43"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=62361
accept-ranges
bytes
content-length
106718
x-amz-id-2
wCy8mzfbxsedZhe6wzLWJizKR4TrRw4qFl3C9o2ZkiuxLQqyxrVCNtmU2op1hd7HZ+h97kGaB6g=
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 18F6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.350325247;dc_trk_aid=541622209;dc_trk_cid=180572344;ord=1670354483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 07:06:25 GMT
config.json
player.adtelligent.com/exchange_rates/279934/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279934/config.json?cb=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
8b9364436595b69f56e6c07f180793a0f1a1a92580422c02852ebc5d85d8fa97

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 08 Dec 2022 19:21:24 GMT
date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 12:01:12 GMT
server
nginx
etag
W/"638ddd88-21fe"
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=172800
x-proxy-cache
HIT
hadronid
id.hadron.ad.gt/api/v1/ 		54 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/hadronid
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.137.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-137-203.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d0460b016fa470f9548aceaa335c01cd1fe68052a3abd44cb642ac299fe5b7e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
origin-trial
server
nginx/1.20.0
content-type
text/javascript; charset=UTF-8
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cutimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cutimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		699 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2490887441490015&correlator=3623588077546628&eid=31070945%2C31071150&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1969790685&sfv=1-0-40&ists=1&prev_scp=position%3Dinterstitial%26hb_rfBid%3D0&eri=1&cust_params=page_number%3D1%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&sc=1&cookie_enabled=1&abxe=1&dt=1670354484141&lmt=1670354484&dlt=1670354483356&idt=710&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&frm=20&vis=1&psz=1600x4924&msz=1600x0&fws=0&ohw=0&ga_vid=1695547754.1670354484&ga_sid=1670354484&ga_hid=951012126&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26129af78a0c5058ed93afabffc97e6f0b7d34bd80c8c6d9199736cc261ee55e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e7c2159e96b923b6b7cb187a0e4ff5ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 41F7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e7c2159e96b923b6b7cb187a0e4ff5ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 19:21:24 GMT
expires
Wed, 06 Dec 2023 19:21:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A38F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
258122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 19:39:22 GMT
expires
Sun, 03 Dec 2023 19:39:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BC00 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dianomi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
258122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 19:39:22 GMT
expires
Sun, 03 Dec 2023 19:39:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ Frame 587F 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=PTARMIGANMEDIA1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.cutimes.com&lp=https%3A%2F%2Fwww.cutimes.com&t=1670354484209&de=436953649397&m=0&ar=67fa5e2a4e8-clean&iw=8910d4f&q=2&cb=0&ym=0&cu=1670354484209&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=27452628%3A1405503%3A350325244%3A180758759&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F&id=0&ii=3&bd=cutimes.com&bo=cutimes.com&zMoatOrigSlicer1=1405503&zMoatOrigSlicer2=350325244&gw=ptarmiganmediadcm677757797954&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A359&fs=201243&na=63675723&cs=0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:24 GMT
pixel.gif
px.moatads.com/ Frame 18F6 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=PTARMIGANMEDIA1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.cutimes.com&lp=https%3A%2F%2Fwww.cutimes.com&t=1670354484275&de=6680884383&m=0&ar=67fa5e2a4e8-clean&iw=8910d4f&q=2&cb=0&ym=0&cu=1670354484275&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=27452628%3A1405503%3A350325247%3A180572344&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F&id=0&ii=3&bd=cutimes.com&bo=cutimes.com&zMoatOrigSlicer1=1405503&zMoatOrigSlicer2=350325247&gw=ptarmiganmediadcm677757797954&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A368&fs=201243&na=1176017855&cs=0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:24 GMT
Ufe3LcCoyKoAADivRIsAAAAC.png
www.dianomi.com/img/uploads/ Frame 587F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1187874
cf-polished
origFmt=png, origSize=2126
content-disposition
inline; filename="Ufe3LcCoyKoAADivRIsAAAAC.webp"
content-length
1026
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Aug 2020 14:28:40 GMT
server
cloudflare
etag
"84e-5acc31eddb600"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
775762672c279b86-FRA
expires
Fri, 06 Jan 2023 05:21:24 GMT
pixel.gif
px.moatads.com/ Frame 18F6 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fwww.dianomi.com%2Fimg%2Fa%2Fsav2%2F280076%2F4%2F263x200.jpg&i=PTARMIGANMEDIA1&ol=2340456993&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-3gDfcs6wZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-PEJbAQUemUlCYg%3D%3D&sc=1&os=1-8Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1180&qe=300&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=177&w=220&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.cutimes.com&lp=https%3A%2F%2Fwww.cutimes.com&t=1670354484275&de=6680884383&cu=1670354484275&m=35&ar=67fa5e2a4e8-clean&iw=8910d4f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A368&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=25&cd=0&ah=25&am=0&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A3000sec%3Acumulative&cl=0&at=0&d=27452628%3A1405503%3A350325247%3A180572344&bd=cutimes.com&bo=cutimes.com&gw=ptarmiganmediadcm677757797954&zMoatOrigSlicer1=1405503&zMoatOrigSlicer2=350325247&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=201243&na=1881399517&cs=0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20221106142122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:24 GMT
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame A38F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 16:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Dec 2023 16:15:47 GMT
0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
pagead2.googlesyndication.com/bg/ Frame BC00 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 16:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Dec 2023 16:15:47 GMT
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=3696989970439279498&pixelIndex=0
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3696989970439279498&pixelIndex=0&google_gid=CAESECcOhDylGQ5HhdOWPTrXppk&google_cver=1
0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3696989970439279498&pixelIndex=0&google_gid=CAESECcOhDylGQ5HhdOWPTrXppk&google_cver=1
Protocol
HTTP/1.1
Server
18.207.9.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-9-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=3696989970439279498&pixelIndex=0&google_gid=CAESECcOhDylGQ5HhdOWPTrXppk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
348
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
423396.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/423396.gif?partner_uid=3696989970439279498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
77576269fe395b38-FRA
content-length
15
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
775762690ce95b38-FRA
date
Tue, 06 Dec 2022 19:21:24 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Access-Control-Request-Headers
x-powered-by
Express
gen_204
pagead2.googlesyndication.com/pagead/ Frame A38F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwhvnM5aPY6TiOsCn9u8PtcuqgA0AAAAAOAHgBAI&bg=!SEulSw_NAAa7eOFIm3g7ACkAdvg8Wh09jP945odmb0mhsUEPPYgjGxYWt7G6Clzx3MXVdLObmgQ2SgIAAABnUgAAAAJoAQcKAG8H0nsyKlPxhJmKPKoCTOuxPjfrS_VrHyEim9Qzk249G3aEfxA3yIp_D7enJbd8YRyn5d285rIdlJ6k_Lq_PpBEnRrnN5kjS6ybBDYqhk7ELL8uJSdOeMM7SZBbZ-vKuy1ckNA0KMebXO0uTri6a_qZAsL0U8KID6xRLPZHWiIlnS58iDTgLGbFB7fH7q43OrMuamsFAIIPqQgwKcLQ-fGCHYSbsgWI20U6LqDfv_kKkp078-2QN7fHDFwuaB4bR8zJpUpMKpVsh2iF33qz8hQ_ctSOUNYUfbC_JBVdxp4zFOddMpjy_kDi93f0UxZvdH2nv8ufM0plcFKbuL3bFiyaM5YJChNGsjDZI3BYRWt0WC0npgcfYdiAeLC-D5JeJuxbglMlMPphsVDchTFZKzi4hV2uHN0MQ_gt49fTAsy-7U0lZz_OZmOzEGG_2HN53LWh14QbnMmEGFuZ9N6dZXiAIrYbZgsm-FpaeUa14zI2DO-kY25NQ7qQYFXUuGxZDbVgqwZN0o8GDvKhyXL95r2prC-7-JcqBVQ6u5-qT2qb0ud3-MIGFjC1ZkiWjquT2m4ShrrYLAzPCcxJGr9Sa5LE3eebOTG90P2CJHhG29TSFnwF9feCksvnvGk5PCPgypO7yWbzjr8xJN6mTt1PUrl2Nudc-e0rPvR5bqN0x_5lINtfghrRercYAxoznChs-E8uqFHftuD2E2zfam-ip-_la3bmPZmKgamlaJaIQwE-f8TiQLKL3dfztHmqUBswIxbCd_AV5HhwKOPeciTslyaEEOCaqyCIDKTppQjdP-TnR5QhOUb4iiyVVE1XWogPoVeiAGl9X46BgvBRouXEAekf4w5gI71ws4J-ZNUu_Lgrg6HaqK5t9iJ5ac5ZAd9p5hFgNDJLiew6u_Bkm7oa4Wln1maqCJkRH8jtsnWMPim3ccQ-AKAGHdRjBETpHYwY15e32oEJ9cEXnq4oe6nek7wNLEJ8FpJAR5rT89G5xIp2gWa6mWSlNM4lTaX8UqQbmBshVK5BuIDHr-Deq5ZDRVkOpjrggCSnBqtiGF6x9XkVk2sh04csanUV-V254WHmRZDJf064
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 06 Dec 2022 19:21:24 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 06 Dec 2022 19:21:24 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
fastlane.json
fastlane.rubiconproject.com/a/api/ 		320 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=42a23f4c-0026-4ed2-b9c3-d3b64fd1c87c&l_pb_bid_id=22889c458be852&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&slots=1&rand=0.43620688857399137
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ab1a01747da3dff12b79842975ab0a55b57c3282cbd6aa745fc85360b11d4f74

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
320
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		320 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=59bbcaa8-06ee-4a1d-aa50-32491028b5ac&l_pb_bid_id=3c3163c200a49e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&slots=1&rand=0.20898309995468622
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
96fa004371f80e133e309973be5aff14fd7b90c8584a1cb8698ba3883080fc6b

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
320
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		318 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=9de8169c-48e3-459f-82e5-4bc1e70f302f&l_pb_bid_id=42c3e0d8f43001&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&slots=1&rand=0.41689576973505393
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a97d847216fd3153b09be365a71b2e687ae1e690ffbf7cb073dc5d2812ddcf6b

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
318
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		318 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=e7556e20-bfeb-41aa-860a-cb7833e3a444&l_pb_bid_id=55ca6af671dd2a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&slots=1&rand=0.6942651190278244
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e6856d751a5184a4f7b59c3da785847bac06536e0f257d70cde02786740c7ee2

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
318
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		298 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=15&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=a662cd5b-9e6a-4784-8dbd-777fcd2decc7&l_pb_bid_id=617f60acedd20f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&slots=1&rand=0.4666242210482159
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
250f5eb273c0afc046c1ed5ffde3d86f1ab2d75c757295b898867e664e3bc8d1

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
298
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		320 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=2ea46aff-df8f-46c5-a91e-b725d47adf5d&l_pb_bid_id=8772a9d3f7db5d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&slots=1&rand=0.008481924475807201
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7cdf5177d092b5e8a0f4b2dd5b7d3d448a9da12ee5eb5efb06243b24bc8e53f7

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
320
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		342 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=251&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=4763de48-27d0-411e-bb52-8ffb84b2b4c1&l_pb_bid_id=1043e01298fa072&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&slots=1&rand=0.34504827653241144
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a8ed4afa05e064f02462a54051b847f9afa46468729ad84ca7eac8f6bd16acf8

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
342
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		342 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=251&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=0441c607-f073-4ffd-a717-54f1e957ad59&l_pb_bid_id=1138d19e070c358&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&slots=1&rand=0.6133979295723488
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5a4f704b9762a119d4a0137ffac556d77e6085e17f4c6701e32301fdcac35ccb

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
342
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		342 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=251&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=d2c01f88-9288-4371-9202-ce6d5b2cfd34&l_pb_bid_id=12956159dca1d1a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome%23gpt-ii_logo&slots=1&rand=0.09851096403657622
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6e5b604d0483c78f8fd9894af917cbbee660cf51af0b9394225fe26745499c46

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
342
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
c
prebid.a-mo.net/a/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
34
server
envoy
vary
origin, Accept-Encoding
/
ghb.adtelligent.com/v2/auction/ 		1 KB
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b570c3b3558eb89307b8cfb86d39962bff748ffecf95e53e1edb7b6f5aa0e2db

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
256
/
ghb1.adtelligent.com/v2/auction/ 		1 KB
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2ec2bd53981fb043c399790767183bf5a3969c5afee460db8b218607388beb8a

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
258
/
ghb2.adtelligent.com/v2/auction/ 		1 KB
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1a3a36aa3e8425f200fd34b48b8d7faf6e054470c0092ff8abf9fd40ac317881

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
256
/
ghb.adtelligent.com/v2/auction/ 		303 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
aaf9d96e6f54c43bbdce127bd62c00e247238ec6a8c6d2cb9b90d5064acef863

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 19:21:23 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
159
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.cutimes.com
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
adreq
ads.servenobid.com/ 		87 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9572
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
54e5acdc51a068584faa75fea5baf90aba97613c7e5b51e0608bbbead94fa2a0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-d&cb=52971330303
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pb
ad.360yield.com/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.72.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-72-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO2I9ST
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ba913f22ef682e1da8b469f9bef16c82bc4db09f1f36264bce4a78464d854dac

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 06 Dec 2022 19:21:24 GMT
/
colossusssp.com/ 		2 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.77.87.217 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.cutimes.com
Date
Tue, 06 Dec 2022 19:21:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
372fb07385f14e937cbea19de0fe1ae89e1fba9732b1f7770b21236d64aafad8

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
060bd085ffc05ef3ef202d99d1f8b41ee48da606b86043d38e79736ace285fd0

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
48e65e2b0bf8cd3e0ae13a821c8fbe67a9d22009cd0a775c81239a4a5ab9919b

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
35d294c38e9ec4791367b82eecb77c64d0a05523b4cdf8b7e300bcf98b91ed4a

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ea060a8aa19b8d86db10c25560ecb9c3692eadac28b9f3d1585583aa25fe75db

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f0debc15ab61937e4c69eb6fa0390a8b9f7a5277cf889273597dcb1e49e60070

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7bbe1ed5fff1b2c2891c4abcea7261e3ace473d4b1794a02ed521ee83a953f6e

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
42ac66cf90e9b9b3eae542ddc4b179091395140f6f36dd06f2a7bd3173d31f85

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
88db7f0af9544615b58cf7dc5a041d8194c35dd3a4660e4a674b7f4c260b51ff

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cff7019a5c4306da2f0038094ec5c8298f788e614df2e05951e1e0e0df8cb0ed

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
143809da7f198b9a8d4ee5b0a003a888cff4d96e489bd31c15dc2f86fd0aa446

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
24d0d36a31643696c19cda3a1828b4fa3e8c8a8d5004eac74e2f0c77396362ba

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f2dc094e05f45498bc0bcb295c68c66eaa11268877346a54381c4ea793613dc0

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
79f8fdd38fd9469e02ea82ee46acc5ce1f634022b94a06e38c5d25b60eadfbad

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3c610038793860ddc805efe8e395d5eeb2c8b6aa9d459ff7d44693663c151b4f

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
205940b946b81abf2db3be326ca2ad00f569df2d38fe27f3eb1d5585c0e0ae18

Request headers

Referer
https://www.cutimes.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ 		50 B
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:24 GMT
AN-X-Request-Uuid
4f3ab01e-b981-4307-96fc-71b4efd9ff88
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cutimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
config.json
player.adtelligent.com/exchange_rates/307824/ Frame AAAE 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.cutimes.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
ce7fb2d22faa2608b32022842c0610c0e0ede1dca6a0bc387e3cbd7ff5a11dc9

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 08 Dec 2022 19:21:24 GMT
date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 12:01:18 GMT
server
nginx
etag
W/"638ddd8e-84c"
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
max-age=172800
x-proxy-cache
HIT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC00 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BScCcM5aPY7_gOo-_9u8PgNCb-AMAAAAAOAHgBAI&bg=!Y2ClYCTNAAa7eOFIm3g7ACkAdvg8WjKqSkhp4xqusvD6MqMEIjHr5eZrOND2rMxVq5g0qZSibrKaQwIAAABsUgAAAAJoAQeZAsJK6txhmSt8G3VeygZ6s-CXs9R3q78IBeReGOh6PQSbTD42--bg8aV0c9GHHrYQx2ibTjLD7MfnteI5ypidD0O72vaXT8fUw3EIctTpY761QR7sMk80lsoQGntF-quYthyqN1CLKvdfKsdwD5xn7KzondrqPif5G9RmWzXJZs0klZKLK6F5kCJkzI58DlVa89PBtzJXOSmDOxFao-mns8chHUeUypQt_1eKWRUnF70Q7I-2_jxQ4PE2G25D6_iLTgFMJ1L3xDLu8WeA6oEIzkTLrfvV2fVYroHjb5m92SmODGhh-FHaE-f06e21mpSzdG3PykI1BdtvIW77DG4FjXz1n1QKKJVrPwVMXdD9sheGOOU_TC7iuYT7R43F72oG1r-wcaQ_Lf0B8e09Uzu9iHeGIQ2qikCGW5uxfpLhtsM3nBLxmPJ3mY0xkOVdQrIb-nHrFjrjdNgZu0OMoyy735OzZNdIvy3TGFXSwa0DNS-yJciE7Y1i4ryZxJDeFvv7hVbohwpXZ-64wzKvCTRqG1PrC5uvBkO5x_Ak1mg2ZEs6RvsPLPOTNX06Q3JNasYCrCHMdXlBptxyIBYhfQ9W1pLpiLZrgbqLQOmFG88ZKl7HnSBdKdEHc2u2FRs871PZFHfl6MMgwsLFE5DhnFNuAmM0HrJDWxKmBB1Ynnjc5qC6IXTTtJfCVEAr3XnQzqs5q5bRnZnzJ4SuTJxgp8Nua10WlRQPWkZ9GNQpmdcnG2_bRoI58YqNH6GXhnHwyL8tx8z4X7W6E-ExNogxBPz3M5CrV1Ccne2hEGAh0PuQx2I9hfJ4AZiUQMdkFpIiZ_lVyyg5mtmtLpvsyfW5gGoE6ztPyHoz1v3s9W60l88fs51DrDKOdFrTwWuciyoBTwZ83xZKVQMZttVyrPCLoEiAjvQJHwK_C4EwdJcRkouxoTiaFGU2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
invisible.js
www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame B907 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670342400
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f69ff11015e4856996b05a86d74c2d8dd1683da35c90070148669347dcdafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
77576269cb2b5b4a-FRA
css
fonts.googleapis.com/ 		8 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 18:59:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 19:21:24 GMT
i.gif
collect.tealiumiq.com/alm/main/2/ 		43 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/alm/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.78.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-78-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarybEIlTAdBwUKiuyDL

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
x-serverid
uconnect_i-057154615bdef54ea
x-tid
0184e8e2ba060067c6e0febf45c003073003006b00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
alm:main:2:datacloud
x-region
eu-central-1
content-length
43
pragma
no-cache
x-did
0184e8e2ba060067c6e0febf45c003073003006b00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://www.cutimes.com
x-ulver
cf3f1085ffdb019d2f47243544d6f9ed56d97859-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
1fe8ef22-d836-4762-83f3-1ec8ed1e4bc2
expires
Tue, 06 Dec 2022 19:21:24 GMT
utag.26.js
tags.tiqcdn.com/utag/alm/main/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202103192340
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5a02d8eef54e76a16a95b2325079d0f55222cecc927a60bac1de8e2a8c0257af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 23:40:46 GMT
server
AkamaiNetStorage
etag
"7c0950e22ed37b8b60ace798f4912a07:1616197246.557629"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1525
expires
Wed, 21 Dec 2022 19:21:24 GMT
utag.78.js
tags.tiqcdn.com/utag/alm/main/prod/ 		112 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.39.202211180052
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
953378c3a6adf6b2e8340d7ea38cb1069282349b8467c413f2de5b858d166989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Fri, 18 Nov 2022 00:52:58 GMT
server
AkamaiNetStorage
etag
"6b52f2893a23617b77493f0ace1842e4:1668732778.700683"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
35477
expires
Wed, 21 Dec 2022 19:21:24 GMT
utag.32.js
tags.tiqcdn.com/utag/alm/main/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.32.js?utv=ut4.39.201909121652
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Mon, 22 Jun 2020 21:26:56 GMT
server
AkamaiNetStorage
etag
"fb390697366796015697c0162fac7588:1592861216.366485"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1448
expires
Wed, 21 Dec 2022 19:21:24 GMT
utag.91.js
tags.tiqcdn.com/utag/alm/main/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.91.js?utv=ut4.39.202208181401
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e519ea662b559b4c301f3ffb2f2dbb1cb30af7d6eb1cce60609d7cb452d29ee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 14:01:27 GMT
server
AkamaiNetStorage
etag
"4080df2441861c3c035d96600f8bf671:1660831287.190465"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1910
expires
Wed, 21 Dec 2022 19:21:24 GMT
utag.110.js
tags.tiqcdn.com/utag/alm/main/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.39.202107302124
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f82e15fdbadb6dc7d6e03118beba7d22a955bf05cd5fe8731c79c19d733549ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Fri, 30 Jul 2021 21:24:26 GMT
server
AkamaiNetStorage
etag
"50802a806f0086c287d5df0c82065a18:1627680266.616143"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3847
expires
Wed, 21 Dec 2022 19:21:24 GMT
utag.112.js
tags.tiqcdn.com/utag/alm/main/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.39.202208041434
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Tue, 19 May 2020 21:59:32 GMT
server
AkamaiNetStorage
etag
"237667acf6557ccb2652f9af3e9f82a8:1589925572.725309"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1014
expires
Wed, 21 Dec 2022 19:21:24 GMT
utag.114.js
tags.tiqcdn.com/utag/alm/main/prod/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.114.js?utv=ut4.39.202208181401
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7c33029605ca2f52ecb49d4b29699d8e255ee39ceecc37c966135903f8020ecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 14:01:25 GMT
server
AkamaiNetStorage
etag
"a974e4a8d2c8a797b1ffd938437451fc:1660831285.928903"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
6413
expires
Wed, 21 Dec 2022 19:21:24 GMT
utag.97.js
tags.tiqcdn.com/utag/alm/main/prod/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.39.202211082312
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0dd0e08da52ae11bab72e650693967d5d480e471c5cd555b5c74dfa145a2215b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Tue, 08 Nov 2022 23:12:43 GMT
server
AkamaiNetStorage
etag
"971f04b006cc919908469e2f3227ef37:1667949163.457898"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2567
expires
Wed, 21 Dec 2022 19:21:24 GMT
utag.127.js
tags.tiqcdn.com/utag/alm/main/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.127.js?utv=ut4.39.202209142209
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bb8efee9807c0bc0f5f1f9e550d07ef797eaf6dab36eeee50df57e3ece7802bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 22:09:52 GMT
server
AkamaiNetStorage
etag
"1cebcabe3bf89e46a8b846418752ce92:1663193392.310285"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1041
expires
Wed, 21 Dec 2022 19:21:24 GMT
all.json
www.cutimes.com//paging/content/ 		98 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com//paging/content/all.json?id=33&limit=100&start=20
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa22f9e4fb7c6d8abfe37409762783be473085c6a3d0569b83247c2fb343487c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cutimes.com/?slreturn=20221106142122
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
accept-encoding
x-cache
MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
backend
templates_newlaw_director
x-frame-options
SAMEORIGIN
cf-ray
7757626acc9a5b4a-FRA
x-vnode
21
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c351c727c43ad177f447e163aec13efb047561dd27772f84f47d4d5af3602ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11254
x-xss-protection
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://p.safeservingcdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://p.safeservingcdn.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 06 Dec 2022 19:21:24 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://p.safeservingcdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://p.safeservingcdn.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 06 Dec 2022 19:21:24 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/ Frame AAAE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
38872411e9e4975d41dcef61ffd939c7a495066faa3356ef59a4a70861928d1f

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
prebid-request
onetag-sys.com/ Frame AAAE 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/ Frame AAAE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
0b1ce881aafd5f98953dbb162ae014830de92ce169b314671626363bb5336d8c

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1193
expires
0
prebid-request
onetag-sys.com/ Frame AAAE 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/ Frame AAAE 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ Frame AAAE 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
rtb.adxpremium.services/openrtb2/ Frame AAAE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
5f1074dfdcde393b2160dd92f5863c21b0bbee2ded00740b4b11fdedc6977004

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
cdb
bidder.criteo.com/ Frame AAAE 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.3&cb=79889027446
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://p.safeservingcdn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
cdb
bidder.criteo.com/ Frame AAAE 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.3&cb=64624275542
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://p.safeservingcdn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame AAAE 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid-request
onetag-sys.com/ Frame AAAE 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/ Frame AAAE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
5575caac2d65de99fe9046dbd7a51d6f893b54d2ccc892848ac3edc13b96376d

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
/
geoip.alm.com/json/ 		185 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.alm.com/json/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.226.85.63 Newport, United States, ASN16524 (METTEL, US),
Reverse DNS
Software
/
Resource Hash
074bafec19ce38a9ce5d5bbd94e485114c60701152574158786f20a04e920999

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.cutimes.com
Date
Tue, 06 Dec 2022 19:21:25 GMT
Access-Control-Allow-Credentials
true
X-Database-Date
Sat, 03 Dec 2022 09:05:02 GMT
Content-Length
185
Vary
Origin
Content-Type
application/json
lawsuit-settlement-with-cash-e1606171148963.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/11/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2020/11/lawsuit-settlement-with-cash-e1606171148963.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b63138edd77117b49742f555a9698da7b66b3b08d2fb9cbe46fe0108ae808a4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
cf-cache-status
HIT
age
200
cf-polished
qual=85, origFmt=jpeg, origSize=63697
x-cache
HIT 4
backend
contribsreimg_prod_director
content-disposition
inline; filename="lawsuit-settlement-with-cash-e1606171148963.webp"
content-length
56286
cf-bgj
imgq:85,h2pri
last-modified
Mon, 23 Nov 2020 22:39:59 GMT
server
cloudflare
etag
"ec3d02-f8d1-5b4cddfcda9c1"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626b6d785b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:25 GMT
Economic-recession-prediction-e1670009397757.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2022/12/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2022/12/Economic-recession-prediction-e1670009397757.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6dbff582bc425bc9c919ce3575fec9ee4e4a558acae8ea84f86a88c5ed0034e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
cf-cache-status
HIT
age
99
cf-polished
qual=85, origFmt=jpeg, origSize=46877
x-cache
MISS
backend
contribsreimg_prod_director
content-disposition
inline; filename="Economic-recession-prediction-e1670009397757.webp"
content-length
37746
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Dec 2022 19:29:57 GMT
server
cloudflare
etag
"9b1ed3-b71d-5eedd5ceec9d2"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626b6d7a5b4a-FRA
x-vnode
27
expires
Tue, 06 Dec 2022 23:21:25 GMT
NCUA-Headquarters-e1558630794809.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/05/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2019/05/NCUA-Headquarters-e1558630794809.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ffb99c499373e9dd3040b8fe5f7bbc542798d48924ceb0ffeb6b2ad83496d0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
cf-cache-status
HIT
age
99
cf-polished
qual=85, origFmt=jpeg, origSize=123679
x-cache
HIT 16
backend
contribsreimg_prod_director
content-disposition
inline; filename="NCUA-Headquarters-e1558630794809.webp"
content-length
108014
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 May 2019 16:59:54 GMT
server
cloudflare
etag
"639ae1-1e31f-5899102d24858"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626b6d7b5b4a-FRA
x-vnode
27
expires
Tue, 06 Dec 2022 23:21:25 GMT
nav-icon-sign-in-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		236 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
cf-cache-status
HIT
age
4984
cf-polished
origFmt=png, origSize=3131
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-sign-in-white.webp"
content-length
236
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"3131-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7757626b6d7d5b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:25 GMT
arrow-open.png
www.cutimes.com/assets/master-template/images/market-images/ 		134 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/arrow-open.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
cf-cache-status
HIT
age
4984
cf-polished
origFmt=png, origSize=2986
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="arrow-open.webp"
content-length
134
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"2986-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7757626b6d805b4a-FRA
x-vnode
27
expires
Tue, 06 Dec 2022 23:21:25 GMT
Treasury_Building_Wash_ScarcellaALM_640x640-e1657716440264.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2022/07/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2022/07/Treasury_Building_Wash_ScarcellaALM_640x640-e1657716440264.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a7dbc9a0ba12522d0ad41b15543262e5710e3a6c20d7a4ebe468550ca8963a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
99
cf-polished
degrade=85, origSize=14720, status=webp_bigger
x-cache
MISS
backend
contribsreimg_prod_director
content-length
14431
cf-bgj
imgq:85,h2pri
last-modified
Wed, 13 Jul 2022 17:28:05 GMT
server
cloudflare
etag
"92a980-3980-5e3b31b997423"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626b6d815b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:25 GMT
CFPB-Headquarters-e1564418572862.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/07/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2019/07/CFPB-Headquarters-e1564418572862.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9331f2513aab5788f7e96941dacda000079fc20776fbc724f79b5e8b4a36ea80
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
99
cf-polished
origSize=16762, status=webp_bigger
x-cache
MISS
backend
contribsreimg_prod_director
content-length
15737
cf-bgj
imgq:85,h2pri
last-modified
Mon, 29 Jul 2019 16:45:52 GMT
server
cloudflare
etag
"67d795-417a-58ed4a005aa63"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626b6d825b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:25 GMT
0184e8e2ba060067c6e0febf45c003073003006b00b08
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 		27 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-eu-central-1.tealiumiq.com/alm/main/0184e8e2ba060067c6e0febf45c003073003006b00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1670354485076
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.80.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-80-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-version
cf3f1085ffdb019d2f47243544d6f9ed56d97859-SNAPSHOT
date
Tue, 06 Dec 2022 19:21:25 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-region
eu-central-1
content-length
27
x-nodeid
i-0346d2d330681e752
content-type
application/javascript; charset=utf-8
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Tue, 06 Dec 2022 05:19:04 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1946
expires
Thu, 05 Dec 2024 19:21:25 GMT
tag.aspx
ml314.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?611
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 18:45:54 GMT
content-encoding
br
age
2131
x-guploader-uploadid
ADPycdvIMBcugAtvCdk0P7_2Vpa_2lJuAhAkRzxo7hXYmfB2oj1FKGo4dTBpA-_VcJM2ukACd6gQ_eyqR1bPCzDF_iV3iA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10479
last-modified
Tue, 09 Aug 2022 21:49:07 GMT
server
UploadServer
etag
W/"fe36d3317b1b052708eb2260e253aa63"
vary
Accept-Encoding
x-goog-generation
1660081747697868
x-goog-hash
crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type
application/javascript
cache-id
FRA-1209ea83
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32025
accept-ranges
none
js
www.googletagmanager.com/gtag/ 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-826604080
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.39.202107302124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19bfe122067c133aabfdf345844d9760f543241ea76be6a700830ec8364598c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52887
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Dec 2022 19:21:25 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.39.202211082312
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-hhn11536-HHN
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.114.js?utv=ut4.39.202208181401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Dec 2022 19:21:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
+hlZcYnyBO7A4uCsUplELfARa4DpHTSRO2npfyad8ONDNAeuodjxJ6H11ohpq2f2yxpryWLZyaTQJIS+6QpnMQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 16:15:31 GMT
x-content-type-options
nosniff
age
270354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 16:15:31 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:51:26 GMT
x-content-type-options
nosniff
age
88199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 18:51:26 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 16:15:31 GMT
x-content-type-options
nosniff
age
270354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 16:15:31 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 16:15:31 GMT
x-content-type-options
nosniff
age
270354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 16:15:31 GMT
s2575992207242
b.law.com/b/ss/almcut,almglobal/1/JS-1.6/ 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.law.com/b/ss/almcut,almglobal/1/JS-1.6/s2575992207242?AQB=1&ndh=1&pf=1&t=6%2F11%2F2022%2019%3A21%3A25%202%200&mid=90815545051666375521282178142757400785&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=cut%3Ahome&g=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&cc=USD&ch=cut%3Ahome&server=cut&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v24=cut&c30=home&v30=D%3Dc30&c40=20&c41=2%3A00pm&v41=D%3Dc41&c42=tuesday&v42=D%3Dc42&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 07 Dec 2022 19:21:25 GMT
server
jag
etag
3587058944237568000-4619380868649216565
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 05 Dec 2022 19:21:25 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202103192340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cf5fe2149d8b73f111851ba945205c53ef4cb07e26ac3f2873265491aefa9bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 17:37:51 GMT
content-encoding
gzip
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Wed, 30 Nov 2022 01:35:48 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
6214
etag
W/"6386b374-9343"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
YDUCDHCMAjcfEVZWmQRJrUZ_8NmNhV1vpVC157oBnMAPptshRQL4Ng==
expires
Tue, 06 Dec 2022 19:37:51 GMT
i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0184e8e2ba060067c6e0febf45c003073003006b00b08&tealium_account=alm&tealium_profile=main
  • https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0184e8e2ba060067c6e0febf45c003073003006b00b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEFhgMFeDvfzETG...
43 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0184e8e2ba060067c6e0febf45c003073003006b00b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEFhgMFeDvfzETGbQJhAFEqQ&google_cver=1
Protocol
H2
Server
18.158.78.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-78-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
x-serverid
uconnect_i-0157a2f7738a4be49
x-tid
0184e8e2ba060067c6e0febf45c003073003006b00b08
x-did
0184e8e2ba060067c6e0febf45c003073003006b00b08
vary
Origin
content-type
image/gif
x-acc
alm:main:2:vdata
x-ulver
cf3f1085ffdb019d2f47243544d6f9ed56d97859-SNAPSHOT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region
eu-central-1
content-length
43
x-uuid
7a0f8a1a-8846-41a0-89dc-36aa7e17f9d9
expires
Tue, 06 Dec 2022 19:21:25 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0184e8e2ba060067c6e0febf45c003073003006b00b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEFhgMFeDvfzETGbQJhAFEqQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
437
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.91.js?utv=ut4.39.202208181401
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 18:52:45 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=32755
accept-ranges
bytes
content-length
4581
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202212022258&cb=1670354485122
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
date
Tue, 06 Dec 2022 19:21:25 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Tue, 06 Dec 2022 19:31:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 19:21:25 GMT
career-growth-development-workers-ladders-e1659561053105.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2022/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2022/08/career-growth-development-workers-ladders-e1659561053105.jpeg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6dadfc410a92ce8759349c32db84dcefb3ef6fe692783b9467bd2be4ea24fce
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
MISS
x-cache
MISS
backend
contribsreimg_prod_director
content-length
7011
last-modified
Tue, 09 Aug 2022 13:08:36 GMT
server
cloudflare
etag
"953db7-1b63-5e5cea1566d9e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626c1e6b5b4a-FRA
x-vnode
27
expires
Tue, 06 Dec 2022 23:21:25 GMT
pica.js
www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame B907 		20 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a543c3589ff44ea84f04ce9a721d165f9a6a800af68ff790c4b22be6ceb595

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7757626c2e895b4a-FRA
adsct
t.co/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=976ac3dc-00ab-4bb6-bcac-54b519c34adc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=07ac2d8d-ec9f-4545-86f0-6f851c55f342&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-response-time
105
date
Tue, 06 Dec 2022 19:21:25 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
54876f2c571fdd2f
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
976b0e1e96368a10cf1f35708e92db98fbdbfa1238ca72f44418f0edcbfc2287
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=976ac3dc-00ab-4bb6-bcac-54b519c34adc&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=07ac2d8d-ec9f-4545-86f0-6f851c55f342&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-response-time
110
date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
25776ff0e8556ad9
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
f7fade2f840c4d6d6bfbd6a27c698bea3ce2862b16a7700fe8493c21f434a3bf
content-length
43
2429680573784973
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2429680573784973?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2b0e2c79bdf31859a820ae43a0ae45f070ede94ef71ccbbacf62390da344f9e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Dec 2022 19:21:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85975
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
hjY1YRlD1rH0DHLKsdcWv7o+C1tRZdhpv+E4p9w9fJw2DJfaTTveOaNs4FsQN8/SP2ZlqAyD6bEXQbsETbpJSg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Auto-Dealership-with-cars-e1652211710602.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2022/05/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2022/05/Auto-Dealership-with-cars-e1652211710602.jpeg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47f5833d3047d4d02398943ee979e02dbaac3746362d82d45d145c73b3054a38
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
99
cf-polished
origSize=12306, status=webp_bigger
x-cache
MISS
backend
contribsreimg_prod_director
content-length
11657
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 May 2022 20:41:19 GMT
server
cloudflare
etag
"90d830-3012-5deae58d81434"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626c7f045b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:25 GMT
court-document-files-e1559321417384.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2019/05/court-document-files-e1559321417384.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e1e291beaf294d9cb1171360aa22770a2baffb6d8f57033e877adc6b2bf471
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
99
cf-polished
qual=85, origFmt=jpeg, origSize=10559
x-cache
MISS
backend
contribsreimg_prod_director
content-disposition
inline; filename="court-document-files-e1559321417384.webp"
content-length
9126
cf-bgj
imgq:85,h2pri
last-modified
Fri, 31 May 2019 16:55:01 GMT
server
cloudflare
etag
"63ce78-293f-58a31e01700bb"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626c7f055b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:25 GMT
Tom-Smith-e1669740076483.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2022/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2022/11/Tom-Smith-e1669740076483.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7125314ffc01034121670e823432e83758771e0fa558fd2e6f51517f46359048
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
98
cf-polished
degrade=85, origSize=9211, status=webp_bigger
x-cache
MISS
backend
contribsreimg_prod_director
content-length
9110
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Nov 2022 20:07:47 GMT
server
cloudflare
etag
"9b1356-23fb-5eea18aad7004"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626c7f075b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:25 GMT
9nong-via-adobestock-women-gay-lgbtq-rainbow-1.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2022/11/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2022/11/9nong-via-adobestock-women-gay-lgbtq-rainbow-1.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a327999c740f960905786f3f1bbd295c1737a5e0d22b0fc46401229fc92b5bb4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
98
cf-polished
qual=85, origFmt=jpeg, origSize=9214
x-cache
MISS
backend
contribsreimg_prod_director
content-disposition
inline; filename="9nong-via-adobestock-women-gay-lgbtq-rainbow-1.webp"
content-length
8610
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Nov 2022 19:08:39 GMT
server
cloudflare
etag
"9b133f-23fe-5eea0b73280d3"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626c7f085b4a-FRA
x-vnode
21
expires
Tue, 06 Dec 2022 23:21:25 GMT
career-ladder-hires-jobs-e1531504575322.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2018/07/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2018/07/career-ladder-hires-jobs-e1531504575322.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95e4cb1c2b0266d715b7cf4f51828d5f74984dea2c81940959ed1f15c957ee55
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
98
cf-polished
degrade=85, origSize=9779, status=webp_bigger
x-cache
MISS
backend
contribsreimg_prod_director
content-length
9381
cf-bgj
imgq:85,h2pri
last-modified
Sat, 23 Feb 2019 00:56:46 GMT
server
cloudflare
etag
"5c4dc5-2633-582852e841896"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626c7f0c5b4a-FRA
x-vnode
145
expires
Tue, 06 Dec 2022 23:21:25 GMT
NCUA-Lobby-e1524163920903.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2018/04/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2018/04/NCUA-Lobby-e1524163920903.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d812a8cfbe966baad4a510499fedc9388e91c76d0928acb328fd8e26aa8e99c4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
98
cf-polished
origSize=8979, status=webp_bigger
x-cache
MISS
backend
contribsreimg_prod_director
content-length
8419
cf-bgj
imgq:85,h2pri
last-modified
Sat, 23 Feb 2019 01:11:29 GMT
server
cloudflare
etag
"5c4e29-2313-58285632fa4d4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626c9f4d5b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:25 GMT
economy-in-the-red-e1607449304336.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/12/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2020/12/economy-in-the-red-e1607449304336.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e5593706064d9cdcb7ea8d7c0d442ec6ff8b139a1969510b75e952ba22c711e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
98
cf-polished
origSize=13103, status=webp_bigger
x-cache
MISS
backend
contribsreimg_prod_director
content-length
12379
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Dec 2020 17:24:32 GMT
server
cloudflare
etag
"fa125b-332f-5b60b551bd36f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626caf685b4a-FRA
x-vnode
145
expires
Tue, 06 Dec 2022 23:21:25 GMT
Michele-Makley-e1669151481272.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2022/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2022/11/Michele-Makley-e1669151481272.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c99e67b330133a525ea963696049218d30e71a87898b0e0cfcbd375e7bf3c4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
98
cf-polished
degrade=85, origSize=8119, status=webp_bigger
x-cache
MISS
backend
contribsreimg_prod_director
content-length
8024
cf-bgj
imgq:85,h2pri
last-modified
Mon, 28 Nov 2022 18:03:41 GMT
server
cloudflare
etag
"9b0bee-1fb7-5ee8bb10818ef"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626caf6b5b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:25 GMT
conference-meeting-presentation-seminar-e1668628562263.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2022/11/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2022/11/conference-meeting-presentation-seminar-e1668628562263.jpeg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef4185237a9acba44f287eba76833fbf23d9a610d0077ce5aa3ddfe515890fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
98
cf-polished
qual=85, origFmt=jpeg, origSize=11876
x-cache
MISS
backend
contribsreimg_prod_director
content-disposition
inline; filename="conference-meeting-presentation-seminar-e1668628562263.webp"
content-length
11760
cf-bgj
imgq:85,h2pri
last-modified
Mon, 28 Nov 2022 15:10:58 GMT
server
cloudflare
etag
"9ab8b8-2e64-5ee89475517d8"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626caf6c5b4a-FRA
x-vnode
27
expires
Tue, 06 Dec 2022 23:21:25 GMT
technology-in-the-hands-of-bus-36413044-crop-600x338.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2020/04/technology-in-the-hands-of-bus-36413044-crop-600x338.jpg?profile=river-small
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957e335c2359da4163a0173266f5c0fa069831cd1a95c6d4699bb4546d94733c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status
HIT
age
98
cf-polished
origSize=11973, status=webp_bigger
x-cache
MISS
backend
contribsreimg_prod_director
content-length
11319
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Apr 2020 13:06:32 GMT
server
cloudflare
etag
"80dd59-2ec5-5a37c37e642b4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7757626cdfb95b4a-FRA
x-vnode
28
expires
Tue, 06 Dec 2022 23:21:25 GMT
token
cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/ 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:a600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:18:20 GMT
content-encoding
gzip
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
185
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
qlXiUV6oS-x426wUvGAWZsNRors4dJINFgGjVM3mA_ahJQb7GSKVrQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1670354485193&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1670354485193%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1670354485193&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1670354485193&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&liSync=true&e_ipv6=AQKYP8MxSmDaYwAAAYTo4sIaQ4MqZONY53I...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1670354485193&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&liSync=true&e_ipv6=AQKYP8MxSmDaYwAAAYTo4sIaQ4MqZONY53IDAwU2kkgATWXnNGWWSWrcSFIoOLUwVLXbM7T7
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2A69175D7C40441F99DE27BB1D681140 Ref B: FRAEDGE1407 Ref C: 2022-12-06T19:21:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvLbXJfSpMHwHKnPpKHw==

Redirect headers

date
Tue, 06 Dec 2022 19:21:25 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 319A91405D6E4E97A8FAC14736197AFE Ref B: FRAEDGE1317 Ref C: 2022-12-06T19:21:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1670354485193&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&liSync=true&e_ipv6=AQKYP8MxSmDaYwAAAYTo4sIaQ4MqZONY53IDAwU2kkgATWXnNGWWSWrcSFIoOLUwVLXbM7T7
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvLbXF1NwsoyV2r9r6YA==
token
cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:a600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
69889
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 05 Dec 2022 23:56:36 GMT
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-id
ekCutmujhBc8R4tEtLZZgVLOwN6KzD3zQf-ki3bUfe6bXdg7gsD_Zw==
x-amz-cf-pop
FRA56-P3
x-cache
Hit from cloudfront
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=cutimes.com&p=%2F&u=D8ALQPBAqLlhCXMQnT&d=cutimes.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7993&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2396&t=CCjfvYDR1sJyB7r25Yi2cloCaAt_G&V=137&i=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&tz=0&sn=1&sv=BKprecNS8s8DvCzGECitygfD3ZzPW&sd=1&im=067b2ef3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.176.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-176-242.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://p.safeservingcdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://p.safeservingcdn.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 06 Dec 2022 19:21:25 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
auction
rtb.adxpremium.services/openrtb2/ Frame AAAE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
5419e372f5194284b9f5eec961b8bffd64ca1f9f0e2c84b189c895f1622b6dcc

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
prebid-request
onetag-sys.com/ Frame AAAE 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/ Frame AAAE 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame AAAE 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.3&cb=11640391758
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://p.safeservingcdn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0ACA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 18:35:24 GMT
expires
Wed, 06 Dec 2023 18:35:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8E26 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
30e1ffdc3986321d60df2e89b68df5591141d86a1303e3959d2a6fef672cb3ca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mXWNSyuiQGSZAqTwGorstQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-mXWNSyuiQGSZAqTwGorstQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 19:21:25 GMT
expires
Tue, 06 Dec 2022 19:21:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
utsync.ashx
ml314.com/ 		62 B
81 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&pv=1670354485264_t2j6uahfz&bl=en-us&cb=4279136&return=&ht=&d=&dc=&si=1670354485264_t2j6uahfz&cid=&s=1600x1200&rp=&v=2.5.2.2
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?611
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:24 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
expires
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2429680573784973&ev=PageView&dl=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&rl=&if=false&ts=1670354485282&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1670354485280.1129471931&it=1670354485172&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Dec 2022 19:21:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/ Frame AAAE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
4a8eaae4b5cbf9ed519cfdd62455a8920033e91f750fb3a1893539f6569f33d0

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
prebid-request
onetag-sys.com/ Frame AAAE 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame AAAE 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.3&cb=89589453380
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://p.safeservingcdn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame AAAE 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.3&cb=74127653488
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://p.safeservingcdn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame AAAE 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.3&cb=96695872352
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://p.safeservingcdn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/?random=1670354485363&cv=11&fst=1670354485363&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tiba=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&auid=2058375720.1670354485&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-826604080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a8b496bb990a105762726d9277788bba4d214e4bbdca9af8261d799d998283a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
930
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
menu-close-btn.png
www.cutimes.com/assets/master-template/images/ 		268 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/menu-close-btn.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc76428cad5c36631113a653d30ef85dbcfe672934b13630f4fdd2c1f1403f58
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/?slreturn=20221106142122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
cf-cache-status
HIT
age
4328
cf-polished
origFmt=png, origSize=3321
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="menu-close-btn.webp"
content-length
268
last-modified
Thu, 17 Nov 2022 11:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"3321-1668685090000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7757626de99e5b4a-FRA
x-vnode
145
expires
Tue, 06 Dec 2022 23:21:25 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame AAAE 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:25 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
pagead2.googlesyndication.com/bg/ Frame 0ACA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 12:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 12:50:17 GMT
7757625fbbde5b4a
www.cutimes.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame B907 		2 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/cv/result/7757625fbbde5b4a
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670342400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
br
server
cloudflare
cf-ray
7757626f4ba05b4a-FRA
content-type
text/plain; charset=UTF-8
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1300&account_id=998701&title=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
5f372d607f5c433204c0c8792225c0d3e5543fb0e7717f1fb51ac663c990550b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
528
expires
Thu, 19 Nov 1981 08:52:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8E26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=2490887441490015&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cutimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cutimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/826604080/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/826604080/?random=1670354485363&cv=11&fst=1670353200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tiba=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1546673413&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/826604080/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/826604080/?random=1670354485363&cv=11&fst=1670353200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tiba=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1546673413&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		185 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2490887441490015&correlator=1540246566913554&eid=31070945%2C31071150&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%2C729x90%2C728x90%7C970x90%7C970x250%2C1400x320%7C1200x250%7C1200x600%2C2x2%2C2x2%2C2x2%2C1090x95%2C150x31%2C300x400%2C150x31%2C88x31%7C150x31&ifi=2&adks=2736157804%2C3900858016%2C4142453217%2C742170920%2C4082410414%2C2869253602%2C3900858017%2C4103338542%2C2845293689%2C2845293688%2C368509216%2C4000283948%2C3316484052%2C3343328048%2C3770076490%2C3321161185&sfv=1-0-40&prev_scp=position%3Dtop%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dtop1%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dmiddle%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dmiddle1%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dmiddle2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dfooter%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dtop2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dsuper_hero%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dnative_single1%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dnative_single2%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dnative_collection%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Des_pushdown%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Des_logo_pushdown%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Des_rr_module%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Des_logo_rr%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cposition%3Dii_logo%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=page_number%3D1%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&sc=1&cookie=ID%3Dad2dbe89cbc3199a%3AT%3D1670354484%3AS%3DALNI_MYyNkPejs00mVxMNndQSkt1Hb3oWQ&gpic=UID%3D00000b8ea1ad5950%3AT%3D1670354484%3ART%3D1670354484%3AS%3DALNI_MbCBVoJfEh4rs08DpNNHuwT23UuJw&abxe=1&dt=1670354485698&lmt=1670354485&dlt=1670354483356&idt=710&adxs=230%2C230%2C1090%2C1090%2C1090%2C0%2C230%2C100%2C210%2C210%2C1090%2C255%2C260%2C1090%2C1090%2C210&adys=623%2C3434%2C673%2C1102%2C4219%2C0%2C7980%2C0%2C895%2C1344%2C1082%2C603%2C603%2C673%2C673%2C3547&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C0%7C2%7C0%7C3%7C0%7C0%7C4%7C0%7C0%7C0%7C0%7C0%7C5&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&frm=20&vis=1&psz=1170x40%7C1170x40%7C300x0%7C300x0%7C300x0%7C1600x8237%7C1170x40%7C1600x0%7C840x2751%7C840x2751%7C300x0%7C1600x8237%7C1600x8237%7C300x0%7C300x0%7C1180x0&msz=1140x0%7C1140x0%7C300x0%7C300x0%7C300x0%7C1600x0%7C1140x0%7C1600x0%7C840x0%7C840x0%7C300x0%7C1600x0%7C1080x0%7C300x0%7C300x0%7C1180x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=1695547754.1670354484&ga_sid=1670354484&ga_hid=951012126&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30f11f38428bbc18c58a786b22c013e4571c0bfdf5cd9b025081d4ff77780379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22342
x-xss-protection
0
google-lineitem-id
6108598769,6159049915,6159049915,6141046553,5842957154,-2,6146877335,6101758007,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138405511493,138412945943,138412945796,138410157583,138386782051,-2,138410774699,138413816362,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0ACA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?b569sA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2429680573784973&ev=Microdata&dl=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&rl=&if=false&ts=1670354485784&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times%22%2C%22meta%3Adescription%22%3A%22Credit%20Union%20Times%20investment%20management%20topics%20are%20delivered%20with%20keen%20indusry%20insight%20and%20meant%20to%20inform%20today%27s%20investment%20professional%20%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times%22%2C%22og%3Asite_name%22%3A%22Credit%20Union%20Times%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F%22%2C%22og%3Aimage%22%3A%22%2F%2Fimages.cutimes.com%2Fmedia%2Fmaster-template%2Fsocial-share-logos%2Fsocial-share-cut-716x372.png%22%2C%22og%3Adescription%22%3A%22Credit%20Union%20Times%20investment%20management%20topics%20are%20delivered%20with%20keen%20indusry%20insight%20and%20meant%20to%20inform%20today%27s%20investment%20professional%20%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FWebSite%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1670354485280.1129471931&it=1670354485172&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Dec 2022 19:21:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
analytics
go.alm.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.alm.com/analytics?conly=true&visitor_id=21964343&visitor_id_sign=85c227473717345c70318d74d6273d57faed18ab90a45aa21b5f3dd0ac70e770914de10c5e2722f3b4f115ba7eaebb418d6bf9d0&pi_opt_in=&campaign_id=1300&account_id=998701&title=Credit%20Union%20Times%20|%20Accurate%20and%20Timely%20CU%20News%20|%20Credit%20Union%20Times&url=https://www.cutimes.com/?slreturn=20221106142122&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1300&account_id=998701&title=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:26 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D3F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvho9AJXZmBUpcCwOTJzHLBlRDR4FPlcQ-HuTrGoee3TxqEtSdqC43LpcH7ecVjgHlfw5s1jPR3V-qwtIELB9ETyYQLXHM6t9_gzFrFdf0mLR3y742MasM2dedDv87ha5uZsRzBcHMTU_A9JtBtk8oyiolJFpVzekojauSbBaCFvKvwm6kVKMCrLyPzOnaZ1bR3LPCtYPxOvEAhO8Bez8k0WeQ6hrRmZglds6Ga2whOrcPdZQQbchihL5fwe3DDhjXPgRqhGtMuEKBWpJ4hwciYlcKSah6zmxHz0Ud2bprlOiJ0yqpkAdQzZKIwCISor55aqHMtFIXu&sai=AMfl-YTnW8vMXPvUasceZ1uspEZs59hyU2TNIsscv33r5OO01rsVvOjhyvSkqzVx03GLJkc11VngxO5yWm07BJiAdKRHWNloJfz0tnad05Uo0ObYgtzpac2SlLXCwNVzvsUf3g&sig=Cg0ArKJSzBZAK35hw47yEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame D3F8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 12:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
25983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 12:08:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D3F8 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 19:21:26 GMT
moatad.js
z.moatads.com/almdfp680616975594/ Frame D3F8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d0b6d091e07dfbec0409f7146aa5aa76c6d31b20fc30f10af050e3a27c8a40aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:40:34 GMT
server
AmazonS3
x-amz-request-id
HA6X4J0AWHXM2DXT
etag
"f73ce6505751489aeb2b91e3f7f3c028"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=12644
accept-ranges
bytes
content-length
4444
x-amz-id-2
ot8MVVhLrHv4A2m/YGsLsBDL3ajZc4jyqDwv0SXqkHberkHzn313r13Ck3oJ9jle7bluc7QM2ao=
2672839923190528596
tpc.googlesyndication.com/simgad/ Frame D3F8 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2672839923190528596
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441c1c4013fd22e8068883eb581b2e07b083716ff5b96f1cfc121d5b8e4161ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51253
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 20:09:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Dec 2023 19:21:26 GMT
l
www.google.com/ads/measurement/ Frame D3F8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjsD19gwWxek3WJGDE8dPWGnQwuVDhiO64bB6Xkt0clAJrS6Aw3FdMHSh3gMC5fS0hqJGp
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
truncated
/ Frame D3F8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc78c44ab1084772b3a3dab80d154a8d22441bc97f9908460f409e0232ad82c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C5AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtgcwdp7DIkmBPSBcCz_npn-2ycSd1K9I7YvVzpaCuXSK73XggNgFcfHtBL4lSEXrAPIm82qJ7o_NGxPZ-VDBqnAtIr2sjd47jtU9uS3dkkVJLSDRIsO-FuyPqCR9l_lt4nV2omBvu4NULfmZ77I7vf-BNVit2-lIm8wivO1HExb8u0VvFn2GbIojyRW3zebZ5f6qs7zzCj3Ojs5m_tn2Q3wjhQvDPyejnosHANdRpmXiH-Niv6E2PJ0DR5_DaSKD_6Bf3aY-XRtOrN14deSNDpAM2DNYgKorWEepW6yDC0v6jVbWoNtiCihtXK5c7ylvF43NoiyH5&sai=AMfl-YQF05fzXdOm6zeLG3HR6SrCr3jmSyCzwMknnlpiM_9mrag-t5GkNl0O1hcgBdBnF9YNGv8r4WghxuaYKr6SKsRuldOkva-UXSkLsQdEh4TEW5Lzpd-6Aa0j1fXbkbuUMw&sig=Cg0ArKJSzHv9CIddHdMdEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame C5AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 12:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
25983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 12:08:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C5AD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 19:21:26 GMT
moatad.js
z.moatads.com/almdfp680616975594/ Frame C5AD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d0b6d091e07dfbec0409f7146aa5aa76c6d31b20fc30f10af050e3a27c8a40aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:40:34 GMT
server
AmazonS3
x-amz-request-id
HA6X4J0AWHXM2DXT
etag
"f73ce6505751489aeb2b91e3f7f3c028"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=12644
accept-ranges
bytes
content-length
4444
x-amz-id-2
ot8MVVhLrHv4A2m/YGsLsBDL3ajZc4jyqDwv0SXqkHberkHzn313r13Ck3oJ9jle7bluc7QM2ao=
7596665407973160363
tpc.googlesyndication.com/simgad/ Frame C5AD 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7596665407973160363
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44380ba195b6b884978cda6446f84189ef30d0c2edafd2de1565579e7f192dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 02:44:31 GMT
x-content-type-options
nosniff
age
146215
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23114
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 22:14:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Dec 2023 02:44:31 GMT
l
www.google.com/ads/measurement/ Frame C5AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-5VYKKDIH8QBwZXz0nmUEhSWdoblVOx_AErRh-sxxzzuCZmwONQnjyBRX0tgIzXIh0GEb
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 2826 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspjzVBqWPWcHtoCJIt_dsxZEi0PoJzny3DkNSRqOQRN1bJdJyw218TeE6WtPTQLS9LgyDh4WqUEI2efX3KDuVn-lA0iW7ldZuzDbpoaNzFVCN7CtwWFYN9EmBnXaZUUcuVrMGaq5v_EgyIAt3bk5bjo6V6-d1khbfgGNEkMWPlHZA18hg_rkStF0wAzpASf4qAunce2wccoLJeT1jur_0q_iZMq2YNyO1lLnEnntIvoPvJ1aA2AiwX5XiMIPWsOeq5Ce2Smsri-c41zODkiO9wg6rPIps3I6Gc-udLJ-ZtDksQRe5llbKr8TmMTEMZWCjG2Y9rmq0&sai=AMfl-YSR5XzIzXRFIfGxd4XueNEOf7LyH5x47v18dqZ1xgzDEPQMNDYr81qYBTvxeTY0zJhbXZQ_7jLnF4n81QugKWpEqNRVw5sO-3lTjlCDbzN97qudtYCWLrYE0Y6PlqI3aA&sig=Cg0ArKJSzFiqYiRMhvm9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
index.js
cdn1.opstag.com/14472/ Frame 2826 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98e541338a36c2e497153f49814cc78cdc1e05f68ae0c5444f94e2fce799e3a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:20:37 GMT
content-encoding
gzip
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:48:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
50
etag
"b118f8f65f63587c9a3ab59374bfc8c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
4968
x-amz-cf-id
7CyVVWCZohFUeHcTyyFeaLyf1c2DLQIPKG6vl53Z9vny4GusThUDhg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2826 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 19:21:26 GMT
moatad.js
z.moatads.com/almdfp680616975594/ Frame 2826 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d0b6d091e07dfbec0409f7146aa5aa76c6d31b20fc30f10af050e3a27c8a40aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:40:34 GMT
server
AmazonS3
x-amz-request-id
HA6X4J0AWHXM2DXT
etag
"f73ce6505751489aeb2b91e3f7f3c028"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=12644
accept-ranges
bytes
content-length
4444
x-amz-id-2
ot8MVVhLrHv4A2m/YGsLsBDL3ajZc4jyqDwv0SXqkHberkHzn313r13Ck3oJ9jle7bluc7QM2ao=
view
securepubads.g.doubleclick.net/pcs/ Frame 022F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr9V8f1iJwXBWKBpZYRGejCdmx4hnhgYycI4MiQoiLcBiNWO-x1niPfEp7teOtmNSJKghe4PJ83yhQVm_tYHJjGYAuZJM94vfQRc0EHs-mq_H-D5Q9j2CjVeas2Gz00K48RtXb0HoWGCyz0tQkOTXBdlo-EvzVzqsNIXt1dIR4etGp90G9BdEOymzWTyGlJTdesTmYdZeN9tyqTcn7wni0Bu3mnV-8CljyA4xHDJ5Bxv3Sil-UHbakYcwcKd4pomCl_lhuujWWNSVD7-gCx96Hrptp3eH_vW0xNY9UTh4KWGmeACbiyvBgfSfDrWtpi_Qcn8KvQ9tqgg&sai=AMfl-YQiUv08uBvDti3pSFgVvBS6aBSW9g6lWGzFZpl60VUepivoeP2WD6WhiLaLztZ0tYgTXkHaPISby3Zbf7KA0uNQ_N5VHwnppOerLrCAjhC4E6aweTcQvdV9_pvHWWiieA&sig=Cg0ArKJSzLxXI7iiANz3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ad
ads.adventive.com/ Frame 022F 		258 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adventive.com/ad?j&pid=d32c2b09-28ed-46f5-b582-022f0bd114fc&type=4&cb=596716790&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuLerk4dDGzhhzeeUeO9fBmVi5zbNE3KSGVL0z9mAVOGfuh_uheX6oTVKCVZfNyW_I8WWOh0vwSsWtdjkVK8-NDZjj9OnOaMh1OfYOXqwxgVuQM5n66IgtW-JndiTvqOXcqtC3C0ZViGtCnTSJjOEG305kQsTXHysreZJBhE-y3KjEMp2T2rdP7NxURn1Hzv3H9UnuIsnaXQoa09k8pWiS-FteQNGnP0zIdNxFJr3fuRcaUJ3Cy_R4iHVWDiFCVB3TO4ML6TE8evYc6mj3-5szOb0Kcrh0mwxie16CjKlVrDZa0_Ll2nhJuc2yNmno3SQpTZf_oMQ%2526sai%253DAMfl-YTp-udghNMsWrYTQLWu7lRowbGwF3SQfZWxHaaj5zJSM7KpOYLbNlgVSeGPlHUB0XdM4sb1mhTQRbnP_1R3I52fKGhAVt2MCE4i7T50KX1NK5CIeTa9CWEa2QbVpBg_tw%2526sig%253DCg0ArKJSzKDbjZup1cHdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=cutimes.com&gdpr=&addtl_consent=&line_item=6101758007&order_id=3076154121&advertiser_id=4969214788&creative_id=138413816362&oop=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bf2b51f389268c77f4b480820981271cc16b525820f73ecaa3a9455724a3fc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Tue, 06 Dec 2022 19:21:26 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-apo-via
origin,host
cf-ray
775762728fd89a41-FRA
timing-allow-origin
*
expires
Sat, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 022F 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 19:21:26 GMT
moatad.js
z.moatads.com/almdfp680616975594/ Frame 022F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d0b6d091e07dfbec0409f7146aa5aa76c6d31b20fc30f10af050e3a27c8a40aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:40:34 GMT
server
AmazonS3
x-amz-request-id
HA6X4J0AWHXM2DXT
etag
"f73ce6505751489aeb2b91e3f7f3c028"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=12644
accept-ranges
bytes
content-length
4444
x-amz-id-2
ot8MVVhLrHv4A2m/YGsLsBDL3ajZc4jyqDwv0SXqkHberkHzn313r13Ck3oJ9jle7bluc7QM2ao=
truncated
/ Frame C5AD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df0a636a4f218633b8b7c25c1f550854f32f7d9de4f70077fbd1c20bbc4316c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
prebid.js
cdn1.opstag.com/14472/ Frame C8AB 		315 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed0d5720f1d865f91b1fc22098d64fc0d2d30219eec369574e0b270d98133090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:20:37 GMT
content-encoding
gzip
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:48:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
49
etag
"298c5efc2cde85955f477455c5ff3c6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
98122
x-amz-cf-id
NGwpAKeun7GTuy65Jtmg142eAVXha3IkCUMTMGL1VeOIRV4ck_f75Q==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame C8AB 		201 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9e02f606f1a329fbb0ce608b5f6524a3b274236ca2bf93abbca1b6275fbed308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
last-modified
Mon, 31 Oct 2022 15:56:29 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=22706
accept-ranges
bytes
content-length
62867
expires
Wed, 07 Dec 2022 01:39:52 GMT
placement.js
cdn1.opstag.com/14472/ Frame C8AB 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/placement.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c4542394c7e1c53ab6422a3b43e3e21fa4f15e826578e75dad977f79626a50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:20:37 GMT
content-encoding
gzip
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:48:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
49
etag
"e55e7ac6d3869d64e3bc05e0244b2d3f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
9091
x-amz-cf-id
uksFOiKad_jaQKCfKmuETQxRy7mS6axC7lrBZKbhdMtTJWUx7rz4Kg==
ad
pubads.g.doubleclick.net/gampad/ Frame 2826
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
server
cafe
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame C8AB 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b28420d0edbaca1c9bdb0ecdf5856a094e48bc654c11331a5f7f3ecfd9dc39ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27550
x-xss-protection
0
server
sffe
etag
"1414 / 613 of 1000 / last-modified: 1670328320"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Dec 2022 19:21:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D3F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB1lI1ptrMe10-ngEd67u5M4LG5jtG7PI-M0Dhnr4BgcL-0HT80Syflm4JSyOVd0WIL1__y3ICmhl2OmrSRgbZgqulZ7HD-zWRD_1k-ReiafHcfqxYVttnQpKtb3NDuRqMNmKexw4A1XwKHfRS73GD5YkJKcx_NJI_CwhASHHm_AKOoTyHQWn5ajE7ZTgxJiAZFGp3qZjPUR0udRUkodMToOOQKCETvjrP10r6oJ9Nrrw5zpohCidFCR541iUEc0WpeEvFyTw02uqca7nElnA3jLpVavWlU-gv-H7PC0doVkDQbZBCPwWSyH6SJVEqOsJpcZzh0pf8Va0&sai=AMfl-YQOkOqa_I_aXE7lwCGTTzsRhuWfbw_aLP1qUZ_dFSbI5STpcOk6lLDpjykGBTmT2ktWPhpja-xThDw52zR3lXLLZtNN9YpCjoTWFYELUjKnb9X9HyalHkIjUBRCuvtKMQ&sig=Cg0ArKJSzG8n8DoYE1RlEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 19:21:26 GMT
moatcore.js
z.moatads.com/almdfp680616975594/ Frame D3F8 		321 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatcore.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almdfp680616975594/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90fada080962fe24413fe347a9bc90a7fe2d73ac6b43d452ee31634cd58a5474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:41:10 GMT
server
AmazonS3
x-amz-request-id
706CHHW0SZMD6ZYT
etag
"49ba9e67e1072e2d088b6736bad0994c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=11817
accept-ranges
bytes
content-length
112053
x-amz-id-2
qBvAmxi+3wfkmdmD3KMA8HzkMyo9Z6CTOD3RxA4AACnFQSp0eQ9dBgRooOOW4RxhCMc/iKYQDu4=
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=2490887441490015&bg=!jY6ljsrNAAa7eOFIm3g7ACkAdvg8Wt5nUcFsB29x9avraWE66sFRCfbbl27Kfei_pH4emsCzh1BcmwIAAABhUgAAAANoAQcKAI1dTHImuK3LZQf9-kGHGB2cooITUV4pILQzIlN2xBgGN09IcYqhAL9uL-XLNDHJLXMQctRIz4LP9iIWyu98SDJm_qQLz1DQ-D9p6xdng_K7PTlwm6wc81OXKW0PZdlBtPRdyMveUM_Jpz_TRz6ePnmHDRlLywwQnNyq2jenabF05R_srD6zWsfFXfdcn3KZArYrelGObnczuVo-0Np1pFGq4Y7iOZI0vs9DJGohxHKozibsTODevdXRqoNrQcqdaRAHAAqMXzgwZdS7nMIlbIwzSQKVJ40Weg5PTJUfSstsiM94_4B6ugI-3zCkqd7ExFX84XzEV05P9uN8wmv19wFdwAfndT4vMC9d_H9xrGCIhW9n7N39wTqewWn94cpDWwFcq7c_DHeSgSB1qOEifpAOJaku01vKarKDeYJa1XfA-YO2g-YwWzPdgeTc6Sw4TCa6U7WlarLxLv6mK0RIjYbBtAOQscwZrEW7FkqqyXe4RaUjkOQXxjWueM1nDDxv5rIQrR1MJUqRdM80UxEo6YB8zdF75uWv4IVFF0EbBYHX6AqpxfCm-dQjVB-F6rVR00_Ze5P461r2IP843Cm49_A2QTLRqn0KMPAjz4OXzoFuDB6a9CkE8mW709F0hd0iEaDUtpr4g3b_qRU-LrG2yFA6BeTs36BRhEUEuOVLCSKhAii9Az_6Ll3HJNOWv9ED1cMKBCibMB2p_pAgcsCwpDUuKDmG_OEnm66ciNQNiC9yE3qyRnfWu7feJ-MyWjAA7d-cXJoekEZrtV-LYsvH5WI3YhQ24Y5CZOdwHtOM25cnsACA_sjUdCwanSGF8P_RUKily6Bs4X7kaiEcxNpTeI3rkT3WMwGIjvg4D3T2q6BfyOhjK-5wviLtOFvLIlDbxhAC1vkz0sFVm498cf_ieJfEu1XK_-8sLN-Ed_YOs8IeE0YU-UOi36lPxGzLhpPE0czXxmUr2jKJ-2Gf7jxBEmc4ruVZPVpKMuIEwXr4Ejd1N7ItHjK4Uf4QW9-L7UtAMVt_oaG1q76K4GKmhHAe_v7Of_uwajwvpnQKy5qQSWfieqG-0EuxCRVW_cyeVPhR-U0siCCuLvhbwD9WhgLZ9suYJt5T3aQO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame C5AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEcNi-LOQ36hFnphwj-nPf_rr3J02KbKwgm3EWd6eL1ksNwIW_XFStReo4XpGgaPYSOB5flKNmWjC097OvujbNKLiAZ-AXlXuzS5d6MhL1i3jVENbLLSuCY1UB8WTkpWGGEvGtsmeCE5NuKIzWkKyY-q1quKPUPcNgF_zrCaHIDCTlJyFjlA0PhujA9311NIfD-0kXAGlixLmIVLR47VILor1XEHpFuD24lpfqr9DHV6o6Y9uQzncdfy7yeN2TP_r75M1dAhdV-6gmn3opFu35L5XyYt67Qb0eBHW7LUCZw7zvg0YAlo_mvI7M4SJJh2G6sV5R2FW44MA&sai=AMfl-YSgC9Qu0XDcd4R5mKVGBJ50zlB8WXfBamr8UpIPvx2cy0wwnhsbDEKA91duaMGru13OiQpjPr7oOjMZFk3egna7T2JBDilh1YiAH5ZObX1GYXAFj-HjjWuPorz0Nsd8Wg&sig=Cg0ArKJSzFTWQuCNFjebEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 19:21:26 GMT
moatcore.js
z.moatads.com/almdfp680616975594/ Frame C5AD 		321 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatcore.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almdfp680616975594/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90fada080962fe24413fe347a9bc90a7fe2d73ac6b43d452ee31634cd58a5474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:41:10 GMT
server
AmazonS3
x-amz-request-id
706CHHW0SZMD6ZYT
etag
"49ba9e67e1072e2d088b6736bad0994c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=11817
accept-ranges
bytes
content-length
112053
x-amz-id-2
qBvAmxi+3wfkmdmD3KMA8HzkMyo9Z6CTOD3RxA4AACnFQSp0eQ9dBgRooOOW4RxhCMc/iKYQDu4=
moatcore.js
z.moatads.com/almdfp680616975594/ Frame 2826 		321 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatcore.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almdfp680616975594/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90fada080962fe24413fe347a9bc90a7fe2d73ac6b43d452ee31634cd58a5474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:41:10 GMT
server
AmazonS3
x-amz-request-id
706CHHW0SZMD6ZYT
etag
"49ba9e67e1072e2d088b6736bad0994c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=11817
accept-ranges
bytes
content-length
112053
x-amz-id-2
qBvAmxi+3wfkmdmD3KMA8HzkMyo9Z6CTOD3RxA4AACnFQSp0eQ9dBgRooOOW4RxhCMc/iKYQDu4=
pixel.gif
px.moatads.com/ Frame 2826 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=ALMDFP1%3A21664827602%3A21683639053%3A-&de=318978151103&t=1670354486371&i=MOAT_FEATHER_DEBUG1&gw=almdfp680616975594&cm=10&f=0&bq=0&ar=67fa5e2a4e8-clean&iw=1535fb2&dMoatOQs=moatClientLevel1%3D5095087889%26moatClientLevel2%3D3110412442%26moatClientLevel3%3D6159049915%26moatClientLevel4%3D138412945796%26moatClientSlicer1%3D21664827602%26moatClientSlicer2%3D21683639053%26zMoatMData%3D1%26zMoatMSafety%3Dsafe%26zMoatPS%3Dmiddle%26zMoatMMV%3DdataAvailable%26zMoatMGV%3DdataAvailable%26zMoatTopic%3D%26refresh%3D1&fq=0&sy=0&gh=0&wb=0&g=0&na=1937099186&cs=0
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:26 GMT
truncated
/ Frame 2826 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e9db16b805120b8ca1c20e3e52abb90a5d0f40f7f0e98f9a621b180516210cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
tag.aspx
ml314.com/ Frame D3F8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?6112022
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almdfp680616975594/moatcore.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:13:47 GMT
content-encoding
br
age
459
x-guploader-uploadid
ADPycdtDtIAtOKRdDSsbGr4kNAy1UvEtNq7Y1S6rWmMfTl5kSStlMYYqbSTEbdOpFSbc8vXCREZjLHtLA-dpZSkfqAHx5TDuxyAt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10465
last-modified
Tue, 09 Aug 2022 21:49:07 GMT
server
UploadServer
etag
W/"fe36d3317b1b052708eb2260e253aa63"
vary
Accept-Encoding
x-goog-generation
1660081747697868
x-goog-hash
crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type
application/javascript
cache-id
FRA-fa985ced
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32025
accept-ranges
none
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1670354486373&de=861604665516&m=0&ar=67fa5e2a4e8-clean&iw=0988dad&q=5&cb=0&ym=0&cu=1670354486373&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5212567919%3A3080474871%3A6108598769%3A138405511493&zMoatMData=1&zMoatTopic=-&zMoatPS=top&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&it=500&ti=0&ih=2&pe=1%3A2345%3A2345%3A2397%3A2370&tz=top&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&fs=201243&na=1603595726&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:26 GMT
ad
ads.adventive.com/ 		257 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adventive.com/ad?j&pid=d32c2b09-28ed-46f5-b582-022f0bd114fc&type=4&cb=596716790&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuLerk4dDGzhhzeeUeO9fBmVi5zbNE3KSGVL0z9mAVOGfuh_uheX6oTVKCVZfNyW_I8WWOh0vwSsWtdjkVK8-NDZjj9OnOaMh1OfYOXqwxgVuQM5n66IgtW-JndiTvqOXcqtC3C0ZViGtCnTSJjOEG305kQsTXHysreZJBhE-y3KjEMp2T2rdP7NxURn1Hzv3H9UnuIsnaXQoa09k8pWiS-FteQNGnP0zIdNxFJr3fuRcaUJ3Cy_R4iHVWDiFCVB3TO4ML6TE8evYc6mj3-5szOb0Kcrh0mwxie16CjKlVrDZa0_Ll2nhJuc2yNmno3SQpTZf_oMQ%2526sai%253DAMfl-YTp-udghNMsWrYTQLWu7lRowbGwF3SQfZWxHaaj5zJSM7KpOYLbNlgVSeGPlHUB0XdM4sb1mhTQRbnP_1R3I52fKGhAVt2MCE4i7T50KX1NK5CIeTa9CWEa2QbVpBg_tw%2526sig%253DCg0ArKJSzKDbjZup1cHdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=cutimes.com&gdpr=&addtl_consent=&line_item=6101758007&order_id=3076154121&advertiser_id=4969214788&creative_id=138413816362&oop=&fb=adventive_htmlx_iy679772_frame&forceFallback=1
Requested by
Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&pid=d32c2b09-28ed-46f5-b582-022f0bd114fc&type=4&cb=596716790&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuLerk4dDGzhhzeeUeO9fBmVi5zbNE3KSGVL0z9mAVOGfuh_uheX6oTVKCVZfNyW_I8WWOh0vwSsWtdjkVK8-NDZjj9OnOaMh1OfYOXqwxgVuQM5n66IgtW-JndiTvqOXcqtC3C0ZViGtCnTSJjOEG305kQsTXHysreZJBhE-y3KjEMp2T2rdP7NxURn1Hzv3H9UnuIsnaXQoa09k8pWiS-FteQNGnP0zIdNxFJr3fuRcaUJ3Cy_R4iHVWDiFCVB3TO4ML6TE8evYc6mj3-5szOb0Kcrh0mwxie16CjKlVrDZa0_Ll2nhJuc2yNmno3SQpTZf_oMQ%2526sai%253DAMfl-YTp-udghNMsWrYTQLWu7lRowbGwF3SQfZWxHaaj5zJSM7KpOYLbNlgVSeGPlHUB0XdM4sb1mhTQRbnP_1R3I52fKGhAVt2MCE4i7T50KX1NK5CIeTa9CWEa2QbVpBg_tw%2526sig%253DCg0ArKJSzKDbjZup1cHdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=cutimes.com&gdpr=&addtl_consent=&line_item=6101758007&order_id=3076154121&advertiser_id=4969214788&creative_id=138413816362&oop=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b563b511939c66eaeba1b5e5c44602c2524a338fc195d80bded1eb729bf0c26
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Tue, 06 Dec 2022 19:21:26 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-apo-via
origin,host
cf-ray
775762743b165c56-FRA
timing-allow-origin
*
expires
Sat, 26 Jul 1997 05:00:00 GMT
stats
ads.adventive.com/api/ Frame 022F 		43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adventive.com/api/stats?acc=361&adv=4314&atid=4&auid=156741&cache=1&cid=61013&gid=0&pcid=91171&pid=172719&sid=716&tag=d32c2b09-28ed-46f5-b582-022f0bd114fc&tz=America%2FNew_York&up=0.00000&ut=RM&vid=11&ckid=ac2a1021-7e3a-421e-a9b8-5e8b53e1e8a4&ip=2a03%3A1b20%3A6%3Af011%3A%3A7e&clk=0&dat=%7B%7D&dh=1200&dw=1600&eng=0&grp=0&hc=uumeyaiw&iid=1bd0f1c79e314a83afa89a2fe44bad5c&ref=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&type=serve_impression&hov=0
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
none
cf-cache-status
DYNAMIC
p3p
CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
x-ua-compatible
IE=edge
pragma
cache
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=86400, must-revalidate
cf-apo-via
origin,host
cf-ray
775762743b1b5c56-FRA
timing-allow-origin
*
expires
Wed, 07 Dec 2022 19:21:26 GMT
moatcore.js
z.moatads.com/almdfp680616975594/ Frame 022F 		321 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatcore.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almdfp680616975594/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90fada080962fe24413fe347a9bc90a7fe2d73ac6b43d452ee31634cd58a5474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:41:10 GMT
server
AmazonS3
x-amz-request-id
706CHHW0SZMD6ZYT
etag
"49ba9e67e1072e2d088b6736bad0994c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=11817
accept-ranges
bytes
content-length
112053
x-amz-id-2
qBvAmxi+3wfkmdmD3KMA8HzkMyo9Z6CTOD3RxA4AACnFQSp0eQ9dBgRooOOW4RxhCMc/iKYQDu4=
truncated
/ Frame 022F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5bed1e8b0785b934ed7c79ba330274b0fe7b904e98f65132f480a17b4e4bee1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F2672839923190528596&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486373&de=861604665516&cu=1670354486373&m=24&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=0&ag=4&an=0&gf=4&gg=0&ix=4&ic=4&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=4&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8&cd=0&ah=8&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5212567919%3A3080474871%3A6108598769%3A138405511493&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=top&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=top&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=1224964306&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:26 GMT
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ Frame C8AB 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 13:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 06 Dec 2023 13:06:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame C8AB 		136 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cutimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d775daae9c814d8868a58f6dd47e23dcae39ec686c2c727e5a57c3a9ab0868a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84
x-xss-protection
0
expires
Tue, 06 Dec 2022 19:21:26 GMT
pixel.gif
px.moatads.com/ Frame 2826 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&d=ALMDFP1%3A21664827602%3A21683639053%3A-&de=318978151103&t=1670354486371&i=MOAT_FEATHER_DEBUG1&gw=almdfp680616975594&cm=10&f=0&bq=0&ar=67fa5e2a4e8-clean&iw=1535fb2&dMoatOQs=moatClientLevel1%3D5095087889%26moatClientLevel2%3D3110412442%26moatClientLevel3%3D6159049915%26moatClientLevel4%3D138412945796%26moatClientSlicer1%3D21664827602%26moatClientSlicer2%3D21683639053%26zMoatMData%3D1%26zMoatMSafety%3Dsafe%26zMoatPS%3Dmiddle%26zMoatMMV%3DdataAvailable%26zMoatMGV%3DdataAvailable%26zMoatTopic%3D%26refresh%3D1&fq=0&sy=0&gh=0&wb=0&g=1&tc=1&na=1979343427&cs=0
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:26 GMT
utsync.ashx
ml314.com/ Frame D3F8 		62 B
81 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&pv=1670354486470_5inqzs3uz&bl=en-us&cb=7427032&return=&ht=&d=&dc=&si=1670354485264_t2j6uahfz&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&v=2.5.2.2
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?6112022
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
expires
0
ud.ashx
in.ml314.com/ Frame D3F8 		20 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=6112022&v=2.5.2.2
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?6112022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.15.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-15-253.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:25 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Wed, 07 Dec 2022 19:21:26 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1670354486448&de=761864786678&m=0&ar=67fa5e2a4e8-clean&iw=0988dad&q=9&cb=0&ym=0&cu=1670354486448&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5225625599%3A3101239881%3A6141046553%3A138410157583&zMoatMData=1&zMoatTopic=-&zMoatPS=middle1&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&it=500&ti=0&ih=2&pe=1%3A2345%3A2345%3A2397%3A2370&tz=middle1&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&fs=201243&na=470623557&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2826 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoKprceP5PRVRStGg2bQ7qXyszeB_jtkj0IP3A1wBZmkkdIExMpRmO3YZgs_4EXa9gBr225OC5MA_NeGn1370cy0HmhrmMQFIbndyAQz8OK_XeT1CxRi7jN4CDUANGqEKBZNnEBQRBbjJbNyRKJTKXZ_ysnd-tfjO89wcJSHQSnw28EGBC3oNYS0gKbCwrP2KZhdw0zcKqBEVwv8xIkvAlZQ291AaKEfK32X7NelxZ_pVKj1bNcTX9vDaIJLYJbiduigRgszqGQYoaF03Hy9eVnvuLPFdAuAKkfKOvUm4JOc3jq1YMz6aPsSo8EkJjp56hwolkzqwj7g&sai=AMfl-YQ2Eoxx_9iG3Os5KWOmuSj1CJAIi8Y-e5k9Nw78PJqem6dxmigJekRF6Jep-wV9PMr6UHhPfaySTUZIaK9Lug-IjE8rwnInI2aDbgVvL_Q5_hXUpT4eC5YJ8p5FhsaY9w&sig=Cg0ArKJSzPaSKrmrLLMsEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 19:21:26 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F7596665407973160363&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486448&de=761864786678&cu=1670354486448&m=10&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5225625599%3A3101239881%3A6141046553%3A138410157583&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=middle1&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=middle1&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=161234607&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:26 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1670354486460&de=388894236380&m=0&ar=67fa5e2a4e8-clean&iw=0988dad&q=13&cb=0&ym=0&cu=1670354486460&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&zMoatMData=1&zMoatTopic=-&zMoatPS=middle&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&it=500&ti=0&ih=2&pe=1%3A2345%3A2345%3A2397%3A2370&tz=middle&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&fs=201243&na=1296527958&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:26 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1670354486497&de=361738367914&m=0&ar=67fa5e2a4e8-clean&iw=0988dad&q=17&cb=0&ym=0&cu=1670354486497&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4969214788%3A3076154121%3A6101758007%3A138413816362&zMoatMData=1&zMoatTopic=-&zMoatPS=super_hero&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&it=500&ti=0&ih=2&pe=1%3A2345%3A2345%3A2397%3A2370&tz=super_hero&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&fs=201243&na=341867474&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:26 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C8AB 		138 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
98323354ec1050e8ab880a1f0aa004f8e8defd2da0d0219d3c962b9ff13cf665
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:26 GMT
AN-X-Request-Uuid
bec15305-71a3-4751-a4b5-54b6d27527ac
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cutimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame C8AB 		94 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2242e23de21242cd%22%3A%22e5e931910fba9af9d55a%7C300x250%7Cgpid%3D%2F8570%2C21665826759%2Falmglobal%2Fcutimes-14472-300x250-activefill-desktop%22%7D&ref=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&s=d247ebc9-7913-474c-914a-2b5dbc52491a&pv=51294356-cbb0-4e84-8ebb-f727b822a98e&vp=mobile&lib_name=prebid&lib_v=6.29.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000188%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22a553714e-9c7d-4626-a4fd-d3fec7fd7d8a%22%7D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f77f61b40f61797ccd03a8ebf4a46a8a5d2f075f3b20b0922369831ae9d7989f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:26 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-190
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.cutimes.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
os4m-d.openx.net/w/1.0/ Frame C8AB 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9a6db81b-0726-4105-a495-16aeae8dc34c&nocache=1670354486583&pubcid=a553714e-9c7d-4626-a4fd-d3fec7fd7d8a&schain=1.0%2C1!yieldlift.com%2C2000188%2C1%2C%2C%2C&aus=300x250&divids=div-gpt-ad-2006157360151-0&aucs=&auid=558254913
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
077e436b2bd9a3f6b9e1206276ff987021a9a13d6c44ef709e2883c2265ac05c

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.cutimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C8AB 		241 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=451300&zone_id=2631696&size_id=15&rp_schain=1.0,1!yieldlift.com,2000188,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&tk_flint=pbjs_lite_v6.29.0&x_source.tid=9a6db81b-0726-4105-a495-16aeae8dc34c&l_pb_bid_id=82eb78e23edf22&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9277238834792287
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0a07941c4991f5b46a05f9682d7d90ea715dc7c515386ce6dddfe944399b5920

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C8AB 		139 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
caf21ca348bc43d0b66eb5275ee78b8d91a73866c12863ff2fee41cecfd0491d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:26 GMT
AN-X-Request-Uuid
5e90988d-898a-4532-a02e-72d10337233c
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.cutimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame C8AB 		36 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=903732&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211f39b4e594cb7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122%22%2C%22page%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212915ee0bfe5a8d%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22903732%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000188%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ae657ed40d988ae9ada64e2bed70ad98042007f37366a976185122966c217a8

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAmymUXyIUSJ9q2qbI%2F6OM8TH17J8DipMALimBbMKjO2jzP7ETZicuRdN8CYl6VBxo7QuvqM0oJ55bPSa7tb4yvfXRs8jMnEfHaHQ6kBAgh7Iw31jOqceHJuh4hOd6PVEj8TUh%2F2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7757627559709bd7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid
ap.lijit.com/rtb/ Frame C8AB 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b9c9c1f277283d987cd2c1b8e6a388d08d188cda81a8605d47e02b3dae918b92

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 19:21:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
translator
hbopenbid.pubmatic.com/ Frame C8AB 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 022F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVpNjiHVHCzY9UexeZeScCd8P9KLJrIFCIRZteY9qQUQeKwy7ak8eEPdegPMrk4PkMNDS-cvw8eAewpSNFcy7bLBdp7u6GLVTzChMqvXjnjYoo1x2fbWr5sQBs_V_-Vz19WfF4cIvVt7IPdYGyid99N9_yKKQ6GomH5-uKTFdteuziyHAM6e_CSBI3UCvarO6vvsBNqH4MtRiXT8ZVX82jkAlR5v4_WtEQYTqdtyfeES0I3SMuB-R-ttfdLwtBbTWUdFWsEru-k3iIfiz6B4E48e-Y8KTx0O4pJKesczGMq0UCwvXvNlh9XM8KbGHBIrEDVrX3dbqrirgR&sai=AMfl-YTauVu2LEObgdQzFFKj5kZbGHytXgzxLBt00WhZ0W50EQ34t3xGFHABXG7wOpGnCZWlIrPaFY6fdvJdiKbJRQ3K2EFOd0_d8BW_0efp5HxEPtye_kOVadsCv0eF49DVaw&sig=Cg0ArKJSzLyEvMMNIOA-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 19:21:26 GMT
mut
ghb.adtelligent.com/adunit/ Frame AAAE 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19332/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.safeservingcdn.com
Date
Tue, 06 Dec 2022 19:21:25 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
multitracking
ghb.hbmp.mediafuse.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hbmp.mediafuse.com/adunit/multitracking
Requested by
Host: player.hbmp.mediafuse.com
URL: https://player.hbmp.mediafuse.com/prebidlink/19332/hbw_master_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.cutimes.com
Date
Tue, 06 Dec 2022 19:21:25 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Dec 2022 19:21:26 GMT
vissense.min.js
cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/vissense.min.js
Requested by
Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&pid=d32c2b09-28ed-46f5-b582-022f0bd114fc&type=4&cb=596716790&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuLerk4dDGzhhzeeUeO9fBmVi5zbNE3KSGVL0z9mAVOGfuh_uheX6oTVKCVZfNyW_I8WWOh0vwSsWtdjkVK8-NDZjj9OnOaMh1OfYOXqwxgVuQM5n66IgtW-JndiTvqOXcqtC3C0ZViGtCnTSJjOEG305kQsTXHysreZJBhE-y3KjEMp2T2rdP7NxURn1Hzv3H9UnuIsnaXQoa09k8pWiS-FteQNGnP0zIdNxFJr3fuRcaUJ3Cy_R4iHVWDiFCVB3TO4ML6TE8evYc6mj3-5szOb0Kcrh0mwxie16CjKlVrDZa0_Ll2nhJuc2yNmno3SQpTZf_oMQ%2526sai%253DAMfl-YTp-udghNMsWrYTQLWu7lRowbGwF3SQfZWxHaaj5zJSM7KpOYLbNlgVSeGPlHUB0XdM4sb1mhTQRbnP_1R3I52fKGhAVt2MCE4i7T50KX1NK5CIeTa9CWEa2QbVpBg_tw%2526sig%253DCg0ArKJSzKDbjZup1cHdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=cutimes.com&gdpr=&addtl_consent=&line_item=6101758007&order_id=3076154121&advertiser_id=4969214788&creative_id=138413816362&oop=&fb=adventive_htmlx_iy679772_frame&forceFallback=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
476977
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3066
last-modified
Mon, 04 May 2020 16:17:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04028-2af5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FunyhDjqqheNukFJGblVntsvlAQQzoQ8wMWPtH8mUM9yOHXHzhBbk%2BMybJ9GKWJIxzvMIgoBHKffQ5bX3PTvgvzU6qVJzwCe2dBOyi%2B0sSruQ0TN9RfDqF%2B7rmtbe64gJeEpjmgkcXj%2Fpg8WyI5XLT0t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
775762761b5e5bf9-FRA
expires
Sun, 26 Nov 2023 19:21:26 GMT
css
fonts.googleapis.com/ Frame 7ECB 		3 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400&display=swap
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 19:21:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 19:21:26 GMT
e0a0b03b-7c8e-4d42-97ba-990c02308ea1
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=1400/361/ Frame 7ECB 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=1400/361/e0a0b03b-7c8e-4d42-97ba-990c02308ea1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab472433797750e78da48f7040c68b4a50159fd60c46992567f136bf9d28de
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40479
cf-resized
internal=ok/h q=0 n=23 c=15+273 v=2022.12.0 l=40479
last-modified
Fri, 18 Nov 2022 23:05:39 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cfaEepOjT2lDos9_WSHO2uvkVa20K-4gN9N3a2ZiayDQ:bd88bc8ffdfa6ae305cbcf093f777499"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
77576276688c5caa-FRA
f05ef25c-4ca6-4b90-aa31-9e9df7d7615a
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=944/361/ Frame 7ECB 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=944/361/f05ef25c-4ca6-4b90-aa31-9e9df7d7615a
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b198d10e658c4cc6e966bc9be45a40983c5a1eaec15e3881724f85e7da841317
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25600
cf-resized
internal=ok/h q=0 n=18 c=15+217 v=2022.11.7 l=25600
last-modified
Fri, 18 Nov 2022 23:05:36 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cfIvW7_4IQ0H3TIBBjlbRNFsnCQiz_vQNY_AlhAbu5BQ:79d9a667dcdeb7463d8058ac7897c3a9"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
7757627668975caa-FRA
444c0eb3-45b1-48e5-8202-29e605ac5e13
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=1400/361/ Frame 7ECB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=1400/361/444c0eb3-45b1-48e5-8202-29e605ac5e13
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b0fcca2050f159b48dac26c028ce5c87774a96d29c06bb832717d8c0b4b2a8b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30317
cf-resized
internal=ok/h q=0 n=19 c=16+253 v=2022.11.7 l=30317
last-modified
Fri, 18 Nov 2022 23:05:36 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cfJOuyjt5IUNoMi5R2Qj7Rkctn20K-4gN9N3a2ZiayBQ:cfcb91d1d97af9b78f8114bb22fea8f5"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
7757627668945caa-FRA
6eb81e56-320a-4e86-80e0-e3b617edcb7b
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=815/361/ Frame 7ECB 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=815/361/6eb81e56-320a-4e86-80e0-e3b617edcb7b
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de857d671fc100a95d2eb2bb9f90fc02fee23ba14f2de0ded6bd2feb4011e976
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35888
cf-resized
internal=ok/h q=0 n=29 c=5+236 v=2022.11.7 l=35888
last-modified
Fri, 18 Nov 2022 23:11:47 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cfrYAqMc7bbYzqxztmtVUJxWM6xuMWDCgVabOO9d0HBQ:d209a772a1baf8eb87157a7ecbf98805"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
7757627668965caa-FRA
956a82e3-df92-4237-94d6-604eda428308
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=1400/361/ Frame 7ECB 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=1400/361/956a82e3-df92-4237-94d6-604eda428308
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452edb88c65b6aa207c9a985a3dce5a6dea98a0fb361e37b7c9e4e590098ca7a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35643
cf-resized
internal=ok/r q=0 n=58 c=17+174 v=2022.11.7 l=35643
last-modified
Fri, 18 Nov 2022 23:05:37 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cf8sAP74ymyhXJ9Hicmd7P94uz20K-4gN9N3a2ZiayBQ:cd54a2858c236de6ec78c20ca69b8234"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
7757627668995caa-FRA
86226afa-7221-4653-9622-c10592cb1cf6
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=1400/361/ Frame 7ECB 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=1400/361/86226afa-7221-4653-9622-c10592cb1cf6
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24f1d61f81977ee277a8337c7fa5242de6a3304b040b53aa3119be3e721ac4f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32748
cf-resized
internal=ok/h q=0 n=40 c=3+167 v=2022.12.0 l=32748
last-modified
Fri, 18 Nov 2022 23:05:37 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cfU0GL8fVF3gJizlyYl8w_dinx20K-4gN9N3a2ZiayDQ:8430a86c00b6e4df51cf0e621bb79d45"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
77576276688f5caa-FRA
blank.png
assets.adventivecdn.com/ui/images/ Frame 7ECB 		34 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/ui/images/blank.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
cf-cache-status
HIT
x-amz-request-id
GDAJ7QR1HWD4Q9NE
age
79563
cf-polished
origFmt=png, origSize=68
content-disposition
inline; filename="blank.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34
x-amz-id-2
3CKc83agQf7mWDIDJ3JP//CNzi2aYHtHsLHyziaQiyRBq3WIIkogOgmS6wXTqxxddJEJCQQNC7c=
cf-bgj
imgq:100,h2pri
last-modified
Wed, 24 Jul 2019 17:44:25 GMT
server
cloudflare
etag
"e679fbd466a2d656f194a5da4fa083cd"
vary
Accept
content-type
image/webp
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
7757627678c45caa-FRA
syncframe
gum.criteo.com/ Frame 3E1F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cutimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 19:21:26 GMT
server
Kestrel
server-processing-duration-in-ticks
970103
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Dec 2022 19:21:26 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 7ECB 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:51:26 GMT
x-content-type-options
nosniff
age
88200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 18:51:26 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame AAAE 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Dec 2022 19:21:26 GMT
sid
mug.criteo.com/ Frame 3E1F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=7ZsoOHw2bzFUTHltVTVXL1dsTVhkMVZKblBQVVl4cXpqNWxqTUpzZ0JKckpTa3E0VjNBMmd2di9oL2JQY3lJemt5dVV5QTJuWnBhRkFLZG0yNWRxNThZN3NUQTVkT1B0eVFWdjRWbmRhSm1pb2FoZWRRb2RRN2ZaMUwzK0...
428 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7ZsoOHw2bzFUTHltVTVXL1dsTVhkMVZKblBQVVl4cXpqNWxqTUpzZ0JKckpTa3E0VjNBMmd2di9oL2JQY3lJemt5dVV5QTJuWnBhRkFLZG0yNWRxNThZN3NUQTVkT1B0eVFWdjRWbmRhSm1pb2FoZWRRb2RRN2ZaMUwzK0s5WjRkUVU3MURhSVBXVzVxT04xbjc2NGhKM2sxSGU3Mmw3aTFMWW9PYUZ1U0dzS1RIVlVnZEwvamEwSE9mRkQwd0xEMkdpTTdVL2tUTkdoWWFPTDMyRjZSZ2VKTEJ1K1dTc05ORE1lMjZLTGR3UGtHN1IrdGJibHZtTHRRemxPK3Zrb3BqZ1MxaHkrNDlBdUxIdWJMVXg1QUEvL1FCdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
20f79fc1ff28bcbe3b32803f6241031cf3635454a4ceee5d87ef18503f83f5d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2015403
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=7ZsoOHw2bzFUTHltVTVXL1dsTVhkMVZKblBQVVl4cXpqNWxqTUpzZ0JKckpTa3E0VjNBMmd2di9oL2JQY3lJemt5dVV5QTJuWnBhRkFLZG0yNWRxNThZN3NUQTVkT1B0eVFWdjRWbmRhSm1pb2FoZWRRb2RRN2ZaMUwzK0s5WjRkUVU3MURhSVBXVzVxT04xbjc2NGhKM2sxSGU3Mmw3aTFMWW9PYUZ1U0dzS1RIVlVnZEwvamEwSE9mRkQwd0xEMkdpTTdVL2tUTkdoWWFPTDMyRjZSZ2VKTEJ1K1dTc05ORE1lMjZLTGR3UGtHN1IrdGJibHZtTHRRemxPK3Zrb3BqZ1MxaHkrNDlBdUxIdWJMVXg1QUEvL1FCdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
527016
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame A238 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cutimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 19:21:26 GMT
server
Kestrel
server-processing-duration-in-ticks
6051039
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame AAAE 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Dec 2022 19:21:26 GMT
sid
mug.criteo.com/ Frame A238
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.safeservingcdn.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=6RUMFnx1ODNRY3hxSE9Pdm9OajBWZEkwWkZqbjBZc2lBd0JkZUhyeWFaVlVrVjRxTGZJYk1qVE5YUUFYZ2VBZTFuL2FLUDBjTCsrV2VLbmdTYVp4NnVlUkIvWTRkRGFDSTBVWlNiSC9JblY0cE53R3RjeHpDN01yWGNFRE...
428 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6RUMFnx1ODNRY3hxSE9Pdm9OajBWZEkwWkZqbjBZc2lBd0JkZUhyeWFaVlVrVjRxTGZJYk1qVE5YUUFYZ2VBZTFuL2FLUDBjTCsrV2VLbmdTYVp4NnVlUkIvWTRkRGFDSTBVWlNiSC9JblY0cE53R3RjeHpDN01yWGNFRE5VM0RNR3B4WXNFR2FRaWYyU3h4ZzVqdnhTVGNIU0FjR0luU2ZnOStpQnVOWDZobHUxS0VMekZtQlRxeUtkMC9aaTZwYW93dTVwS2tPWVNhM1VqWVR5ZkVWN3ZqQm1LcEhFVGxtSVFWQkI2TWVPclBPYTNOSEsxcDB1eVBxL0RDR3J3MVNseVBUTy9HakE3MXFMR2hKZytrVXRoVUJ5bzVuc1ZBMnkvRm43R282c1lud01aYz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b3e56815f561370661f1e7b7361a272daae6a8d433b1168aebece256cef807
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4070437
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=6RUMFnx1ODNRY3hxSE9Pdm9OajBWZEkwWkZqbjBZc2lBd0JkZUhyeWFaVlVrVjRxTGZJYk1qVE5YUUFYZ2VBZTFuL2FLUDBjTCsrV2VLbmdTYVp4NnVlUkIvWTRkRGFDSTBVWlNiSC9JblY0cE53R3RjeHpDN01yWGNFRE5VM0RNR3B4WXNFR2FRaWYyU3h4ZzVqdnhTVGNIU0FjR0luU2ZnOStpQnVOWDZobHUxS0VMekZtQlRxeUtkMC9aaTZwYW93dTVwS2tPWVNhM1VqWVR5ZkVWN3ZqQm1LcEhFVGxtSVFWQkI2TWVPclBPYTNOSEsxcDB1eVBxL0RDR3J3MVNseVBUTy9HakE3MXFMR2hKZytrVXRoVUJ5bzVuc1ZBMnkvRm43R282c1lud01aYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
475145
content-length
0
expires
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fassets.adventivecdn.com%2F361%2Fe0a0b03b-7c8e-4d42-97ba-990c02308ea1&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=320&w=1400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486497&de=361738367914&cu=1670354486497&m=508&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=0&ag=44&an=0&gf=44&gg=0&ix=44&ic=44&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=44&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=87&cd=0&ah=87&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4969214788%3A3076154121%3A6101758007%3A138413816362&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=super_hero&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=super_hero&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=195696907&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:27 GMT
integrator.js
adservice.google.de/adsid/ Frame C8AB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.cutimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C8AB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.cutimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C8AB 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3777288400395967&correlator=1495465792975175&eid=31070945%2C31071150%2C31071154&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=8570%3A21665826759%2Calmglobal%2Ccutimes-14472-300x250-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3948559212&sfv=1-0-40&prev_scp=rfsh%3D1%26rfshtime%3D15&eri=1&sc=1&cookie=ID%3Dad2dbe89cbc3199a%3AT%3D1670354484%3AS%3DALNI_MYyNkPejs00mVxMNndQSkt1Hb3oWQ&gpic=UID%3D00000b8ea1ad5950%3AT%3D1670354484%3ART%3D1670354484%3AS%3DALNI_MbCBVoJfEh4rs08DpNNHuwT23UuJw&abxe=1&dt=1670354487029&lmt=1670354487&dlt=1670354486165&idt=399&adxs=1090&adys=1053&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=3ymfhhpzhbn1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&ref=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&top=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=260&ohw=300&ea=0&ga_vid=541320279.1670354487&ga_sid=1670354487&ga_hid=1084359505&ga_fc=false&a3p=EhsKDmVzcC5jcml0ZW8uY29tEgAYmI2Lx84wSAA.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08eb311a92899876c61a07f3b3bb536f8f44bfa17729bb810a1a7da6e760dfa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
google-lineitem-id
5679622535
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374214765
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C8AB 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35a3c93298451a885e6bafef760ba24e7481ac4061ddbb7dae7f4c039aafef60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11196
x-xss-protection
0
container.html
d910a9d0ebc618408a0ffc15f94592d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E027 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d910a9d0ebc618408a0ffc15f94592d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 19:21:27 GMT
expires
Wed, 06 Dec 2023 19:21:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C8AB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 19:21:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9639 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv74XD3zVxlowRkpJn8MjTwq_32dOHMEXUH9CtYo6pLDhOb_WEHp00uizRCq7CcyP6FNscUwCGcc50cP7I01YiWRxJKeTHxm3ErzAdmxmzEVJn1gt-nL67R0_3smHtRgHT1ddQJl9Z92dymc7N-cf8dpRzkKGhk9EuKlH-5Jf8Kvci3WZ3h4Ejz5QC8KXAvW_ftJ0rP2jFEDrcOoxnASzzfFyQJxuWoJJVyZXaVgP8GOlrXDKLisfCC0hEpZCb9c0CudidSOinb6Ibt8OIDevoDIThPJsaznLdkwp-v6KR23-EW8P4gl9FnNI3_ga924s0K1Yux4sovcLdzTBqUWZ48pxpAimmcYCicC-7SEntyHlph&sai=AMfl-YQGUXZ2_8J3Mjw1GYHOuJKSUmjG8rgfpc55CbmQw3ifuxZ9fC-Ely6MVzeQFfChmNySJr7uzpz2dO7Dd-g3Y7Pt1akEXHcaftfi_Xj24QNjlhl7n-Xw1kGCMQdmaHWZkQ&sig=Cg0ArKJSzAMNO4obLJ3QEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20221106142122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 9639 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 12:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
25984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 12:08:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9639 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 19:21:27 GMT
290019826985442924
tpc.googlesyndication.com/simgad/ Frame 9639 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/290019826985442924
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65073b087a0e23baeeeb929c2a8c057c6190468b8676c1653f73de244705764f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:02:44 GMT
x-content-type-options
nosniff
age
389923
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62762
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 20:32:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 07:02:44 GMT
l
www.google.com/ads/measurement/ Frame 9639 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9ULojaSWt3SpeLSEsvnLKCwKoZBP1vWprI58UlKR5zLoMNvY6tdzFj5mfXRdncqzsMz0F
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
truncated
/ Frame 9639 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db318e65fd26d9edb804d8da27cd505921d013ce59c421a2cecc0ae50a7ad5c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3ECA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2763
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 18:35:24 GMT
expires
Wed, 06 Dec 2023 18:35:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C5AF 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f444296233f822de187d49ecbddad9196624e91e253df95237a06b0952deadbc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KUKlKcg1k-PmFVDBkaMp-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-KUKlKcg1k-PmFVDBkaMp-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 19:21:27 GMT
expires
Tue, 06 Dec 2022 19:21:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame D3F8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuER4qNC_xXuqD5dzzi3l2ulTgOY7oqGFPwxm2YgjRS_VQ_ezyg2iPg-R_0Cq4SGY9wegk0SbruwyeIqoLrVH8Vwp-_PhaPXax7eBONNvIZvxX2o6L1&sig=Cg0ArKJSzM9S3jofucs9EAE&id=lidar2&mcvt=1004&p=943,436,1033,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221205&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2736157804&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670354486066&rpt=231&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
pagead2.googlesyndication.com/bg/ Frame 3ECA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 12:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 12:50:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C5AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=3777288400395967&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 9639 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCa8OUA-w71JUFjAOztbLSMDMuD_gL8Nqe_Oan7gMEEve98MYGXAoOB449Qb9a1z1XlWfxLXRQ_F5Faflzb5kt0p6cyhm7NwYfA_Dx5zz1kWmgvTKmgSKVbC_bMYXSgcoH40fNV0uZLa5szdYmIKqVueE4jwgFUuwRR7DyO1JGbIfTK5-0OYuJGm68gb2dwIc-wJ_pDAw7ESbsLjGurK7coBfuPgyhIVbCSL57MkE8mSzXDrGty0mTCEZ_PBCINq7cl_nD3tRjqeD0VqUhKkV306A4StUT_oO9Wc5WX1CHOyQJAHxLBYHdtnHjnJZDCZbsf8jjNeJoneeQgKT5QXsxVCXDDOFmAlTt5iU-IGTuNwdvSJw&sai=AMfl-YSEYswJk4Dc9DMu37WS-zgKYAx0CirjYMHcdVp7eLbdeirDdVNcAM9y8s8f9bIfdanToT3e-NH0-HZ1RxqleOI36msBIrJzvc_Ze3VfOIKQNd8bBMFm8vfXYfJlvspsQg&sig=Cg0ArKJSzOBwlEAehfexEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 19:21:27 GMT
generate_204
tpc.googlesyndication.com/ Frame 3ECA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TSf0kA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486373&de=861604665516&cu=1670354486373&m=1087&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=1073&an=4&gi=1&gf=1073&gg=4&ix=1073&ic=1073&ez=1&ck=1073&kw=876&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1073&bx=4&ci=1073&jz=876&dj=1&aa=0&ad=964&cn=0&gk=964&gl=0&ik=964&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=876&cd=8&ah=876&am=8&xd=00&rf=0&re=1&ft=964&fv=0&fw=964&wb=1&cl=0&at=0&d=5212567919%3A3080474871%3A6108598769%3A138405511493&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=top&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=top&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=30434547&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:27 GMT
pixel.gif
px.moatads.com/ Frame 2826 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&d=ALMDFP1%3A21664827602%3A21683639053%3A-&de=318978151103&t=1670354486371&i=MOAT_FEATHER_DEBUG1&gw=almdfp680616975594&cm=10&f=0&bq=0&ar=67fa5e2a4e8-clean&iw=1535fb2&dMoatOQs=moatClientLevel1%3D5095087889%26moatClientLevel2%3D3110412442%26moatClientLevel3%3D6159049915%26moatClientLevel4%3D138412945796%26moatClientSlicer1%3D21664827602%26moatClientSlicer2%3D21683639053%26zMoatMData%3D1%26zMoatMSafety%3Dsafe%26zMoatPS%3Dmiddle%26zMoatMMV%3DdataAvailable%26zMoatMGV%3DdataAvailable%26zMoatTopic%3D%26refresh%3D1&fq=0&sy=0&gh=0&wb=0&g=2&tc=1&id=1&na=1616772421&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:27 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486373&de=861604665516&cu=1670354486373&m=1088&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=1073&an=1073&gi=1&gf=1073&gg=1073&ix=1073&ic=1073&ez=1&ck=1073&kw=876&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1073&bx=1073&ci=1073&jz=876&dj=1&aa=0&ad=964&cn=964&gk=964&gl=964&ik=964&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=876&cd=876&ah=876&am=876&xd=00&rf=0&re=1&ft=964&fv=964&fw=964&wb=1&cl=0&at=0&d=5212567919%3A3080474871%3A6108598769%3A138405511493&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=top&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=top&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=479167716&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:27 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486373&de=861604665516&cu=1670354486373&m=1088&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=1073&an=1073&gi=1&gf=1073&gg=1073&ix=1073&ic=1073&ez=1&ck=1073&kw=876&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1073&bx=1073&ci=1073&jz=876&dj=1&aa=0&ad=964&cn=964&gk=964&gl=964&ik=964&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=876&cd=876&ah=876&am=876&xd=00&rf=0&re=1&ft=964&fv=964&fw=964&wb=1&cl=0&at=0&d=5212567919%3A3080474871%3A6108598769%3A138405511493&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=top&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=top&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=563204835&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2826 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaFtljSTrF12TzhnXMxb4OUinW4ZVBivGvlbd-mQYRn_Jwnl6AGKEV-tUknY7WwlRgD6BcR96eGMyb7S8uBZbg8eTJb1EkYnS1mErlU7Sj4p0EMJ_V&sig=Cg0ArKJSzBmXdEre7HFtEAE&id=lidar2&mcvt=1000&p=1053,1090,1303,1390&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20221205&bin=7&avms=nio&bs=1600,1200&mc=0.59&vu=1&app=0&itpl=19&adk=4142453217&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670354486111&rpt=382&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F290019826985442924&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=0&h=250&w=298&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486460&de=388894236380&cu=1670354486460&m=1028&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=59&vx=59%3A-%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=0&ag=107&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=59&pf=0&ib=1&cc=0&bw=107&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=213&cd=0&ah=213&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=middle&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tz=middle&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=945922857&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 022F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAWD0sc9lY9ZwXHIdcDvDebQgQlD_QytPHZiRsUG5lSCfPgZc74_Ayma5Ji0555SRLtblhK8OGuqNjKmZNtgKVH2hvhx0YRiNs9TxFuGpay7mZ413N&sig=Cg0ArKJSzNR78k36k7ydEAE&id=lidar2&mcvt=1000&p=0,100,320,1500&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221205&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4103338542&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670354486120&rpt=523&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486373&de=861604665516&cu=1670354486373&m=1290&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=1277&an=1073&gi=1&gf=1277&gg=1073&ix=1277&ic=1277&ez=1&ck=1073&kw=876&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1277&bx=1073&ci=1073&jz=876&dj=1&aa=1&ad=1168&cn=964&gn=1&gk=1168&gl=964&ik=1168&co=1168&cp=1077&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1077&cd=876&ah=1077&am=876&xd=00&rf=0&re=1&ft=1168&fv=964&fw=964&wb=1&cl=0&at=0&d=5212567919%3A3080474871%3A6108598769%3A138405511493&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=top&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=top&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=1355448442&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:27 GMT
stats
ads.adventive.com/api/ 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adventive.com/api/stats?acc=361&adv=4314&atid=4&auid=156741&cache=1&cid=61013&gid=0&pcid=91171&pid=172719&sid=716&tag=d32c2b09-28ed-46f5-b582-022f0bd114fc&tz=America%2FNew_York&up=0.00000&ut=RM&vid=11&ckid=ac2a1021-7e3a-421e-a9b8-5e8b53e1e8a4&ip=2a03%3A1b20%3A6%3Af011%3A%3A7e&clk=0&dat=%7B%22viewTime%22%3A1%2C%22screenIndex%22%3A1%7D&dh=1200&dw=1600&eng=0&grp=0&hc=ewieqemi&iid=39456bb4d4f54f1ebff0f04cf631aa9f&ref=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&type=ad_view_view_auto&hov=0&cb=1670354487826
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
content-encoding
none
cf-cache-status
DYNAMIC
p3p
CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-apo-via
origin,host
cf-ray
7757627ceb395c56-FRA
timing-allow-origin
*
expires
Wed, 11 Jan 2000 12:59:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C8AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=3777288400395967&bg=!ICOlI2fNAAa7eOFIm3g7ACkAdvg8WieNMi3zgRj1ngG_GS4SG0OWAOcYJIXqH4YUP2xbnMrizveyKwIAAABsUgAAAARoAQcKAIvJjGBsjVe4Y1Y-fTToXNeA5PAdNYhA2wIyM3DjLkgF4Mte29LRaYGlbjBtv7BismRoH5gkCbHO05cGUT3tg-LdvfJMIzrlC2kAvuJI0UuaxI8_fxoqED7taWCoR0euZBop7gFSs7t9v8gZPGpRvOnidPEU0t6hVjz2xcQww_aIlsgcSy0VB9uUh0ozmQLLwnJeX1el6bNEnlxINSB2mLyymTfEU45ny0n1Mu5I3XLu6Gj_jwQPzN4JagnJERIFg5aDqw4MmalkMsCDeyCGX9mMoP9Hl1P5RGADSUEgT52YrJywk2ov4KioYZv4Md024HUnkhU97UMtbd1sTkbsnx7nwxWNA-jhP1Hy_dsHjFL2t03e9iqSEQSH78ZvQaIziUmT07zpJTG0mPeC5jQGXlTiW-f5sIaLxGTNUeDvBSB9F8AkCSYexyvOqeEfodhs40zACOt14p-ztFnYvqcibMo3RNsvYIXTRP0sf-sm6XMNG81eZ8lCL3GJusR03ETALXCutN71ER8l439vd6sqYMRyqPu5El_rIvlQUkS9L1UbrHTMtzozvKoSWxhkexiJqDSS0hYrnZZdY8mQqvz5PbnUdAaVFC6bO3ZA0vvROB_0JVfXRAmeCtVX-oXMEIlVm1DWSNXyJys2PmMZUYK1m7qFmMvAW3SjjJ0T5qVs3IBuWRQESTHUIZh5qKTNTYibWJWq3EnXiOKsJbGNVFhyfGj1o7VID8lLq-DNNHg5NyVgiASNFHM5WAvIJn4N793gLxY1V6IoOTqKmo-QW5dFsNWqGSjzvJteZNloaaBjWqgfQMFoPptwAmugxLzhFllytf9apUChuUFP1umuc_DdXmd_Aa-cD90weFTKJMBhZ0P51iCSogkF0d9VbSZxgOO8i0ADQO-8wdVIwyrpT6_-oWEVLhVda-9Pos6jm1Pxk2qt1hCc-JiFlplcmuM4bLgYgh869aqs53CuZeXG72yCVNjxjdokTCNaEn3hVmiWLvSY7VYTOqtxwrIl7Po5N32tJNZjzFey6K8E1bZXdBqUiWpDq1--ATA3SAKNZlT5IHl9-p4-mFTiICxHc12S40DTijqzZp_q5T8YgJWgRRKEVry13_45bsoVV5daxaWkqYEMMKRXSgfhdj3_7A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=320&w=1400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486497&de=361738367914&cu=1670354486497&m=1640&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=1178&an=44&gi=1&gf=1178&gg=44&ix=1178&ic=1178&ez=1&ck=1178&kw=1020&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1178&bx=44&ci=1178&jz=1020&dj=1&aa=1&ad=1075&cn=0&gn=1&gk=1075&gl=0&ik=1075&co=1075&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=87&ah=1020&am=87&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4969214788%3A3076154121%3A6101758007%3A138413816362&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=super_hero&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=find%20iframe%20parent&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=super_hero&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=379080729&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:28 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&h=320&w=1400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486497&de=361738367914&cu=1670354486497&m=1642&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=1178&an=1178&gi=1&gf=1178&gg=1178&ix=1178&ic=1178&ez=1&ck=1178&kw=1020&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1178&bx=1178&ci=1178&jz=1020&dj=1&aa=1&ad=1075&cn=1075&gn=1&gk=1075&gl=1075&ik=1075&co=1075&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=1020&ah=1020&am=1020&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4969214788%3A3076154121%3A6101758007%3A138413816362&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=super_hero&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=find%20iframe%20parent&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=super_hero&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=1687768192&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:28 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&h=320&w=1400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486497&de=361738367914&cu=1670354486497&m=1642&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=1178&an=1178&gi=1&gf=1178&gg=1178&ix=1178&ic=1178&ez=1&ck=1178&kw=1020&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1178&bx=1178&ci=1178&jz=1020&dj=1&aa=1&ad=1075&cn=1075&gn=1&gk=1075&gl=1075&ik=1075&co=1075&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=1020&ah=1020&am=1020&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4969214788%3A3076154121%3A6101758007%3A138413816362&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=super_hero&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=find%20iframe%20parent&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=super_hero&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=1717761025&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:28 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.safeservingcdn.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.safeservingcdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 19:21:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
595943
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame AAAE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fp.safeservingcdn.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=luIOmnxxck5rVUVsQTU0ZmIvZXY4S1dBT0F5ejJKQWsrdE43Q2FYOGpmNzBta2g2VkNWQzh6alJaOE8ySVc0QWpuOHk2S1N2SlYwZnhCc0hNaDBzNTUvL0ZLNzZZZVo3REdVQXhMYVFDeWR1QjNndlJjRUlDNXZPQlRhRk...
474 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=luIOmnxxck5rVUVsQTU0ZmIvZXY4S1dBT0F5ejJKQWsrdE43Q2FYOGpmNzBta2g2VkNWQzh6alJaOE8ySVc0QWpuOHk2S1N2SlYwZnhCc0hNaDBzNTUvL0ZLNzZZZVo3REdVQXhMYVFDeWR1QjNndlJjRUlDNXZPQlRhRkZ5R1hhbU4yb0w0YXZCbyt6dVBtMXcrVVl0STVOSm9QQis4dUNvUllHSXJpdVBnM3NoS2JDSEpNUmRVTzhsbmV6cXIxZkg1bGpoSklPWUN0RlgrRjhIekhuSVdCZlFUVTVRVUhpdC9XanFmNFAxMUdDa0drTytjRitZR2RNSHhsVzJwdEtxQ0FjbW9rVW45eDBySmdjbDgvZUpQVTdaRVNMbFRFSC9yTzg0SVV6WkFkS0pjND18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
521e309a1c17e8c0a1ff8155082b0e71e4d2d3d3dca28afb9d07365d5458385c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1437089
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=luIOmnxxck5rVUVsQTU0ZmIvZXY4S1dBT0F5ejJKQWsrdE43Q2FYOGpmNzBta2g2VkNWQzh6alJaOE8ySVc0QWpuOHk2S1N2SlYwZnhCc0hNaDBzNTUvL0ZLNzZZZVo3REdVQXhMYVFDeWR1QjNndlJjRUlDNXZPQlRhRkZ5R1hhbU4yb0w0YXZCbyt6dVBtMXcrVVl0STVOSm9QQis4dUNvUllHSXJpdVBnM3NoS2JDSEpNUmRVTzhsbmV6cXIxZkg1bGpoSklPWUN0RlgrRjhIekhuSVdCZlFUVTVRVUhpdC9XanFmNFAxMUdDa0drTytjRitZR2RNSHhsVzJwdEtxQ0FjbW9rVW45eDBySmdjbDgvZUpQVTdaRVNMbFRFSC9yTzg0SVV6WkFkS0pjND18&cppv=2
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
500321
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame AAAE 		135 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame 1278 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670354485293&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 3EB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670354485084&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 4D13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670354485087&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 972E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670354485085&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 9BA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670354485086&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 8756 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670354485357&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
cookie
cm.adform.net/ Frame AAAE 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
server
nginx
content-length
43
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame AAAE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cutimes.com%2F&domain=www.cutimes.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
563694
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame C8AB 		49 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001si6JdAAI&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame C8AB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cutimes.com%2F&domain=www.cutimes.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=mZG5W3xDTzdyL0lPYTFKYyt6K1o0RExUaHhJMXZoTlRDQklRSjBSZDJhdnlaK29DRHF6WU9iajZzVW9PSk11aFBGODB6dk1WR2NUS2d4MlJQMHBwVlNEWEkxTTJyLzNNK283Zm5VK3FVWjJvMXBRYWdPbTk4NkNxRHVrOV...
432 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mZG5W3xDTzdyL0lPYTFKYyt6K1o0RExUaHhJMXZoTlRDQklRSjBSZDJhdnlaK29DRHF6WU9iajZzVW9PSk11aFBGODB6dk1WR2NUS2d4MlJQMHBwVlNEWEkxTTJyLzNNK283Zm5VK3FVWjJvMXBRYWdPbTk4NkNxRHVrOVRuc3lSNGxZVnVDRnRKUlJjYmhiT0VNZGo1WFNTL0xlSEhmalJjVmJBZ0EzV3p3cmpQRG53aTh5WXJZQS9YaHRWcTVlYXR0MzBMamVTY1VROVdiWVRqSXdvQjcrckllOVovTG9JbEgwdGRpWVVmOVFTMkRUeUlVbmpYSklnRklPOFpSTDZXbDFva3ZQR3FhTmZ3WWtDNHMrcEVBR2JkMWF6SFVrMUlOTTZrbHZuNlFUY3l5RT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
517615a93e626d8d7572ae97fbf845a86f163a3b7c19ac6aa7c66bd75db0b6f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1881183
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=mZG5W3xDTzdyL0lPYTFKYyt6K1o0RExUaHhJMXZoTlRDQklRSjBSZDJhdnlaK29DRHF6WU9iajZzVW9PSk11aFBGODB6dk1WR2NUS2d4MlJQMHBwVlNEWEkxTTJyLzNNK283Zm5VK3FVWjJvMXBRYWdPbTk4NkNxRHVrOVRuc3lSNGxZVnVDRnRKUlJjYmhiT0VNZGo1WFNTL0xlSEhmalJjVmJBZ0EzV3p3cmpQRG53aTh5WXJZQS9YaHRWcTVlYXR0MzBMamVTY1VROVdiWVRqSXdvQjcrckllOVovTG9JbEgwdGRpWVVmOVFTMkRUeUlVbmpYSklnRklPOFpSTDZXbDFva3ZQR3FhTmZ3WWtDNHMrcEVBR2JkMWF6SFVrMUlOTTZrbHZuNlFUY3l5RT18&cppv=2
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
675076
content-length
0
expires
0
944.json
id5-sync.com/g/v2/ Frame C8AB 		215 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
cf5cd49c4d69c3b98728de89d7eb299f4b6fb3a2d531507482245a3343865509
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame C8AB 		0
0
rid
match.adsrvr.org/track/ Frame C8AB 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
74ba85f8a580165c3b7163af45f43db54661ae043973532aead8fb55ed81c9e4

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 05 Jan 2023 19:21:28 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=luIOmnxxck5rVUVsQTU0ZmIvZXY4S1dBT0F5ejJKQWsrdE43Q2FYOGpmNzBta2g2VkNWQzh6alJaOE8ySVc0QWpuOHk2S1N2SlYwZnhCc0hNaDBzNTUvL0ZLNzZZZVo3REdVQXhMYVFDeWR1QjNndlJjRUlDNXZPQlRhRkZ5R1hhbU4yb0w0YXZCbyt6dVBtMXcrVVl0STVOSm9QQis4dUNvUllHSXJpdVBnM3NoS2JDSEpNUmRVTzhsbmV6cXIxZkg1bGpoSklPWUN0RlgrRjhIekhuSVdCZlFUVTVRVUhpdC9XanFmNFAxMUdDa0drTytjRitZR2RNSHhsVzJwdEtxQ0FjbW9rVW45eDBySmdjbDgvZUpQVTdaRVNMbFRFSC9yTzg0SVV6WkFkS0pjND18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
526076
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 9639 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjXu9OwwEg2L74qqHwEHOSZAqlbBpagSg4e2r-DPvdEOXAVfykFLOCt0hv6BKcNkAyCpn_Hq0Rw9dxSy-H0LFOpUvv-eyrKIAMbDockVCzW_F4fZgF&sig=Cg0ArKJSzJ3WF80fwEKSEAE&id=lidar2&mcvt=1038&p=1053,1090,1303,1388&mtos=0,0,1038,1038,1038&tos=0,0,1038,0,0&v=20221205&bin=7&avms=nio&bs=1600,1200&mc=0.59&vu=1&app=0&itpl=3&adk=3948559212&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670354487248&rpt=108&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=298&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486460&de=388894236380&cu=1670354486460&m=1920&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=59&vx=59%3A59%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=1000&an=107&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1000&kw=821&aj=1&pg=59&pf=59&ib=1&cc=1&bw=1000&bx=107&ci=1000&jz=821&dj=1&aa=0&ad=789&cn=0&gk=0&gl=0&ik=0&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=821&cd=213&ah=821&am=213&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=middle&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=friendly%20iframe&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tz=middle&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=1098615587&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:28 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mZG5W3xDTzdyL0lPYTFKYyt6K1o0RExUaHhJMXZoTlRDQklRSjBSZDJhdnlaK29DRHF6WU9iajZzVW9PSk11aFBGODB6dk1WR2NUS2d4MlJQMHBwVlNEWEkxTTJyLzNNK283Zm5VK3FVWjJvMXBRYWdPbTk4NkNxRHVrOVRuc3lSNGxZVnVDRnRKUlJjYmhiT0VNZGo1WFNTL0xlSEhmalJjVmJBZ0EzV3p3cmpQRG53aTh5WXJZQS9YaHRWcTVlYXR0MzBMamVTY1VROVdiWVRqSXdvQjcrckllOVovTG9JbEgwdGRpWVVmOVFTMkRUeUlVbmpYSklnRklPOFpSTDZXbDFva3ZQR3FhTmZ3WWtDNHMrcEVBR2JkMWF6SFVrMUlOTTZrbHZuNlFUY3l5RT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 19:21:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
495730
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ Frame AAAE 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a13b8edf519611379569011dc81fd20613ad68500e67f98f74ee0df28527aea6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
692.json
id5-sync.com/g/v2/ Frame AAAE 		215 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19333/hb_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
cede4ad9cbeb6620ef1b6e7957ad41cea84eb46a3a0c9229839dd1cbdb01edf3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cutimes.com%2F&domain=www.cutimes.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
555605
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cutimes.com%2F&domain=www.cutimes.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=kpDEcHxmNWNnZGFtTzVLSVVUZ2xRc2daWTZLYmg4NERXZ3FpeUVjbUZIcmhPeDdhUUVSZHdpbzV0Y1BsQVd0cER5RjhneDlGOE1jTjI5OUtoN0dIUGhvallpeUpqaWZ6NDJoQ25BelRpQ216dG5lUk9JYnFEQXN6WFI1WD...
418 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kpDEcHxmNWNnZGFtTzVLSVVUZ2xRc2daWTZLYmg4NERXZ3FpeUVjbUZIcmhPeDdhUUVSZHdpbzV0Y1BsQVd0cER5RjhneDlGOE1jTjI5OUtoN0dIUGhvallpeUpqaWZ6NDJoQ25BelRpQ216dG5lUk9JYnFEQXN6WFI1WDQxdUhyN0MrYmhqNmxGWGxiOHBLYlBmSnVWdDZEL001NlllMDVPOGFzd1NiZkZrc3BKdlV4Um9ISEl1SUEwWFZ3emZDeUNvOXhBbFMrSjU2cExEOFFyVjZxbDhvR2plOHJoanBRdERjbm81ejZ2YzRxQ2wzV1NnQVdvTENESTQ0emxJbFU2M0Yrc2NvdnJuSDYvTHNQOGFpbGRJcm44UDkwc0tET3lkUkpoNkFUbnQ5bU9QOD18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d02f2fc62f36ca85e3000ee46d68040c6e23e5109cf272b9acdb946bbf1dce08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
68504998
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=kpDEcHxmNWNnZGFtTzVLSVVUZ2xRc2daWTZLYmg4NERXZ3FpeUVjbUZIcmhPeDdhUUVSZHdpbzV0Y1BsQVd0cER5RjhneDlGOE1jTjI5OUtoN0dIUGhvallpeUpqaWZ6NDJoQ25BelRpQ216dG5lUk9JYnFEQXN6WFI1WDQxdUhyN0MrYmhqNmxGWGxiOHBLYlBmSnVWdDZEL001NlllMDVPOGFzd1NiZkZrc3BKdlV4Um9ISEl1SUEwWFZ3emZDeUNvOXhBbFMrSjU2cExEOFFyVjZxbDhvR2plOHJoanBRdERjbm81ejZ2YzRxQ2wzV1NnQVdvTENESTQ0emxJbFU2M0Yrc2NvdnJuSDYvTHNQOGFpbGRJcm44UDkwc0tET3lkUkpoNkFUbnQ5bU9QOD18&cppv=2
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
618358
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 47A3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19415
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 07 Dec 2022 00:45:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5EF1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 06 Dec 2022 19:21:28 GMT
ETag
"623de86a-cf34"
Expires
Wed, 07 Dec 2022 19:21:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame EC1E 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85401
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 05 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-id
H788GVkiA2jK_a_qFXpN1krQuJI2VxgdmGo-8-VM8azSomsm_4Co5Q==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame BD74 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 19:21:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame EF6D 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2I9ST&prvid=2034%2C173%2C294%2C251%2C175%2C178%2C255%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C337%2C338%2C70%2C97%2C55%2C99%2C77%2C2022%2C3012%2C182%2C3010%2C141%2C186%2C222%2C244%2C201%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e0966a8b5ee6f6fa157d3e27049658e584f0f998b18e6148aa7210c958fc200c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8247
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
Thu, 08 Dec 2022 19:21:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a13b8edf519611379569011dc81fd20613ad68500e67f98f74ee0df28527aea6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
692.json
id5-sync.com/g/v2/ 		216 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.mediafuse.com
URL: https://player.mediafuse.com/prebidlink/463987/hb_302826_14704.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
811afa2826fbca93d3675493bbad9849c4d7a93f8bc50807c8919fe7a3d69342
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Tue, 06 Dec 2022 19:21:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 47A3 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80553582&p=159302&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0fbc4f6f566cbd37d3852a58bdaec5ee3582a2c2d0d701879eb8fc4fa6ab1d8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kpDEcHxmNWNnZGFtTzVLSVVUZ2xRc2daWTZLYmg4NERXZ3FpeUVjbUZIcmhPeDdhUUVSZHdpbzV0Y1BsQVd0cER5RjhneDlGOE1jTjI5OUtoN0dIUGhvallpeUpqaWZ6NDJoQ25BelRpQ216dG5lUk9JYnFEQXN6WFI1WDQxdUhyN0MrYmhqNmxGWGxiOHBLYlBmSnVWdDZEL001NlllMDVPOGFzd1NiZkZrc3BKdlV4Um9ISEl1SUEwWFZ3emZDeUNvOXhBbFMrSjU2cExEOFFyVjZxbDhvR2plOHJoanBRdERjbm81ejZ2YzRxQ2wzV1NnQVdvTENESTQ0emxJbFU2M0Yrc2NvdnJuSDYvTHNQOGFpbGRJcm44UDkwc0tET3lkUkpoNkFUbnQ5bU9QOD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
488527
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame BD74 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
17280e1af0793a5d11cbcc7193aebadcc77393a3b093a3937253a11623b6c216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 09:34:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51237
Connection
keep-alive
Content-Length
10067
Expires
Wed, 07 Dec 2022 09:35:25 GMT
13926
g2.gumgum.com/usync/ Frame 9C04 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.174.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-174-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
588db713e825897512cf9da6dc27dd36c71541f81c7679ce3a755b372630d7cb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 06 Dec 2022 19:21:28 GMT
etag
W/"0575f40874627a10600a8645ce5e68c82"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame D823 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame F796 		857 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d0c7e18f14b64cbb48df333ebf5c343768dabc398e4636adaa9bd586afd0e567

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
857
content-type
text/html
date
Tue, 06 Dec 2022 19:21:28 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B313
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d0898119acdf1f2d8f7d5e8c05d04ab250a6e0b4bcfa04718e0fedb8293fcd

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
775762836dbebb41-FRA
content-encoding
br
content-type
text/html
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ol2tHdeNcjRhhX0B%2BlsEQrzZvsVOlJaqWtlOlr%2F%2BbVlGvg%2FpHwUg5M1fQS%2FtVg6PWVJMAXKGmT6s5p%2BbpQ%2BuxwnNnciHZ%2FuHjr69dFLz%2F1o3oIvuVUFK6t6mPVgcGgA4uGNImLzxV6niSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77576282cce19231-FRA
content-length
0
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4LxWdqozCZ37zLUIdKJ5n9pWzSQfy2oOSn4jRYw%2BMuctYIkZ2x2PWHYwDMJ99oKLFck5tiqumNBjIbWJReqmqh%2FhfFFaz47CVgcWEEbNWXnt9xXaJtHLT3JQwGBMkXR0KInl63EwEpXjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B425
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 19:21:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Dec 2022 19:21:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F68 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19415
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 07 Dec 2022 00:45:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame FD71 		0
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2600:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 06 Dec 2022 19:21:28 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-id
Yerrud3mezkyFdLDo3tWNhNBLcG3H5c1kAiF2ZM2ql9uGwdhRRDy7Q==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame EC1E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3696989970439279498
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3696989970439279498
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:28 GMT
AN-X-Request-Uuid
2e98c549-4b37-4be7-b394-fa479b19aeee
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=3696989970439279498
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame EC1E
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FxbJrRZHiDXC3DyCRFuFtvgG
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FxbJrRZHiDXC3DyCRFuFtvgG
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FxbJrRZHiDXC3DyCRFuFtvgG
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame EC1E 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 06 Dec 2022 19:21:28 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame EC1E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1670354488773
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8196119478
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8196119478
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
etag
RXdf71d3d871d74550bde1a304d83eb674003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8196119478
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame EC1E
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5133329523337590869
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5133329523337590869
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5133329523337590869
Date
Tue, 06 Dec 2022 19:21:28 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame EC1E 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-180
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame EC1E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=f929bee8-85d6-44ca-9d6e-8bc017c9187a&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=f929bee8-85d6-44ca-9d6e-8bc017c9187a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=f929bee8-85d6-44ca-9d6e-8bc017c9187a&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 06 Dec 2022 19:21:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame EC1E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
date
Tue, 06 Dec 2022 19:21:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame EC1E
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kOGFhMzEzYi1hZDU4LTMyN2EtODg0NS01MmU5YTUzYTA...
0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kOGFhMzEzYi1hZDU4LTMyN2EtODg0NS01MmU5YTUzYTA5MWIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kOGFhMzEzYi1hZDU4LTMyN2EtODg0NS01MmU5YTUzYTA5MWIyAhIMOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-180
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kOGFhMzEzYi1hZDU4LTMyN2EtODg0NS01MmU5YTUzYTA5MWIQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kOGFhMzEzYi1hZDU4LTMyN2EtODg0NS01MmU5YTUzYTA5MWIyAhIMOAE=
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:29 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame EC1E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
date
Tue, 06 Dec 2022 19:21:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
c1.adform.net/serving/cookie/ Frame 2CEA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B380
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
42 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:28 GMT
Expires
Tue, 06 Dec 2022 19:21:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x26 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 1CA1
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2828243996780583654
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2828243996780583654
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2828243996780583654
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 247C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
Tue, 06 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
5276859
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame B270
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0QNDZSHRDQENNQ7MNAP3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Dec 2022 19:21:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
7CD9FG5RZ24KS9X0JKT1
Pug
simage2.pubmatic.com/AdServer/ Frame 5FAA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3696989970439279498&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3696989970439279498&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
90b6611d-7513-4c53-91f3-14ab1df3aab4
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Dec 2022 19:21:28 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3696989970439279498&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 47A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=at5km-SHSa2nskMUt85qJQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19415
accept-ranges
bytes
content-length
5549
expires
Wed, 07 Dec 2022 00:45:03 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 47A3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=04b0638f-9638-4200-afd4-e8dab7922975
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=04b0638f-9638-4200-afd4-e8dab7922975
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 06 Dec 2022 19:21:28 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=04b0638f-9638-4200-afd4-e8dab7922975
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Dec 2022 19:21:27 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=50e10498978ed545/gdpr=0/ Frame 47A3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=50e10498978ed545/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=50e10498978ed545/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.222
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=50e10498978ed545/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 47A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkFERTY0OUItRTQ4Ny00OUFELUE3QjItNDMxNEI3Q0U2QTI1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 47A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxcQxtgSPyI87IG_ReSDCg&google_cver=1
42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxcQxtgSPyI87IG_ReSDCg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIxcQxtgSPyI87IG_ReSDCg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 47A3 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 05 Dec 2022 19:21:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 47A3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7620339787543770961
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7620339787543770961
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7620339787543770961
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 47A3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.js
eus.rubiconproject.com/ Frame B425 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
17280e1af0793a5d11cbcc7193aebadcc77393a3b093a3937253a11623b6c216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 09:34:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51237
Connection
keep-alive
Content-Length
10067
Expires
Wed, 07 Dec 2022 09:35:25 GMT
sync
ads.servenobid.com/ Frame F796 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6856827104190220631&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame F796
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3696989970439279498&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3696989970439279498&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:28 GMT
AN-X-Request-Uuid
877fc21a-3fbf-4510-a839-bd0dba54aa7a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=3696989970439279498&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame F796
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e18c5baa-d7fb-49cd-87b0-68ae94da4095&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e18c5baa-d7fb-49cd-87b0-68ae94da4095&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:27 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=e18c5baa-d7fb-49cd-87b0-68ae94da4095&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1405357
content-length
0
expires
Tue, 06 Dec 2022 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame F796
Redirect Chain
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=76a43c1df3&gdpr=0&gdpr_consent=
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=76a43c1df3&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Tue, 06 Dec 2022 19:21:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=76a43c1df3&gdpr=0&gdpr_consent=
Connection
keep-alive
X-XSS-Protection
1; mode=block
smartadserver
cs.admanmedia.com/sync/ Frame F796 		0
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=2&h=250&w=298&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486460&de=388894236380&cu=1670354486460&m=2338&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=59&vx=59%3A59%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=1419&an=1000&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1000&kw=821&aj=1&pg=59&pf=59&ib=1&cc=1&bw=1419&bx=1000&ci=1000&jz=821&dj=1&aa=1&ad=1208&cn=789&gk=0&gl=0&ik=0&co=1208&cp=1311&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1311&cd=821&ah=1311&am=821&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=middle&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=friendly%20iframe&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tz=middle&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=1798787281&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:28 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B425 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LBCLXL35-21-5KLF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
usersync.gumgum.com/ Frame 9C04
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3696989970439279498
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3696989970439279498
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:28 GMT
AN-X-Request-Uuid
51c79c04-6202-48ee-9abb-6f74c92284d8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=3696989970439279498
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 9C04 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_8792cbba-f564-421e-94bb-6e75c8a3d977&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.180.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-180-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
cache-control
no-cache, no-store, must-revalidate
usersync
usersync.gumgum.com/ Frame 9C04
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4a099f24-c8a9-4849-74b8-15a737474c1a$ip$185.213.155.176
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4a099f24-c8a9-4849-74b8-15a737474c1a$ip$185.213.155.176
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-4a099f24-c8a9-4849-74b8-15a737474c1a$ip$185.213.155.176
Date
Tue, 06 Dec 2022 19:21:29 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 9C04
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_8792cbba-f564-421e-94bb-6e75c8a3d977&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=st_UGUQF0CMDBd0sY1Xp&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT243UL5KUOVKRIYYEGTKEIJSDA42ZGFMHA...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=st_UGUQF0CMDBd0sY1Xp&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=st_UGUQF0CMDBd0sY1Xp&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=st_UGUQF0CMDBd0sY1Xp&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9C04
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5586030533
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5586030533
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
etag
RXdf71d3d871d74550bde1a304d83eb674003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5586030533
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 9C04
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=csMngY5k7Ylz&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=csMngY5k7Ylz&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=csMngY5k7Ylz&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-846b69b469-f8ltz
expires
-1
c.gif
c.bing.com/ Frame 9C04
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28prD4OVlsL-U2F2vNuVqWwz5_PZMqCRnxhsQJBonmmtYk-iZImjysjwQdGzf2-EVC%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_8792cbba-f564-421e-94bb-6e75c8a3d977&obuid=ENC(prD4OVlsL-U2F2vNuVqWwz5_PZMqCRnxhsQJBonmmtYk-iZImjysjwQdGzf2-EVC)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
last-modified
Thu, 13 Oct 2022 20:07:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 605C290860514550B924EACB5D2D4ACC Ref B: FRAEDGE1909 Ref C: 2022-12-06T19:21:29Z
etag
"40db785d3fdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

Location
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Date
Tue, 06 Dec 2022 19:21:29 GMT
X-TraceId
c553c23d172757c97f296d9cd1c301ba
Content-Length
0
usersync
usersync.gumgum.com/ Frame 9C04
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=d3d17cc0-3936-4e33-859b-a691ba3f3ee7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=d3d17cc0-3936-4e33-859b-a691ba3f3ee7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 06 Dec 2022 19:21:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=d3d17cc0-3936-4e33-859b-a691ba3f3ee7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 9C04
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-fGc3NeFE2ped4SQOgJME_X3nvJCZlk7AYnp1~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-fGc3NeFE2ped4SQOgJME_X3nvJCZlk7AYnp1~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 06 Dec 2022 19:21:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-fGc3NeFE2ped4SQOgJME_X3nvJCZlk7AYnp1~A
content-length
0
usersync
usersync.gumgum.com/ Frame 9C04
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1996eedc-134b-4745-8889-ee384d3aec18
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1996eedc-134b-4745-8889-ee384d3aec18
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1996eedc-134b-4745-8889-ee384d3aec18
Date
Tue, 06 Dec 2022 19:21:29 GMT
Connection
keep-alive
X-CI-RTID
cb0c821c-26ff-4a1a-ba9a-c4dc4c136e2a
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 9C04 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:29 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
939068055
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 9C04 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 9C04
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=831dfa31-2b2d-4d0e-8e4b-2099f2d97591
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=831dfa31-2b2d-4d0e-8e4b-2099f2d97591
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=831dfa31-2b2d-4d0e-8e4b-2099f2d97591
access-control-allow-origin
*
date
Tue, 06 Dec 2022 19:21:28 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 9C04
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6856827104190220631
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6856827104190220631
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6856827104190220631
date
Tue, 06 Dec 2022 19:21:28 GMT
content-length
0
sync
ads.servenobid.com/ Frame 9C04 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_8792cbba-f564-421e-94bb-6e75c8a3d977
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame BD74
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9DqFy-n3QL-SAEfEzZNC9w&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9DqFy-n3QL-SAEfEzZNC9w&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9DqFy-n3QL-SAEfEzZNC9w&gdpr=0
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3JT2SWKKZ8FV7S4C23A8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9DqFy-n3QL-SAEfEzZNC9w&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame BD74
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDTFhMMzUtMjEtNUtMRg==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDTFhMMzUtMjEtNUtMRg==&gdpr=0
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJDTFhMMzUtMjEtNUtMRg==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame BD74
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_zeR4xsSQEeE75SjXS0BXA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_zeR4xsSQEeE75SjXS0BXA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_zeR4xsSQEeE75SjXS0BXA&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D02NT5JZNXZPQCNRB1DF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_zeR4xsSQEeE75SjXS0BXA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BD74
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/oIE7CKoamE8PguR-NxL2o8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qPU3_a5E2oK181F2EaTXeGL20EtWgUevtYHebw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qPU3_a5E2oK181F2EaTXeGL20EtWgUevtYHebw--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 06 Dec 2022 19:21:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qPU3_a5E2oK181F2EaTXeGL20EtWgUevtYHebw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame BD74
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDkVyPhxsbLsvzOwgXhIVnY&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDkVyPhxsbLsvzOwgXhIVnY&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEDkVyPhxsbLsvzOwgXhIVnY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BD74
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDgxMjM3OTJmODUyNjhlNGJkNjQ4ZTRjMjViMWQ5NjY1M2RiOWFlMQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDgxMjM3OTJmODUyNjhlNGJkNjQ4ZTRjMjViMWQ5NjY1M2RiOWFlMQ&gdpr=0
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDgxMjM3OTJmODUyNjhlNGJkNjQ4ZTRjMjViMWQ5NjY1M2RiOWFlMQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame BD74 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame BD74
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCLXL35-21-5KLF&gdpr=0
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCLXL35-21-5KLF&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:29 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5579C5AC021C40C98284B61E4B973DDE Ref B: FRAEDGE1317 Ref C: 2022-12-06T19:21:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvLbX3wtO3onz0iXbt2A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBCLXL35-21-5KLF&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
0.gif
id5-sync.com/i/495/ Frame AE31
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 06 Dec 2022 19:21:28 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 19:21:29 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 366D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19415
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 07 Dec 2022 00:45:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 7434 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 06 Dec 2022 19:21:28 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 9C8C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:28 GMT
Expires
Tue, 06 Dec 2022 19:21:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x12 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=6e48638f-9638-4f00-aa5d-764c1d54e28d&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 1D54
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 06 Dec 2022 19:21:28 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4077-HHN
x-timer
S1670354489.927452,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 92EE 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84NzkyY2JiYS1mNTY0LTQyMWUtOTRiYi02ZTc1YzhhM2Q5Nzc=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 3B5D
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=3696989970439279498&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=3696989970439279498brt51531670354488930095f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=3696989970439279498brt51531670354488930095f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 06 Dec 2022 19:21:28 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=3696989970439279498brt51531670354488930095f1
usersync
usersync.gumgum.com/ Frame 6233
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y4.WOcCo8X8AAHQlDF0AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y4.WOcCo8X8AAHQlDF0AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Dec 2022 19:21:29 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y4.WOcCo8X8AAHQlDF0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad179.dc4p.scaleout.jp
X-SO-IP
185.213.155.176
X-SO-Key
Y4.WOcCo8X8AAHQlDF0AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y4.WOcCo8X8AAHQlDF0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad179"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad179
usersync
usersync.gumgum.com/ Frame 087D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y4.WOOAUdypKCekayna0dAAA%261129
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y4.WOOAUdypKCekayna0dAAA%261129
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
775762838dfebb41-FRA
content-length
0
date
Tue, 06 Dec 2022 19:21:28 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y4.WOOAUdypKCekayna0dAAA%261129
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrZRI0Xy%2FzW%2FyFswjSj2zKwozLkKw%2BDzDO1F8W%2B21G7cYQZUVM%2FjG%2FYhV90UXtJh3JzmOB5k7FcHooHJ%2BjMGpUGfK9fU2q50mNWyXfCV9AHe7wEO%2BoT0xvjxMe%2FiRwTadUafUjYQ6lgNHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 5EC8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=M7s1vpieblWpp00kUfTd&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=M7s1vpieblWpp00kUfTd&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 06 Dec 2022 19:21:28 GMT Tue, 06 Dec 2022 19:21:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=M7s1vpieblWpp00kUfTd&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 8504
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 19:21:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Dec 2022 19:21:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
crum
dsum-sec.casalemedia.com/ Frame B313
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y4.WOOAUdypKCekayna0dAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKIlttw8tE2gj_RBhXK_97Y&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKIlttw8tE2gj_RBhXK_97Y&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKIlttw8tE2gj_RBhXK_97Y&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B313 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame B313
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4-WOOAUdypKCekayna0dAAABGkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECRCvNEb6fBMKrFQshP5PBM&google_cver=1
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECRCvNEb6fBMKrFQshP5PBM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASz%2B%2FTJ9avVGcn%2B95Gz66997pXAP38QsTa7rLlmNyHTbdfU2ODDBdeBPGYRzRnoVvgxEy%2FWe%2FqhR88BrPs%2FMQt7LtRICZWomhFh9Zl4gq%2FKiQvc6e%2FcWXzVGQ87cYYmuxs%2FWBWCNIT7Xhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
775762850902bb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECRCvNEb6fBMKrFQshP5PBM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B313 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4-WOOAUdypKCekayna0dAAABGkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QV99KSQ858PYRFS77PDY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame B313 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
tp_out
d.adroll.com/cm/index/ Frame B313 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:f373:8994:d3a2:58c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:29 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
Y4-WOOAUdypKCekayna0dAAABGkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B313 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4-WOOAUdypKCekayna0dAAABGkAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:7f9a:bd97:bacb:ca94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame B313
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4_WNAAAAHjHCAOJ
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4_WNAAAAHjHCAOJ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn4077-HHN
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670354489.050821,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4_WNAAAAHjHCAOJ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ads.servenobid.com/ Frame B313 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y4-WOOAUdypKCekayna0dAAABGkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 8504 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
17280e1af0793a5d11cbcc7193aebadcc77393a3b093a3937253a11623b6c216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 09:34:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51236
Connection
keep-alive
Content-Length
10067
Expires
Wed, 07 Dec 2022 09:35:25 GMT
async_usersync
ib.adnxs.com/ Frame 5EF1 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
AN-X-Request-Uuid
c3e3fe9b-d6b4-4a2a-8909-0d897323158a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 8504 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBCLXL35-21-5KLF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel.gif
px.moatads.com/ Frame 18F6 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=PTARMIGANMEDIA1&ol=2340456993&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-3gDfcs6wZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-PEJbAQUemUlCYg%3D%3D&sc=1&os=1-8Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1180&qe=300&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=177&w=220&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.cutimes.com&lp=https%3A%2F%2Fwww.cutimes.com&t=1670354484275&de=6680884383&cu=1670354484275&m=5368&ar=67fa5e2a4e8-clean&iw=8910d4f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=300&le=1&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A736%3A368&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5163&cd=25&ah=5163&am=25&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A3000sec%3Acumulative&cl=0&at=0&d=27452628%3A1405503%3A350325247%3A180572344&bd=cutimes.com&bo=cutimes.com&gw=ptarmiganmediadcm677757797954&zMoatOrigSlicer1=1405503&zMoatOrigSlicer2=350325247&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=201243&na=1245839731&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:29 GMT
/
id.a-mx.com/sync/ Frame C8AB 		102 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://www.cutimes.com/?slreturn=20221106142122&u=https://www.cutimes.com/?slreturn=20221106142122&v=6.29.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
197bf2e0a249b63f2c15cb4d84d03f22e8e5eb667df2d7f9bcd042be879f040f

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 19:21:30 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scrv5W3n9A0pFHXG1DrGweAfMotsE3Ny2BEaAui84su1H9CvX92RLkddUm9XOH7naBOYQWRk89mL6QQ3JAVDQoAS4wOoltF9qB%2BIX0b5O3AAPjByviOCsOm%2FVl%2FLFEr4cVPc7gfvFN3IOg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-type
application/json
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
7757628afd376d6e-MUC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f
fid.agkn.com/ Frame C8AB 		0
0
pd
u.openx.net/w/1.0/ Frame F98C 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 06 Dec 2022 19:21:30 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame F189 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 06 Dec 2022 19:21:30 GMT
ETag
"623de86a-cf34"
Expires
Wed, 07 Dec 2022 19:21:32 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9480 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19413
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:30 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 07 Dec 2022 00:45:03 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 57F3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
558
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7757628b0b7a92b1-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:30 GMT
expires
Tue, 06 Dec 2022 23:21:30 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0D55 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Dec 2022 19:21:30 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 5EF1 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:30 GMT
AN-X-Request-Uuid
046c10b9-a440-4b8d-96ff-51dfa3d910e1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 0D55 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
17280e1af0793a5d11cbcc7193aebadcc77393a3b093a3937253a11623b6c216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Dec 2022 09:34:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51235
Connection
keep-alive
Content-Length
10067
Expires
Wed, 07 Dec 2022 09:35:25 GMT
async_usersync
ib.adnxs.com/ Frame F189 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:30 GMT
AN-X-Request-Uuid
5fdc226b-7c93-4594-a0f2-4121d8f9fa04
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2E10 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f825aa446821f33314229d82989f061864eeaa43821176d8049971250f9620e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7757628b9e5bbb41-FRA
content-encoding
br
content-type
text/html
date
Tue, 06 Dec 2022 19:21:30 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyUFyY2CdDoSeBQlRf%2F0XZRUF7o30qrT0xzVUY3skj8TJllTByo7tOdCVIM99YuzOeF%2BErI6bStZRyAGdnZylrIYX7unM8mBDGZJkdLVPbvIQ%2FkWmRD6r9UtHbF1fM%2FSXXxKdIilPi7uyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame 2E10
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3696989970439279498
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3696989970439279498
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:30 GMT
AN-X-Request-Uuid
0a248334-d07a-4d49-a015-2dad86b7130c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3696989970439279498
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y4-WOOAUdypKCekayna0dAAABGkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2E10
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4-WOOAUdypKCekayna0dAAABGkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4-WOOAUdypKCekayna0dAAABGkAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4-WOOAUdypKCekayna0dAAABGkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3602:7f9a:bd97:bacb:ca94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y4-WOOAUdypKCekayna0dAAABGkAAAAB
date
Tue, 06 Dec 2022 19:21:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 2E10
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADMGE7HHywAACC4EAEUiw&expiration=1671564090
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADMGE7HHywAACC4EAEUiw&expiration=1671564090
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADMGE7HHywAACC4EAEUiw&expiration=1671564090
Date
Tue, 06 Dec 2022 19:21:30 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 2E10
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6e48638f-9638-4f00-aa5d-764c1d54e28d
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6e48638f-9638-4f00-aa5d-764c1d54e28d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 06 Dec 2022 19:21:30 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6e48638f-9638-4f00-aa5d-764c1d54e28d
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Dec 2022 19:21:29 GMT
crum
dsum-sec.casalemedia.com/ Frame 2E10
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame 2E10
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4-WOOAUdypKCekayna0dAAABGkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECRCvNEb6fBMKrFQshP5PBM&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECRCvNEb6fBMKrFQshP5PBM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pf%2BGaVIDGZfW5OKENK96aGwDXpA6mEISBxNwqZYijQYJ539zRmXEVd7KYfajML9k1%2BNLmPOGQcD9Ad%2BjQcbHG%2FQls3t8jkCdpi0V84fC%2Ft4DIJ%2BCKkwFXDxGlAm07zX9JUcNRcDxh6KQuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7757628c5faebb41-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECRCvNEb6fBMKrFQshP5PBM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2E10 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:29 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 2E10
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0yOG43Qk1P2Dvs5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0yOG43Qk1P2Dvs5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:29 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0yOG43Qk1P2Dvs5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2E10 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4.WOOAUdypKCekayna0dAAA%261129
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.cutimes.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:30 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
74958
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7757628c594f912e-FRA
content-length
43
expires
Wed, 07 Dec 2022 19:21:30 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 47A3 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159302&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159302&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
0184e8e2ba060067c6e0febf45c003073003006b00b08
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 		27 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-eu-central-1.tealiumiq.com/alm/main/0184e8e2ba060067c6e0febf45c003073003006b00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1670354491033
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.80.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-80-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-version
cf3f1085ffdb019d2f47243544d6f9ed56d97859-SNAPSHOT
date
Tue, 06 Dec 2022 19:21:31 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-region
eu-central-1
content-length
27
x-nodeid
i-0346d2d330681e752
content-type
application/javascript; charset=utf-8
async_usersync
ib.adnxs.com/ Frame F189 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:31 GMT
AN-X-Request-Uuid
6434acf1-6f7d-4294-94e4-13c4fea04156
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486373&de=861604665516&cu=1670354486373&m=5100&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=5086&an=1277&gi=1&gf=5086&gg=1277&ix=5086&ic=5086&ez=1&ck=1073&kw=876&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5086&bx=1277&ci=1073&jz=876&dj=1&aa=1&ad=4977&cn=1168&gn=1&gk=4977&gl=1168&ik=4977&co=1168&cp=1077&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4889&cd=1077&ah=4889&am=1077&xd=00&rf=0&re=1&ft=4877&fv=1168&fw=964&wb=2&cl=0&at=0&d=5212567919%3A3080474871%3A6108598769%3A138405511493&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=top&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=top&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=871573099&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:31 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486448&de=761864786678&cu=1670354486448&m=5228&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5023&cd=3&ah=5023&am=3&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5225625599%3A3101239881%3A6141046553%3A138410157583&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=middle1&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tz=middle1&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=1941207505&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:31 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1F68 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97983219&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
584b1726c9af7ad2de89b5a1a8ab9417ddbe418bff5397bae03e7c3addb3909a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 06 Dec 2022 19:21:31 GMT
content-length
1993
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame F0C1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GXpzCxZ_eA8CKngLS3xmDhp7fQwCentcFnka2mwf
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GXpzCxZ_eA8CKngLS3xmDhp7fQwCentcFnka2mwf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 06 Dec 2022 19:21:31 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GXpzCxZ_eA8CKngLS3xmDhp7fQwCentcFnka2mwf
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame ED3E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174117911603050643&gdpr=0&gdpr_consent=
42 B
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174117911603050643&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 06 Dec 2022 19:21:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174117911603050643&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 7589
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=SgmfJMipSEl0uBWnN0dMGrnVm7A
568 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=SgmfJMipSEl0uBWnN0dMGrnVm7A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:31 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Dec 2022 19:21:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=SgmfJMipSEl0uBWnN0dMGrnVm7A
Pug
image2.pubmatic.com/AdServer/ Frame 428F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETUdFN0hIeXdBQUNDNEVBRVVpdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADMGE7HHywAACC4EAEUiw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6856827104190220631&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADMGE7HHywAACC4EAEUiw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6856827104190220631%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6856827104190220631&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADMGE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMGE7HHywAACC4EAEUiw&gdpr=0&gdpr_consent=
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMGE7HHywAACC4EAEUiw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:31 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 06 Dec 2022 19:21:32 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMGE7HHywAACC4EAEUiw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame BAEC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
568 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 19:21:31 GMT
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 06 Dec 2022 19:21:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4077-HHN
x-timer
S1670354492.780692,VS0,VE0
sync
ads.servenobid.com/ Frame 7BEC 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.146.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-146-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Tue, 06 Dec 2022 19:21:31 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 1F68
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&addseg=19,36,42
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Redirect headers

date
Tue, 06 Dec 2022 19:21:31 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 1F68
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:31 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:31 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1F68 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77576295ca21162b-DUS
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 1F68
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
54.84.251.28 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:21:32 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 06 Dec 2022 19:21:32 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1F68
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=7bec5b54-230f-4b45-b369-16942f402d97&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac27263e-e366-4300-ac6a-4f415c6b54c6&gdpr=&gdpr_consent=&gdpr_pd=
1 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac27263e-e366-4300-ac6a-4f415c6b54c6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 19:21:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ac27263e-e366-4300-ac6a-4f415c6b54c6&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 06 Dec 2022 19:21:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
6ADE649B-E487-49AD-A7B2-4314B7CE6A25
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1F68 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6ADE649B-E487-49AD-A7B2-4314B7CE6A25?gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:7f9a:bd97:bacb:ca94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 1F68
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.fxXJCdE2uW8vuncbBE72_tpGdIRt9k-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.fxXJCdE2uW8vuncbBE72_tpGdIRt9k-~A&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 19:21:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.fxXJCdE2uW8vuncbBE72_tpGdIRt9k-~A&gdpr=0&gdpr_consent=
date
Tue, 06 Dec 2022 19:21:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1F68 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1F68 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:31 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 366D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53104300&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8e8a7d418b79053988a71ff95ee9eaf4a553732446f8e3192296a7a984e15e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 06 Dec 2022 19:21:31 GMT
content-length
1807
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 3A29
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 19:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 06 Dec 2022 19:21:32 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
_
i.match
s.tribalfusion.com/z/ Frame AF37
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
775762985efa9bb8-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
775762971c789bb8-FRA
content-type
text/html
date
Tue, 06 Dec 2022 19:21:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
182
generic
match.adsrvr.org/track/cmf/ Frame A38E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5114139123
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5114139123
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 06 Dec 2022 19:21:32 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 06 Dec 2022 19:21:32 GMT
etag
RXdf71d3d871d74550bde1a304d83eb674003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5114139123
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 81FF 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:32 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-59cf34743fdb@version_1.531
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame BEBD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 06 Dec 2022 19:21:32 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
gdpr_consent=
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame 7850
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVanbaWRSRTSnQVWV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Tue, 06 Dec 2022 19:21:32 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.6.99

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVanbaWRSRTSnQVWV
bridge
cm.adgrx.com/ Frame 2D06 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 06 Dec 2022 19:21:32 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
usersync
usersync.gumgum.com/ Frame 5609 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 06 Dec 2022 19:21:32 GMT
Expires
0
Pragma
no-cache
ids
idsync.frontend.weborama.fr/ Frame 366D
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=120529127
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:31 GMT
via
1.1 google
last-modified
Tue, 06 Dec 2022 19:21:32 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6ADE649B-E487-49AD-A7B2-4314B7CE6A25
date
Tue, 06 Dec 2022 19:21:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame 366D 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-234.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 19:21:32 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.35
content-length
49
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 366D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7868335450913917825&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7868335450913917825&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 19:21:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7868335450913917825&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 366D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bbbcc5e2-a4c2-4252-a06a-ff05081edd9e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bbbcc5e2-a4c2-4252-a06a-ff05081edd9e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bbbcc5e2-a4c2-4252-a06a-ff05081edd9e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 06 Dec 2022 19:21:32 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 366D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3696989970439279498
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3696989970439279498
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Dec 2022 19:21:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 19:21:32 GMT
AN-X-Request-Uuid
d62475dd-25f5-4da7-8bee-26030c8bb83a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3696989970439279498
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=4&h=320&w=1400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486497&de=361738367914&cu=1670354486497&m=5630&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=5168&an=1178&gi=1&gf=5168&gg=1178&ix=5168&ic=5168&ez=1&ck=1178&kw=1020&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5168&bx=1178&ci=1178&jz=1020&dj=1&aa=1&ad=5065&cn=1075&gn=1&gk=5065&gl=1075&ik=5065&co=1075&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5008&cd=1020&ah=5008&am=1020&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=4969214788%3A3076154121%3A6101758007%3A138413816362&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=super_hero&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=find%20iframe%20parent&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=super_hero&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=279704418&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:32 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=5&h=320&w=1400&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486497&de=361738367914&cu=1670354486497&m=5839&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=5376&an=5168&gi=1&gf=5376&gg=5168&ix=5376&ic=5376&ez=1&ck=1178&kw=1020&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5376&bx=5168&ci=1178&jz=1020&dj=1&aa=1&ad=5273&cn=5065&gn=1&gk=5273&gl=5065&ik=5273&co=1075&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5211&cd=5008&ah=5211&am=5008&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=4969214788%3A3076154121%3A6101758007%3A138413816362&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=super_hero&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=find%20iframe%20parent&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=super_hero&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=2116823876&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:32 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=3&h=250&w=298&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486460&de=388894236380&cu=1670354486460&m=6050&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=59&vx=59%3A59%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=5131&an=1419&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1000&kw=821&aj=1&pg=59&pf=59&ib=1&cc=1&bw=5131&bx=1419&ci=1000&jz=821&dj=1&aa=1&ad=4920&cn=1208&gk=0&gl=0&ik=0&co=1208&cp=1311&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5036&cd=1311&ah=5036&am=1311&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=middle&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=friendly%20iframe&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tz=middle&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=394996067&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:32 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=17&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Wg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=4&h=250&w=298&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122&id=1&ii=4&f=0&j=&t=1670354486460&de=388894236380&cu=1670354486460&m=6253&ar=67fa5e2a4e8-clean&iw=0988dad&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8647&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=59&vx=59%3A59%3A-&pe=1%3A2345%3A2345%3A2397%3A2370&as=1&ag=5333&an=5131&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1000&kw=821&aj=1&pg=59&pf=59&ib=1&cc=1&bw=5333&bx=5131&ci=1000&jz=821&dj=1&aa=1&ad=5122&cn=4920&gk=0&gl=0&ik=0&co=1208&cp=1311&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5237&cd=5036&ah=5237&am=5036&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatTopic=-&zMoatPS=middle&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=friendly%20iframe&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tz=middle&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&tc=0&fs=201243&na=225354641&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 06 Dec 2022 19:21:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 06 Dec 2022 19:21:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| oncontentvisibilityautostatechange object| __cfQR function| $ function| jQuery object| falcon object| utag_data undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| MoatNadoAllJsonpRequest_40512551 object| Moat#PML#26#1.2 boolean| Moat#EVA object| MoatDataJsonpRequest_40512551 function| __moatSlotTagLoadedalmheader466656885399 object| moatPrebidApi function| tealiumLoadMore function| tealiumAlert function| tealiumOnsiteMessage function| scShare function| tealiumSlideshow function| dfpSlideshow function| insert_x13 function| insert_mobile_middle_ads function| tealiumQuiz function| _ boolean| utag_condload boolean| m object| utag object| _gaq object| pageTracker function| loadLibrary function| SHA1 boolean| __tealium_twc_switch string| d object| c number| e number| f object| adobe function| Visitor object| s_c_il number| s_c_in string| varName function| _bmb object| vmpbjs object| vpb object| vmpbjsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| storeTimeConversion function| moment string| hasPagination string| currDomain number| currPage string| curDomain number| domainId number| limit number| itemStartPt string| contentAllLoc boolean| __cfRLUnblockHandlers object| WebFont object| storeOverlayForm function| switchCSS object| ggeac object| google_tag_data object| google_js_reporting_queue object| dpmPixels object| ___ce undefined| google_measure_js_timing object| gpt_slots_object function| pubHadronCb object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| jeengConfig object| core object| jeeng object| Criteo function| toggle_visibility function| rotate_icon function| loadNextSection function| loadNext function| shareFacebook function| shareTwitter function| shareGPlus function| shareLinkedin undefined| x13_para undefined| mobile_middle_para undefined| mobile_middle1_para object| hadron string| piAId string| piCId object| _ml string| gtagRename object| dataLayer function| gtag function| twq function| fbq function| _fbq object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| visitor number| s_objectID number| s_giq object| optimizely object| dc number| ne object| gmar number| dsts object| gnov number| dste object| spr object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt number| s_loadT object| s_i_almcut_almglobal number| _sf_startpt object| _sf_async_config number| _sf_endpt object| _linkedin string| _linkedin_data_partner_id object| GoogleGcLKhOms object| regeneratorRuntime object| twttr function| lintrk boolean| _already_called_lintrk object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_tag_manager object| GooglebQhCsO function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse object| google_image_requests boolean| attachedML function| appendScript object| ns_4_156741_yC852290 object| Adventive object| srcDoc object| ampContext boolean| preventSpecialFormat object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 function| VisSense

154 Cookies

Domain/Path Name / Value
cutimes.com/ Name: NSC_wbsojti!5_ttm_10.0.254.204
Value: ffffffff0908e00a45525d5f4f58455e445a4a423660
www.cutimes.com/ Name: NSC_wbsojti!5_ttm_10.0.254.204
Value: ffffffff0908e00445525d5f4f58455e445a4a423660
store.law.com/ Name: regSID
Value: 07d1c75e-2cf8-4dd2-be23-0b0e1666da40
.law.com/ Name: ipAddress
Value: 5l04acRVFZUqoHgusUkU
.law.com/ Name: UCID
Value: 3abab719-8c04-4892-849d-0f1862d0d950
store.law.com/ Name: CSRFToken
Value: bIRfLC8GhL3qLA64qiQBcQA5oK-JeFow6I-p2DPColA
.law.com/ Name: ActiveDomains
Value: pBFiNZNKRc5v%2fCBl81BBygc%3d
store.cutimes.com/ Name: regSID
Value: ae5148af-fa38-4b5c-a793-60ed318c0756
.cutimes.com/ Name: ipAddress
Value: 5lI%2facFUCIkvo2MysQ%3d%3d
.cutimes.com/ Name: UCID
Value: 73179e6d-4f3c-4616-84f1-7fedaaa6ff87
www.cutimes.com/ Name: ssoCompliant
Value:
.cutimes.com/ Name: hbx_lt
Value: none
.demdex.net/ Name: demdex
Value: 80909429317373971682273141557739077265
.dianomi.com/ Name: session2
Value: B=&BUID=&L=1&N=1&NT=&R=&RUID=
.cutimes.com/ Name: AMCVS_96C4370453295E4C0A490D44%40AdobeOrg
Value: 1
.dianomi.com/ Name: session
Value: e7abdbbf8402deaa4a4334672e0db193
www.cutimes.com/ Name: dpm_url_count
Value: 1
.adnxs.com/ Name: uuid2
Value: 3696989970439279498
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y4_WNAAAAHjHCAOJ
.cutimes.com/ Name: _pubcid
Value: a553714e-9c7d-4626-a4fd-d3fec7fd7d8a
a4p.adpartner.pro/ Name: apuid
Value: 39527f37-86ba-426e-b75f-d9605f936484
.dpm.demdex.net/ Name: dpm
Value: 80909429317373971682273141557739077265
.cutimes.com/ Name: AMCV_96C4370453295E4C0A490D44%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19333%7CMCMID%7C90815545051666375521282178142757400785%7CMCAAMLH-1670959283%7C6%7CMCAAMB-1670959283%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1670361683s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19340%7CvVersion%7C4.4.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlLF-vXeDEQw8ZAFi3L0aZXORbTWe50I5jb--T5aJkMJg5V6j5orefMrw9rZ4M
.cutimes.com/ Name: __gads
Value: ID=ad2dbe89cbc3199a:T=1670354484:S=ALNI_MYyNkPejs00mVxMNndQSkt1Hb3oWQ
.cutimes.com/ Name: __gpi
Value: UID=00000b8ea1ad5950:T=1670354484:RT=1670354484:S=ALNI_MbCBVoJfEh4rs08DpNNHuwT23UuJw
.adtelligent.com/ Name: vmuid
Value: 945a2df9d3b97b06
.adtelligent.com/ Name: a307558
Value: 39527f37-86ba-426e-b75f-d9605f936484
.dpmsrv.com/ Name: dpm_pxl
Value: f5f866ecfca08d0e2ba53c1b986409d2b474b1db
.dpmsrv.com/ Name: dpm_pxl_aid
Value: 3696989970439279498
www.cutimes.com/ Name: hasLiveRampMatch
Value: true
.prebid.a-mo.net/ Name: __amc
Value: 1_1670354484_1670354484
.360yield.com/ Name: tuuid_lu
Value: 1670354484
.tealiumiq.com/ Name: TAPID
Value: alm/main>0184e8e2ba060067c6e0febf45c003073003006b00b08|
.360yield.com/ Name: tuuid
Value: 831dfa31-2b2d-4d0e-8e4b-2099f2d97591
.rubiconproject.com/ Name: khaos
Value: LBCLXL35-21-5KLF
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqr6vcH22roIT5APvdogVCbaTd6KyMQnaub55ZO9yeic/OinCJsVkbY+EMertEmWyZ7kMTnLte1dCYbB5SW5XQ3DwdQPoJZYLSma+WVcS1g3g==
.cutimes.com/ Name: s_pers
Value: %20qpv_v40%3Dcut%253Ahome%7C1670356285111%3B
.cutimes.com/ Name: s_sess
Value: %20s_ppvl%3D%3B%20s_ppv%3Dcut%25253Ahome%252C19%252C19%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B
.cutimes.com/ Name: s_cc
Value: true
.cutimes.com/ Name: utag_main
Value: v_id:0184e8e2ba060067c6e0febf45c003073003006b00b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1670356283718$ses_id:1670354483718%3Bexp-session$vapi_domain:cutimes.com$dc_visit:1$dc_event:1%3Bexp-session$dc_region:eu-central-1%3Bexp-session$_prevpage:cut%3Ahome%3Bexp-1670358085104$dcsyncran:1%3Bexp-session
.cutimes.com/ Name: _cb
Value: D8ALQPBAqLlhCXMQnT
.cutimes.com/ Name: _chartbeat2
Value: .1670354485200.1670354485200.1.BKprecNS8s8DvCzGECitygfD3ZzPW.1
.cutimes.com/ Name: _cb_svref
Value: null
.tealiumiq.com/ Name: tcs.google_gid
Value: eyJhbG0vbWFpbiI6IkNBRVNFRmhnTUZlRHZmekVUR2JRSmhBRkVxUXwxNjcwMzU0NDg1MjcwIn0=
.tealiumiq.com/ Name: tcs.google_cver
Value: eyJhbG0vbWFpbiI6IjF8MTY3MDM1NDQ4NTI3MCJ9
.cutimes.com/ Name: _fbp
Value: fb.1.1670354485280.1129471931
.t.co/ Name: muc_ads
Value: 2ac7f66d-5aae-4a6c-8a49-7d9cc843f2fb
.www.cutimes.com/ Name: ln_or
Value: d
.twitter.com/ Name: personalization_id
Value: "v1_gdam1yTtBc9yvX/NpaTvtg=="
.cutimes.com/ Name: _gcl_au
Value: 1.1.2058375720.1670354485
www.cutimes.com/ Name: almGeoLoc2
Value: DE
.linkedin.com/ Name: UserMatchHistory
Value: AQJiTA8w-TIW-gAAAYTo4sB8uHmRT76RlE98PvMaDjALqeccBj116M0SX4YXZNWBGncIq22XjGnRXA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQICZECeFDk_JAAAAYTo4sB85KGw1GvnwLUmBOKpDV3omMTWd3ifHk022aQ72yh1kvsDBD9_YHWT5CElXh4Qqw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&f2de18c0-af26-40f9-8282-7d659d21b16b"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2442:u=1:x=1:i=1670354485:t=1670440885:v=2:sig=AQF4h19cPNh3wZt_lIK2I8ngm2CaEqAA"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022120619212519842dbd-95fe-40ea-82bb-a0ecabcf5b69AQEfo9ErA0784xNY7S6IH2phfnOEjHj6"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzAzNTQ0ODU7MjswMjHr4RbmmaFiIW5RDDehIUfs7QBqqcr3PE6GFKSDIGlHOA==
.cutimes.com/ Name: __cf_bm
Value: lRYtkKWPi0bjxTXJL.OaB6VyVqgIqp8_q6EQUgejzNo-1670354485-0-ATsbj8M3mYbBHrWRwHBetT6U/XX8vhR/c/qq0FN3EcCtTgzNswPViLd8T65P69SH0d1a5aLvNZmUCAUdqTBhNsbXdUADcvf28HHnV0lQLJ9bsshPrm9E2kfe6TC72skBmXmT6aNC1pnWVxgB4GEJctI=
.pardot.com/ Name: visitor_id997701
Value: 21964343
.pardot.com/ Name: visitor_id997701-hash
Value: 85c227473717345c70318d74d6273d57faed18ab90a45aa21b5f3dd0ac70e770914de10c5e2722f3b4f115ba7eaebb418d6bf9d0
pi.pardot.com/ Name: lpv997701
Value: aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vP3NscmV0dXJuPTIwMjIxMTA2MTQyMTIy
www.cutimes.com/ Name: visitor_id997701
Value: 21964343
www.cutimes.com/ Name: visitor_id997701-hash
Value: 85c227473717345c70318d74d6273d57faed18ab90a45aa21b5f3dd0ac70e770914de10c5e2722f3b4f115ba7eaebb418d6bf9d0
www.cutimes.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
ads.adventive.com/ Name: ADV_u_id
Value: ac2a1021-7e3a-421e-a9b8-5e8b53e1e8a4
.adventive.com/ Name: __cf_bm
Value: tQOTJxmIwLkm7J8E.NWplR.c4hYaQJvk2z4ueNq78.4-1670354486-0-AZIm4vWvAcR7dF6m9iTAld5FrMPAf/68bOCy4En6F+rhsP+AGi+YS423d7sTU1XAO++PY1LTGNP4NSMIOyZGHPg=
go.alm.com/ Name: visitor_id997701
Value: 21964343
go.alm.com/ Name: visitor_id997701-hash
Value: 85c227473717345c70318d74d6273d57faed18ab90a45aa21b5f3dd0ac70e770914de10c5e2722f3b4f115ba7eaebb418d6bf9d0
ads.adventive.com/ Name: ADV_pid_172719
Value: 1
.criteo.com/ Name: uid
Value: e18c5baa-d7fb-49cd-87b0-68ae94da4095
.adventivecdn.com/ Name: __cf_bm
Value: NY66STzD5wQCE6Wt83wiSYGDzsk5.Bmyosx4H7W75Gg-1670354486-0-Ae0XEPDX3m4RVpxefKtL/a0HifgLQjKIxJNSooarCMN7COXZS4te3N2QksRCR4KeCVzKaMj8dJMMmd2ajdEWTv4=
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s85190|Y4+WO
www.cutimes.com/ Name: _lr_retry_request
Value: true
www.cutimes.com/ Name: _lr_env_src_ats
Value: false
www.cutimes.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-06T19%3A21%3A28%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6ADE649B-E487-49AD-A7B2-4314B7CE6A25
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159302:2
.pubmatic.com/ Name: DPSync3
Value: 1671494400%3A219_201_197%7C1670371200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1671494400%3A161_54_3_220_21_56_251_13_7%7C1671580800%3A35
.yahoo.com/ Name: A3
Value: d=AQABBDiWj2MCECcIMWszTCb_lR8KfZL4CMIFEgEBAQHnkGOZYwAAAAAA_eMAAA&S=AQAAAk08luK-7s8dylmRL_GV92w
.servenobid.com/ Name: pid_312
Value: 3696989970439279498
.smartadserver.com/ Name: pid
Value: 6856827104190220631
.servenobid.com/ Name: pid_327
Value: f929bee8-85d6-44ca-9d6e-8bc017c9187a
.casalemedia.com/ Name: CMID
Value: Y4.WOOAUdypKCekayna0dAAA
.casalemedia.com/ Name: CMPS
Value: 1129
.casalemedia.com/ Name: CMPRO
Value: 1129
.lijit.com/ Name: ljt_reader
Value: FxbJrRZHiDXC3DyCRFuFtvgG
.servenobid.com/ Name: pid_317
Value: 6856827104190220631
.gumgum.com/ Name: vst
Value: e_8792cbba-f564-421e-94bb-6e75c8a3d977
.servenobid.com/ Name: pid_339
Value: y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
.servenobid.com/ Name: pid_337
Value: y-0DxpNHJE2uEU0sM_Q8ZFWNWAPzqJJXJNzCe_BHg-~A
.mathtag.com/ Name: uuid
Value: 6e48638f-9638-4f00-aa5d-764c1d54e28d
.onaudience.com/ Name: cookie
Value: 50e10498978ed545
.onaudience.com/ Name: done_redirects104
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1AlLmppYGFmaWQnyGuiWOSUXxgSE-RqUuvgACvYdOJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1AlLmppYGFmaWQnyGuiWOSUXxgSE-RqUuvgACvYdOJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZm5gbGpiYmFhYWwBAOtewgEQAAAA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.simpli.fi/ Name: suid
Value: 0D49A3DD38C342C091F1D82BD35D8637
.de17a.com/ Name: guid
Value: 1.2828243996780583654
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-df71d3d8-71d7-4550-bde1-a304d83eb674-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3696989970439279498&KRTB&23339-3696989970439279498
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6e48638f-9638-4f00-aa5d-764c1d54e28d&KRTB&16736-uid:6e48638f-9638-4f00-aa5d-764c1d54e28d&KRTB&23019-uid:6e48638f-9638-4f00-aa5d-764c1d54e28d&KRTB&23208-uid:6e48638f-9638-4f00-aa5d-764c1d54e28d
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIxcQxtgSPyI87IG_ReSDCg&KRTB&16514-CAESEIxcQxtgSPyI87IG_ReSDCg&KRTB&23025-CAESEIxcQxtgSPyI87IG_ReSDCg&KRTB&23386-CAESEIxcQxtgSPyI87IG_ReSDCg
.pubmatic.com/ Name: PugT
Value: 1670354488
.creativecdn.com/ Name: u
Value: M7s1vpieblWpp00kUfTd
.creativecdn.com/ Name: ts
Value: 1670354488
.adform.net/ Name: C
Value: 1
.servenobid.com/ Name: pid_324
Value: 5133329523337590869
.servenobid.com/ Name: pid_309
Value: e_8792cbba-f564-421e-94bb-6e75c8a3d977
.servenobid.com/ Name: pid_310
Value: FxbJrRZHiDXC3DyCRFuFtvgG
.cutimes.com/ Name: cto_bundle
Value: pWI2rl9iOE1xc1U1RXZROW9zOWVYSURGQzB3a2xrNkNxM0IzbHpFamlmeXFGTEt6YmlHSXclMkYzazNzRmhxbFc5aEhGVzVHV0FoQmhhMlFxd2ROeTliaSUyQlJ4cmd2UHZLMExqSWZSc1c4Q3l5bkw0NiUyRmR2NXd6NnhxbFQ3V2IzRUV3ZDZmcjVaelVsMlVKNXMxWWtXRnJQWUdRJTJGUSUzRCUzRA
.cutimes.com/ Name: cto_bidid
Value: u_ZNDl90amZGVzVuVExUUENCTndZNlV1TkF0WmFQM3VWd1RWWWdETW1RTmR0R3BmJTJCNXM4U2tYbkxMdjh2bjkyNnVGNVZLOHphbWFndEhrM0xZQ2xPanUzUHpxNldJckpNSHlmaEhPR3psYmpCWXZjJTNE
.openx.net/ Name: i
Value: f740e7e9-b8a4-4992-b836-7e9416480c5c|1670354488
.emxdgt.com/ Name: euid
Value: 51531670354488930095f1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2828243996780583654
.adform.net/ Name: uid
Value: 7620339787543770961
.emxdgt.com/ Name: eapn_id
Value: 3696989970439279498
.servenobid.com/ Name: pid_333
Value: Y4-WOOAUdypKCekayna0dAAABGkAAAAB
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.go.sonobi.com/ Name: HAPLB8S
Value: s85180|Y4+WP
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e1c827efd5b50538
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.zemanta.com/ Name: zuid
Value: st_UGUQF0CMDBd0sY1Xp
.outbrain.com/ Name: obuid
Value: efd00564-2705-4669-971a-156167ece27c
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-d8aa313b-ad58-327a-8845-52e9a53a091b
.trafficroots.com/ Name: PARTNER_ID_3379
Value: 76a43c1df3
.ipredictive.com/ Name: cu
Value: 1996eedc-134b-4745-8889-ee384d3aec18|1670354489259
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4a099f24-c8a9-4849-74b8-15a737474c1a.Lp9AYJ5e6vk0nAQ9%2Fr5VXRCcbSZb2Ta1ApI%2BhsON2fU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASgmfJMipSEl0uBWnN0dMGrnVm7A.c0oJecz5Uh1drMpcBm2P5HCBaEL2BpiBKIjPrHaaE6g
.smartadserver.com/ Name: csync
Value: 86:3696989970439279498|137:76a43c1df3
.bluekai.com/ Name: bku
Value: ikG99eZVMtmg/qzo
.bluekai.com/ Name: bkpa
Value: KJhz0f+r3p9R9mY7zqjzIn7Anmi/OsheqWiYMRWk/QSNvJziEYgHobIb5mMXbPrq4rgVRaFq4ddfNM4EHHJ8yoL2el4+hkHVmupsgrNcdltSOGwL99asQvIVZj2b25D2Zr4DgwEc9yaIZVT6XN1MyB4f3fLNwxvLZdF2trMqpfBhiIyylxsB7Pexr1y2kykKNJHTnmmXJJ7nDrbY9iqYNaPd4vri/yBK3JpUgmvoJc+qDYT224Lux4Z8G+WhmDVNameRAgAcZHVczNhPWHscvWf01cYQJoME/OaakCfnyOaJPoXDXHvUHYGcaidKtZc6BTrUrxhMd27GtqKV0IUl9wikUPR=
.amazon-adsystem.com/ Name: ad-id
Value: A5cGQTKuQEl-pN8KuusQMa0
.bing.com/ Name: MUID
Value: 15B2A511B7B261402EADB763B6B26027
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~28p7:175w~28p7"
.w55c.net/ Name: wfivefivec
Value: 0yOG43Qk1P2Dvs5
.w55c.net/ Name: matchcasale
Value: 5
.casalemedia.com/ Name: CMTS
Value: 5193
.bidr.io/ Name: bito
Value: AADMGE7HHywAACC4EAEUiw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: SPugT
Value: 1670354490
www.cutimes.com/ Name: dpm_time_site
Value: 7.017

14 Console Messages

Source Level URL
Text
javascript warning URL: https://z.moatads.com/ptarmiganmediadcm677757797954/moatad.js(Line 137)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://idsync.rlcdn.com/423396.gif?partner_uid=3696989970439279498
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.cutimes.com/?slreturn=20221106142122
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.cutimes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=50e10498978ed545/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7620339787543770961
Message:
Failed to load resource: the server responded with a status of 502 ()
javascript error URL: https://www.cutimes.com/?slreturn=20221106142122
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122' from origin 'https://www.cutimes.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2339672991&r=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20221106142122
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4_WNAAAAHjHCAOJ&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=SgmfJMipSEl0uBWnN0dMGrnVm7A
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6ADE649B-E487-49AD-A7B2-4314B7CE6A25&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMGE7HHywAACC4EAEUiw&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVanbaWRSRTSnQVWV
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.audrte.com
a.dpmsrv.com
a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.adventive.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
alm.demdex.net
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
assets.adventivecdn.com
aud.pubmatic.com
b.law.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.indexww.com
cdn.linkedin.oribi.io
cdn1.opstag.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
collect.tealiumiq.com
colossusssp.com
connect.facebook.net
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
cutimes.com
d.adroll.com
d5p.de17a.com
d910a9d0ebc618408a0ffc15f94592d2.safeframe.googlesyndication.com
data.dianomi.com
datacloud.tealiumiq.com
demand.trafficroots.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e7c2159e96b923b6b7cb187a0e4ff5ea.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.moatads.com
geoip.alm.com
ghb.adtelligent.com
ghb.hbmp.mediafuse.com
ghb1.adtelligent.com
ghb2.adtelligent.com
go.alm.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.cutimes.com
imageserver.amlaw.com
in.ml314.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
linkmktg.cutimes.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mb.moatads.com
ml314.com
mug.criteo.com
mwzeom.zeotap.com
olytics.omeda.com
onetag-sys.com
os4m-d.openx.net
owlcarousel2.github.io
p.rfihub.com
p.safeservingcdn.com
p.typekit.net
pagead2.googlesyndication.com
pi.pardot.com
ping.chartbeat.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
player.adtelligent.com
player.hbmp.mediafuse.com
player.mediafuse.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
s.amazon-adsystem.com
s.dpmsrv.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
store.cutimes.com
store.law.com
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.co
tags.tiqcdn.com
targeting.unrulymedia.com
telemetries.jeeng.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
users.api.jeeng.com
usersync.gumgum.com
vi.ml314.com
visitor-service-eu-central-1.tealiumiq.com
visitor.fiftyt.com
www.cutimes.com
www.dianomi.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
x.bidswitch.net
z.moatads.com
api.rlcdn.com
cs.admanmedia.com
fid.agkn.com
104.18.33.19
104.18.35.151
104.18.36.94
104.244.42.195
104.244.42.197
124.146.215.48
13.107.42.14
13.32.99.71
13.32.99.85
13.36.218.177
135.125.163.79
141.94.171.213
141.94.171.214
141.95.171.141
141.95.33.111
142.250.181.230
142.250.185.130
147.75.85.234
150.136.25.38
151.101.66.49
162.19.138.82
162.254.186.187
162.55.120.196
169.197.150.7
172.64.151.162
172.64.154.237
178.250.0.157
178.250.0.163
178.62.202.251
18.156.0.31
18.158.78.170
18.158.8.202
18.207.9.29
18.208.125.13
18.66.112.94
184.30.20.22
185.184.8.90
185.29.134.248
185.64.189.110
185.64.189.112
185.64.189.115
185.64.189.229
185.80.39.216
185.86.139.114
185.86.139.93
185.89.210.46
185.89.210.82
192.226.82.212
192.226.85.63
193.0.160.129
195.5.165.20
198.148.27.140
198.47.127.20
199.232.136.157
20.127.253.7
2001:678:cb4:bbbb::11
204.180.130.159
213.155.156.168
213.19.147.42
213.19.147.44
23.1.110.85
23.205.235.133
23.23.131.203
23.35.236.188
23.35.236.201
23.35.236.209
23.35.237.151
2600:1901:0:8344::
2600:9000:223c:9200:18:1fcd:351:7bc1
2600:9000:223d:a600:2:53b2:240:93a1
2600:9000:223f:2600:1f:4c18:bd40:93a1
2602:803:c003:200::21
2606:4700:10::6816:1857
2606:4700:10::6816:38ae
2606:4700:20::ac43:4a81
2606:4700::6810:d835
2606:4700::6811:190e
2606:4700::6812:1640
2606:4700::6812:19ad
2606:4700::6812:3b7
2606:4700::6812:d5a
2606:50c0:8000::153
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a02:2638:1::1a
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:14a0
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:cc3:fe04:f373:8994:d3a2:58c
2a05:d018:d29:3602:7f9a:bd97:bacb:ca94
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.11.121.237
3.122.156.110
3.223.157.197
3.226.166.212
3.74.80.218
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.111.234.236
34.223.137.203
34.243.37.252
34.247.233.198
34.247.72.166
34.98.64.218
35.157.180.193
35.178.31.183
35.201.104.135
35.201.96.126
35.204.74.118
35.214.223.115
35.244.174.68
35.71.131.137
37.157.2.234
37.157.6.253
44.195.176.242
45.133.44.3
51.89.9.254
52.16.99.144
52.18.174.19
52.28.203.152
52.30.134.174
52.46.151.131
52.95.125.22
54.224.15.253
54.38.197.123
54.69.168.64
54.77.35.234
54.77.60.152
54.80.89.182
54.84.251.28
62.149.1.122
64.202.112.223
66.155.71.149
69.166.1.12
69.166.1.15
69.173.144.138
70.42.32.255
72.246.169.24
72.251.241.206
72.251.249.13
72.251.249.9
76.223.111.18
77.243.60.138
8.43.72.97
80.77.87.163
80.77.87.217
85.114.159.118
99.80.8.77
99.81.146.243
0471050bb8cd28e22d4c099250cba112acfcc0ae25a8c8832b175b965171ceec
04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8
058c448ef7bc5d59756ff2fb94c1dc10cbf6c8dd8d97468a9ec133cb0ce34329
060bd085ffc05ef3ef202d99d1f8b41ee48da606b86043d38e79736ace285fd0
074bafec19ce38a9ce5d5bbd94e485114c60701152574158786f20a04e920999
075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10
077e436b2bd9a3f6b9e1206276ff987021a9a13d6c44ef709e2883c2265ac05c
08eb311a92899876c61a07f3b3bb536f8f44bfa17729bb810a1a7da6e760dfa2
0a07941c4991f5b46a05f9682d7d90ea715dc7c515386ce6dddfe944399b5920
0a8b496bb990a105762726d9277788bba4d214e4bbdca9af8261d799d998283a
0b1ce881aafd5f98953dbb162ae014830de92ce169b314671626363bb5336d8c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895
0dd0e08da52ae11bab72e650693967d5d480e471c5cd555b5c74dfa145a2215b
0fbc4f6f566cbd37d3852a58bdaec5ee3582a2c2d0d701879eb8fc4fa6ab1d8e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143809da7f198b9a8d4ee5b0a003a888cff4d96e489bd31c15dc2f86fd0aa446
1496e38b68a13f1a11111de8fc06d2012a08aaadb25425f7e81f92a346cccaae
17280e1af0793a5d11cbcc7193aebadcc77393a3b093a3937253a11623b6c216
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
197bf2e0a249b63f2c15cb4d84d03f22e8e5eb667df2d7f9bcd042be879f040f
19bfe122067c133aabfdf345844d9760f543241ea76be6a700830ec8364598c5
1a0200f2f799c79a16e9c43694a958af8669beddf15f61cfe51a4c67e4a10efa
1a3a36aa3e8425f200fd34b48b8d7faf6e054470c0092ff8abf9fd40ac317881
1b563b511939c66eaeba1b5e5c44602c2524a338fc195d80bded1eb729bf0c26
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
205940b946b81abf2db3be326ca2ad00f569df2d38fe27f3eb1d5585c0e0ae18
20f79fc1ff28bcbe3b32803f6241031cf3635454a4ceee5d87ef18503f83f5d6
22e8d75cea3592698fb63fce2ea901582e868860c5240cb040052871127c7f15
24d0d36a31643696c19cda3a1828b4fa3e8c8a8d5004eac74e2f0c77396362ba
250f5eb273c0afc046c1ed5ffde3d86f1ab2d75c757295b898867e664e3bc8d1
26129af78a0c5058ed93afabffc97e6f0b7d34bd80c8c6d9199736cc261ee55e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bf2b51f389268c77f4b480820981271cc16b525820f73ecaa3a9455724a3fc8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e35d827c66f026cf449dc94900c3065c109aaf181bbcc674cdefd68b29f52f5
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2ec2bd53981fb043c399790767183bf5a3969c5afee460db8b218607388beb8a
2ef4185237a9acba44f287eba76833fbf23d9a610d0077ce5aa3ddfe515890fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f825aa446821f33314229d82989f061864eeaa43821176d8049971250f9620e
30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a
30e1ffdc3986321d60df2e89b68df5591141d86a1303e3959d2a6fef672cb3ca
30f11f38428bbc18c58a786b22c013e4571c0bfdf5cd9b025081d4ff77780379
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3567bf8c64166426845c7b54f1519132ea9a7ade0b4b9f3d2664bce803eb6955
35a3c93298451a885e6bafef760ba24e7481ac4061ddbb7dae7f4c039aafef60
35d294c38e9ec4791367b82eecb77c64d0a05523b4cdf8b7e300bcf98b91ed4a
36ffb99c499373e9dd3040b8fe5f7bbc542798d48924ceb0ffeb6b2ad83496d0
372fb07385f14e937cbea19de0fe1ae89e1fba9732b1f7770b21236d64aafad8
38872411e9e4975d41dcef61ffd939c7a495066faa3356ef59a4a70861928d1f
3a85313dac25c43c1ae22266962df201a68068d524fd9a9b42deaa76d7039a2c
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3c2a4e30e5f3f4d4b6816d0b64b4906d588f2139ad1182fc97bdf4e60afedc3d
3c5cb1a378d9b89fc005c4876889606648cb03985c9de949b555c0fa8679bdfc
3c610038793860ddc805efe8e395d5eeb2c8b6aa9d459ff7d44693663c151b4f
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f69ff11015e4856996b05a86d74c2d8dd1683da35c90070148669347dcdafeb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42ac66cf90e9b9b3eae542ddc4b179091395140f6f36dd06f2a7bd3173d31f85
433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076
441c1c4013fd22e8068883eb581b2e07b083716ff5b96f1cfc121d5b8e4161ca
44380ba195b6b884978cda6446f84189ef30d0c2edafd2de1565579e7f192dc6
452edb88c65b6aa207c9a985a3dce5a6dea98a0fb361e37b7c9e4e590098ca7a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47f5833d3047d4d02398943ee979e02dbaac3746362d82d45d145c73b3054a38
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e65e2b0bf8cd3e0ae13a821c8fbe67a9d22009cd0a775c81239a4a5ab9919b
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a8eaae4b5cbf9ed519cfdd62455a8920033e91f750fb3a1893539f6569f33d0
4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b
4b63138edd77117b49742f555a9698da7b66b3b08d2fb9cbe46fe0108ae808a4
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517615a93e626d8d7572ae97fbf845a86f163a3b7c19ac6aa7c66bd75db0b6f9
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
521e309a1c17e8c0a1ff8155082b0e71e4d2d3d3dca28afb9d07365d5458385c
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
5419e372f5194284b9f5eec961b8bffd64ca1f9f0e2c84b189c895f1622b6dcc
54e5acdc51a068584faa75fea5baf90aba97613c7e5b51e0608bbbead94fa2a0
5575caac2d65de99fe9046dbd7a51d6f893b54d2ccc892848ac3edc13b96376d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1edc998a2592c9b26a70afdef9d7a0dfb0997a7219ebde4de89006e5aba8f
57d9e7580c383e8caf4ed19b65a5038effe639a528ed84a071a95b65dacac325
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc
584b1726c9af7ad2de89b5a1a8ab9417ddbe418bff5397bae03e7c3addb3909a
588db713e825897512cf9da6dc27dd36c71541f81c7679ce3a755b372630d7cb
5a02d8eef54e76a16a95b2325079d0f55222cecc927a60bac1de8e2a8c0257af
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a4f704b9762a119d4a0137ffac556d77e6085e17f4c6701e32301fdcac35ccb
5a553da7ecb0174521c8c80f6b8d97a001481235b5a97cb0c270fc9ffe59a747
5d05368de9c4e1f9ed98ff9115f025efd0ad8a99c3cb1c1e2641701f157de88c
5f1074dfdcde393b2160dd92f5863c21b0bbee2ded00740b4b11fdedc6977004
5f372d607f5c433204c0c8792225c0d3e5543fb0e7717f1fb51ac663c990550b
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335
635df5b5bcde52cf3a1f8eeb0a8eabdbd0890e54c6045503492f1eef0034fffb
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
64ab472433797750e78da48f7040c68b4a50159fd60c46992567f136bf9d28de
65073b087a0e23baeeeb929c2a8c057c6190468b8676c1653f73de244705764f
659982ff5dc4222a830703646062215bbd21a2fb13e4cc2833461e7718ce2565
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66a7dbc9a0ba12522d0ad41b15543262e5710e3a6c20d7a4ebe468550ca8963a
6816c3b693e74665d528b981d53b2a8293b1be0476ed090b55bc0c8d8dd641ad
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae657ed40d988ae9ada64e2bed70ad98042007f37366a976185122966c217a8
6b2681d15e3868a8c2b4913461e3e7725761a78482d74c14491f34769c2a7260
6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787
6c351c727c43ad177f447e163aec13efb047561dd27772f84f47d4d5af3602ec
6e5593706064d9cdcb7ea8d7c0d442ec6ff8b139a1969510b75e952ba22c711e
6e5b604d0483c78f8fd9894af917cbbee660cf51af0b9394225fe26745499c46
6e9db16b805120b8ca1c20e3e52abb90a5d0f40f7f0e98f9a621b180516210cb
6fa1bd48518ccf6e0f204b269ec8ad3a7aab2c0d6fe33dae8c44604d005575fc
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
7125314ffc01034121670e823432e83758771e0fa558fd2e6f51517f46359048
74105634e668ae317420c0d2ecaac7e2b9b6d64f8b333a7e114bf6949191b140
74ba85f8a580165c3b7163af45f43db54661ae043973532aead8fb55ed81c9e4
77381d70d5771117aad8aac91aa0ed5490644f95d4baaf207d52fd94c8bb6163
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
79f8fdd38fd9469e02ea82ee46acc5ce1f634022b94a06e38c5d25b60eadfbad
7a695d75ed5265fb2f07d7f73e41ffe4acea9b5c5f6573294038d5ef560a0086
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bbe1ed5fff1b2c2891c4abcea7261e3ace473d4b1794a02ed521ee83a953f6e
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c33029605ca2f52ecb49d4b29699d8e255ee39ceecc37c966135903f8020ecf
7cdf5177d092b5e8a0f4b2dd5b7d3d448a9da12ee5eb5efb06243b24bc8e53f7
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
811afa2826fbca93d3675493bbad9849c4d7a93f8bc50807c8919fe7a3d69342
815767dfc57a4a2e55b41de05e8da9d8cd3cc80fc39ecf244ce99ef392c3165a
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e1e291beaf294d9cb1171360aa22770a2baffb6d8f57033e877adc6b2bf471
866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88db7f0af9544615b58cf7dc5a041d8194c35dd3a4660e4a674b7f4c260b51ff
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b9364436595b69f56e6c07f180793a0f1a1a92580422c02852ebc5d85d8fa97
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8a7d418b79053988a71ff95ee9eaf4a553732446f8e3192296a7a984e15e99
8ee9691fae522eec0400aa4fef2c4ec6ea5c8ba12410d2bfbb1ee8a759a100a7
90a543c3589ff44ea84f04ce9a721d165f9a6a800af68ff790c4b22be6ceb595
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90fada080962fe24413fe347a9bc90a7fe2d73ac6b43d452ee31634cd58a5474
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9331f2513aab5788f7e96941dacda000079fc20776fbc724f79b5e8b4a36ea80
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab
953378c3a6adf6b2e8340d7ea38cb1069282349b8467c413f2de5b858d166989
957e335c2359da4163a0173266f5c0fa069831cd1a95c6d4699bb4546d94733c
95e4cb1c2b0266d715b7cf4f51828d5f74984dea2c81940959ed1f15c957ee55
96fa004371f80e133e309973be5aff14fd7b90c8584a1cb8698ba3883080fc6b
974ce3d8439f63bedd014fa327b725b32569b1ce6d292b538a0e339b66f514f4
98323354ec1050e8ab880a1f0aa004f8e8defd2da0d0219d3c962b9ff13cf665
98763f678595955f460c238c499003122523882dc187f362c2b6c42a9daebc87
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e541338a36c2e497153f49814cc78cdc1e05f68ae0c5444f94e2fce799e3a3
98f784dd6f90d3de47732c6480b099cb70bcc3f635034358fe198471502393bb
999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b0fcca2050f159b48dac26c028ce5c87774a96d29c06bb832717d8c0b4b2a8b
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9e02f606f1a329fbb0ce608b5f6524a3b274236ca2bf93abbca1b6275fbed308
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13b8edf519611379569011dc81fd20613ad68500e67f98f74ee0df28527aea6
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a24f1d61f81977ee277a8337c7fa5242de6a3304b040b53aa3119be3e721ac4f
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a327999c740f960905786f3f1bbd295c1737a5e0d22b0fc46401229fc92b5bb4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a711a7375dd7a44f0fb2190a508a18bb765486542262a2af7c5ba4efda810591
a845cda67701ef509fbbbe857ceab63702a0271a537578efb846f14bc5aac2c0
a8d0898119acdf1f2d8f7d5e8c05d04ab250a6e0b4bcfa04718e0fedb8293fcd
a8ed4afa05e064f02462a54051b847f9afa46468729ad84ca7eac8f6bd16acf8
a97d847216fd3153b09be365a71b2e687ae1e690ffbf7cb073dc5d2812ddcf6b
aa22f9e4fb7c6d8abfe37409762783be473085c6a3d0569b83247c2fb343487c
aaf9d96e6f54c43bbdce127bd62c00e247238ec6a8c6d2cb9b90d5064acef863
ab1a01747da3dff12b79842975ab0a55b57c3282cbd6aa745fc85360b11d4f74
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b198d10e658c4cc6e966bc9be45a40983c5a1eaec15e3881724f85e7da841317
b28420d0edbaca1c9bdb0ecdf5856a094e48bc654c11331a5f7f3ecfd9dc39ea
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3f8db780e62f51e513454f4e7dc449a40b7ba61ae989283e133c11c65465b3c
b570c3b3558eb89307b8cfb86d39962bff748ffecf95e53e1edb7b6f5aa0e2db
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
b9c9c1f277283d987cd2c1b8e6a388d08d188cda81a8605d47e02b3dae918b92
ba913f22ef682e1da8b469f9bef16c82bc4db09f1f36264bce4a78464d854dac
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8efee9807c0bc0f5f1f9e550d07ef797eaf6dab36eeee50df57e3ece7802bd
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
bfad05ed034056b8effc21e74258bc4d9f299cfcec53c3a34a13ae00f43efb08
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c296228d9f50c9161e1dcb5d3b8bead50dfdcd139b31ba44484c0bd6f3f6ae43
c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5
c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6
c9d497e43f2ec10394985b406ac9619806aa3c5783644362494e357914823c9b
c9f5b4930cef37f8b1e6546841c08341f23493551b42d7341c7f66316789149c
caf21ca348bc43d0b66eb5275ee78b8d91a73866c12863ff2fee41cecfd0491d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41
ce7fb2d22faa2608b32022842c0610c0e0ede1dca6a0bc387e3cbd7ff5a11dc9
cede4ad9cbeb6620ef1b6e7957ad41cea84eb46a3a0c9229839dd1cbdb01edf3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5cd49c4d69c3b98728de89d7eb299f4b6fb3a2d531507482245a3343865509
cf5fe2149d8b73f111851ba945205c53ef4cb07e26ac3f2873265491aefa9bac
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cff7019a5c4306da2f0038094ec5c8298f788e614df2e05951e1e0e0df8cb0ed
cfff6a221c1c5025036ba4781552ac76be236e145989f04dd6d69d9f04c7657f
d02f2fc62f36ca85e3000ee46d68040c6e23e5109cf272b9acdb946bbf1dce08
d0460b016fa470f9548aceaa335c01cd1fe68052a3abd44cb642ac299fe5b7e2
d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e
d0b6d091e07dfbec0409f7146aa5aa76c6d31b20fc30f10af050e3a27c8a40aa
d0c7e18f14b64cbb48df333ebf5c343768dabc398e4636adaa9bd586afd0e567
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda
d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22
d775daae9c814d8868a58f6dd47e23dcae39ec686c2c727e5a57c3a9ab0868a4
d812a8cfbe966baad4a510499fedc9388e91c76d0928acb328fd8e26aa8e99c4
d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f
d8c4542394c7e1c53ab6422a3b43e3e21fa4f15e826578e75dad977f79626a50
d8c99e67b330133a525ea963696049218d30e71a87898b0e0cfcbd375e7bf3c4
db318e65fd26d9edb804d8da27cd505921d013ce59c421a2cecc0ae50a7ad5c2
dc78c44ab1084772b3a3dab80d154a8d22441bc97f9908460f409e0232ad82c6
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de857d671fc100a95d2eb2bb9f90fc02fee23ba14f2de0ded6bd2feb4011e976
df0a636a4f218633b8b7c25c1f550854f32f7d9de4f70077fbd1c20bbc4316c4
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e0966a8b5ee6f6fa157d3e27049658e584f0f998b18e6148aa7210c958fc200c
e0f51bd19b08f4014583811b15316f4c3a07ec34a43bc1531fccfc3bc36cc605
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e2aec5a0a46826dc0155b487346625900deb7d411044e57199a3ef5c2e9164d2
e3194ff30a355ad3cc9c578feaf1996e237605ffff67f66516de9235923b30d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b3e56815f561370661f1e7b7361a272daae6a8d433b1168aebece256cef807
e519ea662b559b4c301f3ffb2f2dbb1cb30af7d6eb1cce60609d7cb452d29ee2
e6856d751a5184a4f7b59c3da785847bac06536e0f257d70cde02786740c7ee2
e6dadfc410a92ce8759349c32db84dcefb3ef6fe692783b9467bd2be4ea24fce
e6dbff582bc425bc9c919ce3575fec9ee4e4a558acae8ea84f86a88c5ed0034e
ea060a8aa19b8d86db10c25560ecb9c3692eadac28b9f3d1585583aa25fe75db
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed0d5720f1d865f91b1fc22098d64fc0d2d30219eec369574e0b270d98133090
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f0de91c10e26b0cef20c6c0360b299928e84582bd82ec3156b451c363c31269a
f0debc15ab61937e4c69eb6fa0390a8b9f7a5277cf889273597dcb1e49e60070
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2b0e2c79bdf31859a820ae43a0ae45f070ede94ef71ccbbacf62390da344f9e
f2dc094e05f45498bc0bcb295c68c66eaa11268877346a54381c4ea793613dc0
f3233a3fa085a375f3cb18221c30b30cb364a2ee371e87ce5f87aacb871f67e4
f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768
f444296233f822de187d49ecbddad9196624e91e253df95237a06b0952deadbc
f5bed1e8b0785b934ed7c79ba330274b0fe7b904e98f65132f480a17b4e4bee1
f5f98791125eccdd706594d1a73e7e4b37ac8d964f4852a713c2ac75fbb6f6b3
f77f61b40f61797ccd03a8ebf4a46a8a5d2f075f3b20b0922369831ae9d7989f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82e15fdbadb6dc7d6e03118beba7d22a955bf05cd5fe8731c79c19d733549ac
fac10419c7731c0156d77f0b4b4e8bf296f911abc427223ab08c0cf76eee723c
fc76428cad5c36631113a653d30ef85dbcfe672934b13630f4fdd2c1f1403f58
fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf