www.cutimes.com Open in urlscan Pro
2606:4700::6812:1f95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://store.register.creditutimes.com/
Effective URL:
https://www.cutimes.com/?slreturn=20200628153728
Submission: On July 28 via automatic, source certstream-suspicious (July 28th 2020, 7:38:09 pm UTC)

Summary HTTP 296 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 48 IPs in 9 countries across 39 domains to perform 296 HTTP transactions. The main IP is 2606:4700::6812:1f95, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cutimes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.

This is the only time www.cutimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.74.127.163 76.74.127.163	23029 (ESTREET) (ESTREET)
3 43	2606:4700::68... 2606:4700::6812:1f95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	204.14.32.196 204.14.32.196	7124 (-Reserved...) (-Reserved AS-)
1 1	2606:4700::68... 2606:4700::6812:1e95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
55	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
2	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
9	23.8.6.251 23.8.6.251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.194.147.18 54.194.147.18	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.60 143.204.89.60	16509 (AMAZON-02) (AMAZON-02)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1 4	52.208.235.219 52.208.235.219	16509 (AMAZON-02) (AMAZON-02)
2 8	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.192.142.95 34.192.142.95	14618 (AMAZON-AES) (AMAZON-AES)
17	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3 3	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2	18.158.135.197 18.158.135.197	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:9800:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 7	34.240.148.251 34.240.148.251	16509 (AMAZON-02) (AMAZON-02)
2	35.172.101.157 35.172.101.157	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:205... 2600:9000:2057:dc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.159.22.75 18.159.22.75	16509 (AMAZON-02) (AMAZON-02)
39	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	63.32.152.233 63.32.152.233	16509 (AMAZON-02) (AMAZON-02)
2	15.236.9.100 15.236.9.100	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
5	52.51.113.24 52.51.113.24	16509 (AMAZON-02) (AMAZON-02)
1 6	88.214.194.242 88.214.194.242	46636 (NATCOWEB) (NATCOWEB)
5	62.149.23.112 62.149.23.112	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.22.230 104.18.22.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	35.244.245.222 35.244.245.222	15169 (GOOGLE) (GOOGLE)
2 2	52.19.114.209 52.19.114.209	16509 (AMAZON-02) (AMAZON-02)
2 2	52.211.146.59 52.211.146.59	16509 (AMAZON-02) (AMAZON-02)
1 2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:f77e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.193.78 104.17.193.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:4132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0b	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	204.14.32.159 204.14.32.159	7124 (-Reserved...) (-Reserved AS-)
5	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10c... 2a02:26f0:10c:28a::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
5	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
5	13.224.194.68 13.224.194.68	16509 (AMAZON-02) (AMAZON-02)
1	88.214.194.105 88.214.194.105	46636 (NATCOWEB) (NATCOWEB)
296	48

1 76.74.127.163 (United States) 1 redirects

ASN23029 (ESTREET, US)

store.register.creditutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2606:4700::6812:1f95 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
store.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.14.32.196 (Rwanda) 1 redirects

ASN7124 (-Reserved AS-, ZZ)

store.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e95 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

store.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.199.108.153 (United States)

ASN54113 (FASTLY, US)

owlcarousel2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.8.6.251 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.147.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.235.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.13 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.192.142.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.135.197 (United States)

ASN16509 (AMAZON-02, US)

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9800:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.240.148.251 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.172.101.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:dc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.22.75 (United States)

ASN16509 (AMAZON-02, US)

visitor-service-eu-central-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.152.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

alm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.9.100 (Paris, France)

ASN16509 (AMAZON-02, US)

b.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.51.113.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.214.194.242 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 62.149.23.112 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fe6dd6090be5f5d68e78d42488fdcc5e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.230 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.245.222 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.114.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.146.59 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:f77e (United States)

ASN13335 (CLOUDFLARENET, US)

static.polarcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.193.78 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-pentos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:4132 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-terrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.14.32.159 (Rwanda)

ASN7124 (-Reserved AS-, ZZ)

geoip.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:28a::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.194.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.194.105 (United Kingdom)

ASN46636 (NATCOWEB, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	moatads.com z.moatads.com mb.moatads.com px.moatads.com	1 MB
44	cutimes.com 4 redirects cutimes.com www.cutimes.com store.cutimes.com images.cutimes.com	700 KB
43	doubleclick.net 3 redirects cm.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	151 KB
25	googlesyndication.com fe6dd6090be5f5d68e78d42488fdcc5e.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	413 KB
13	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com	7 KB
11	googletagservices.com www.googletagservices.com	294 KB
10	typekit.net use.typekit.net p.typekit.net	226 KB
10	servenobid.com ads.servenobid.com public.servenobid.com	2 KB
9	tiqcdn.com tags.tiqcdn.com	80 KB
7	colossusssp.com 1 redirects colossusssp.com sync.colossusssp.com	2 KB
7	ml314.com 1 redirects ml314.com	15 KB
6	gstatic.com fonts.gstatic.com	58 KB
6	polarcdn-terrax.com polarcdn-terrax.com	21 KB
6	google.com 1 redirects adservice.google.com www.google.com	925 B
5	ampproject.org cdn.ampproject.org	109 KB
5	adtelligent.com ghb.adtelligent.com ghb1.adtelligent.com ghb2.adtelligent.com	1 KB
5	demdex.net 1 redirects dpm.demdex.net alm.demdex.net	4 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	14 KB
4	tealiumiq.com datacloud.tealiumiq.com collect.tealiumiq.com visitor-service-eu-central-1.tealiumiq.com	3 KB
4	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	50 KB
4	github.io owlcarousel2.github.io	4 KB
4	law.com 1 redirects store.law.com b.law.com	6 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com	843 B
2	polarcdn-pentos.com polarcdn-pentos.com	737 B
2	eyeota.net 1 redirects ps.eyeota.net	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1004 B
2	adsrvr.org 2 redirects match.adsrvr.org	929 B
2	chartbeat.net ping.chartbeat.net	336 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	8 KB
2	simpli.fi tag.simpli.fi i.simpli.fi	3 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	21 KB
1	alm.com geoip.alm.com	448 B
1	polarcdn.com static.polarcdn.com	125 KB
1	dianomi.com www.dianomi.com
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	google.de adservice.google.de	829 B
1	quantcount.com rules.quantcount.com	1 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	creditutimes.com 1 redirects store.register.creditutimes.com	125 B
296	39

	Domain	Requested by
44	px.moatads.com
39	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.cutimes.com
24	www.cutimes.com	1 redirects www.cutimes.com ajax.cloudflare.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.cutimes.com tpc.googlesyndication.com cdn.ampproject.org
17	images.cutimes.com	www.cutimes.com
11	www.googletagservices.com	tags.tiqcdn.com securepubads.g.doubleclick.net
11	z.moatads.com	www.cutimes.com securepubads.g.doubleclick.net static.polarcdn.com
9	use.typekit.net	www.cutimes.com use.typekit.net
9	tags.tiqcdn.com	www.cutimes.com tags.tiqcdn.com
8	ib.adnxs.com	2 redirects www.cutimes.com
7	ml314.com	1 redirects tags.tiqcdn.com ml314.com
6	fonts.gstatic.com	www.cutimes.com ajax.googleapis.com
6	polarcdn-terrax.com	static.polarcdn.com
6	colossusssp.com	1 redirects www.cutimes.com
5	public.servenobid.com	www.cutimes.com
5	acdn.adnxs.com	www.cutimes.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	1 redirects securepubads.g.doubleclick.net www.cutimes.com
5	ads.servenobid.com	www.cutimes.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	dpm.demdex.net	1 redirects
4	owlcarousel2.github.io	www.cutimes.com
3	idsync.rlcdn.com	2 redirects
3	cm.g.doubleclick.net	3 redirects
3	a.dpmsrv.com	s.dpmsrv.com
3	fonts.googleapis.com	www.cutimes.com ajax.googleapis.com securepubads.g.doubleclick.net
2	polarcdn-pentos.com	static.polarcdn.com
2	ps.eyeota.net	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	ghb1.adtelligent.com	www.cutimes.com
2	ghb.adtelligent.com	www.cutimes.com
2	b.law.com	tags.tiqcdn.com
2	visitor-service-eu-central-1.tealiumiq.com	tags.tiqcdn.com
2	ping.chartbeat.net
2	ajax.googleapis.com	ajax.cloudflare.com
2	store.cutimes.com	2 redirects
2	store.law.com	1 redirects ajax.cloudflare.com
1	sync.colossusssp.com
1	googleads.g.doubleclick.net
1	p.typekit.net
1	geoip.alm.com	www.cutimes.com
1	static.polarcdn.com	securepubads.g.doubleclick.net
1	www.dianomi.com	www.cutimes.com
1	fe6dd6090be5f5d68e78d42488fdcc5e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ghb2.adtelligent.com	www.cutimes.com
1	cm.everesttech.net	1 redirects
1	alm.demdex.net	tags.tiqcdn.com
1	pixel.quantserve.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	rules.quantcount.com	secure.quantserve.com
1	collect.tealiumiq.com	tags.tiqcdn.com
1	secure.quantserve.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	datacloud.tealiumiq.com
1	i.simpli.fi	tag.simpli.fi
1	s.dpmsrv.com	www.cutimes.com
1	mb.moatads.com	z.moatads.com
1	cdnjs.cloudflare.com	ajax.cloudflare.com
1	tag.simpli.fi	ajax.cloudflare.com
1	ajax.cloudflare.com	www.cutimes.com
1	cutimes.com	1 redirects
1	store.register.creditutimes.com	1 redirects
296	64

This site contains links to these domains. Also see Links.

Domain
www.alm.com
www.facebook.com
twitter.com
www.linkedin.com
store.law.com
cutimes.tradepub.com

Subject Issuer	Validity	Valid
cutimes.com Cloudflare Inc ECC CA-3	`2020-07-22` - `2021-07-22`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
store.law.com Go Daddy Secure Certificate Authority - G2	`2018-09-05` - `2020-09-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.dpmsrv.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.tealiumiq.com Amazon	`2019-11-21` - `2020-12-21`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
b.law.com DigiCert SHA2 High Assurance Server CA	`2020-07-05` - `2021-10-08`	a year	crt.sh
*.servenobid.com Amazon	`2020-03-12` - `2021-04-12`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2019-09-14` - `2020-12-06`	a year	crt.sh
ghb.adtelligent.com Let's Encrypt Authority X3	`2020-07-11` - `2020-10-09`	3 months	crt.sh
ghb1.adtelligent.com Let's Encrypt Authority X3	`2020-05-31` - `2020-08-29`	3 months	crt.sh
ghb2.adtelligent.com Let's Encrypt Authority X3	`2020-05-31` - `2020-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-06-09` - `2020-09-07`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-07` - `2020-10-09`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.alm.com Trusted Secure Certificate Authority 5	`2018-01-08` - `2021-01-07`	3 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.cutimes.com/?slreturn=20200628153728
Frame ID: D97CE015E7BA326B33F137417B246BCB
Requests: 206 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: B9CAE1CD4A51232E17E24F460CD391DE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBghSe6heW-6Svud54eJPDRGst7GyLh5WYCqrNM4bLANeJv3p98uC9TfXHpBwZ9XAQIsi2RZMrypu1BmVmFvOeE48G7hEs7YIo9uCkeNyIG6yDpTBQEEv3PIQwnCIlN0ELSHEcG_Mgl8t6cfft656MVV1SXgpF9o3SVpCkTzuMTQ2NdTwlrbtIoLIjw-a_M_HE8K0TXX9LcRWRmzOSAfh4UOzL1Ru0pKI6XpBcSO79ueYIMOBfNx2ai-xD8coRU4uPmfDwQjx9IFOz-g&sig=Cg0ArKJSzNrMM1MTUk4DEAE&urlfix=1&adurl=
Frame ID: 42C6D53B356658E4797CE9BBF97AF9BE
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseKWIwdOw8VtnMv9aBYnaaHqT6siCEeIkqKpHBtpv5jYe4sejOg-aUSgUPOxnc4ia8c0Mq4x_JJsFPx8syV-KieEONqYEUB8F99Z2rD9SPwVYX_k1kqSBNsaBz6-8uwG7Zr-_musfZfkULFKceNdwjeec7laFz-_DwcZsLsM3RAwRvHuYOrxcWegMQNRfDyT8Yu3R-bmZ0Wd7sNFBE530lU64uQGkBRVDN02PXzIg0oLxNUs29WsbJgqhPFxmtbfAG070gT155wlPmfw&sig=Cg0ArKJSzE0VlzvvjVnWEAE&urlfix=1&adurl=
Frame ID: 2554EF32BC9FA22E1D0785772B9AD3ED
Requests: 5 HTTP requests in this frame

Frame: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20200628153728
Frame ID: 9D8432ED676669C5AC8226C808B4C91E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJs0ANFalK1Ef3wopBhtlANByTaPJbsJ5_tPihWErAGVdQd6BhOXCTX71V-8-f5IWfZe0WrJAf2ixjjrGaLmcMSlHhIi76rYhq8SRqJNAa_GwWFaJS0mGQ6i99YKtNP6VL09-U1TvldyU-dH4P_9Ntg-yUAfZaRccc0wZOyAiFK5KnarYtEZ4zsP-uQ8q9taf_rjyeXx9_7OCSIGTlY8oKizgwnFjTaiDBZI2R_HbxgHf399BLZZCENs5ffBGEjj2MNcprqRD37Q&sig=Cg0ArKJSzBp1MTVhBxX5EAE&adurl=
Frame ID: C424927323B46A3EBEC44EFE471F85E7
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8gV_Nyi0Mt9m3f9oZdUJ6iwOy4SI1OVBJfybx4Nug-5csxVYQUxVgH7OchYbhzeH97mmHZXWS71tdI4NSPtjpsZg9fUq2dX66RW4dzbkZUoioTEW4jNszIZryNTqgvJ7PeB9g0lOKPboemvg8XKY5IKdNm7Jc5AEM3qyvGfXIvcYPzivqOtXqBEa3HiWhq9pZzUzsBPepFsIom3uB_Az6hUwzeJfy1n2LYZbFT_j9AG3b31Dr-Bl1OPvKES_Z9_8ELyvWxZ2djpIZ5w&sig=Cg0ArKJSzJzMncdKIRj7EAE&adurl=
Frame ID: 3C7F776D93E8659EDD92E31FEE494D80
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F6C7F99884F5778E419ED72CC43EA496
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss78_xRB-cgLAlrnfW_2Jqf8FZexzBTHEz_fMACT-xuFhe6JB_kgjNRMffbXhrGWujwj7X-x-HriKWDGKvRdk4thcmcUACYRDXR2fZ3qXXu7F7U3sSFn5zJ-tHZH3h5muyau7fVh2CpGbvRRmBLHYcYlJDkboPy-JaPATy1VRyTne9yRsREVCLkhdYCEVbBYkJm-59O1i3s58j10aX8Jm3X-69vjaJHuK2RMhvdA_dMA3I-9b1Q2gQKJihCBCs-ZhuCPIoCs3_uetBTYJw&sig=Cg0ArKJSzLMd0_NakhZVEAE&urlfix=1&adurl=
Frame ID: 538453E1B5204787422C75FA56DBBF19
Requests: 13 HTTP requests in this frame

Frame: https://polarcdn-terrax.com/privacy/v1.0.0/html/optout/readwrite/
Frame ID: 1A7A2E9BC8DB4B5ABFE704711C2AEDEB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs92IYVPmnD2P8coLL-bGmiOvTx9guTP37v9UvM1VX4NladHzfYQdEWhGDAUSGA0_LBjypPoYxrG5XKSklL0UXygjy3fC3Jw5jKjwPX8YNiF6i16aU0yh93vs4F6B03JFC3IdQ0WSo-81Mh8D3nFUakRPCn0174220zJnr_s8Uo2kYCBjJU9ZjLvezBJQU3EtOqxhvjuIlK3U4UkeuJww2vhSUYnaK-ZPOgvRwwb_EMw-1qNwda3pxkhtYrsVTM5UQruPmk6FG_Q&sig=Cg0ArKJSzIOFlANKEFruEAE&adurl=
Frame ID: C962A80BBD6B0356B7A392BBF61F5D37
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnqFPj8ch8nVvkMFjkoKFedU0irN1Hvp0VV8DhXvbS19DO73puxf7CsxVtWMB3YWwI3x7Tf5AqSUioHuGggMlTvr2Cj-UH4liS2YRfk9fjpLGOnt-KF9N0F0tFVPtKHwx-docaB0Fm1xfiuvoZoijrtuq9qv0THe6tl4tWLaybwNkFCjqr_NQfsZW3JnsLHC0gF77Fy6fCH_wrfHREVPNpam_xLlColiG5QXbR3Ca-8A62qomQYlqq29WlpkfyPvABqhkTzXQUVn8C6Oc&sig=Cg0ArKJSzNWrKgrrHHfaEAE&adurl=
Frame ID: F1DC37017F794FE29CB29082DB969A0F
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js
Frame ID: 653E197A9B20D2F615C91F4D31FD3A20
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp6oTFG4IPYp-rtmvscoinhXla69-qJ3Tej-U91CZjme_cm_IcDrpIyE72Ydvi5fBXEE3-Rltg6k5VqTYKhmh5v8PeR3zP9yZ_AA80yrqyd2C3iLmEDSu-046FBed6ZPQyRXegsZbdDQpJcBLGmkX5-U9wVMNj0GGiFiIE60Ny26ZvuH7auTT0ykx68orSaBLRyL_cpJfOHyDHt9vxsjbZ9EECto9dPCxaO5eEAcawC9pAh1eK8DfwiwVEoh7gbqIwNSii87_OYQ&sig=Cg0ArKJSzGYywxjFik5IEAE&adurl=
Frame ID: 43DB7E6FF56A16D0132D186824E862D5
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: D7E76B3FB5D3B6290B8713E515D4A1EF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstclzY69J_cm1cQFcedNylam-l-kroUf4aV7ZCLlJd44RRqca8qkI-I_clPeqgGXxxFm8AIW2CV8bkHvO1clFMOX__OUkZ0oRd0VuGB7w9HtgRNU_pMh38qt0s5S2iqtqdqVCiyo4Vdwr1roAOzDf9EcPEvoi3SBzqs7NZhoxgoUm9qe4KD0ewpWXN686jK0kfvfzCJLb3pQboadySJCuL843ndNjtYpeeJiv2LApEQztB0_9EBIyTS4SrFbVE3qFFVUCr50Y3-Sg&sig=Cg0ArKJSzNEe8hEZWhUmEAE&adurl=
Frame ID: 405C3470EDE8BFACF5291D72BBCCEBC4
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: AACE345194F15082525744DB7C498E58
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D82B2CD392036491DF0112C8F1A10BC1
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F09DCE4EC8CB35C6B8961E01E0C32A03
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: E328D4E28AAAA9D9CEC143D069374901
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 0B41865F74F84B2475C27035890293B1
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 42C721A803E1B59E237B56B4C359B03D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 019402EF3C3E25A12CCA4270C5F2E7A3
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 56A7F768DE485D62BEC34A0BD27F9C46
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: A3C1C602CFD4DF04D871148DB4C4E25A
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3B9AACA33146AC8337D577DD5F59C1FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://store.register.creditutimes.com/ HTTP 302
https://cutimes.com/ HTTP 301
https://www.cutimes.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https... HTTP 302
http://store.cutimes.com/Registration/Login.aspx?mode=token&token=B7A14820-55F2-452A-AB83-1C93C1B93C8... HTTP 301
https://store.cutimes.com/Registration/Login.aspx?mode=token&token=B7A14820-55F2-452A-AB83-1C93C1B93C8... HTTP 302
https://www.cutimes.com/?slreturn=20200628153728 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

296
Requests

99 %
HTTPS

36 %
IPv6

39
Domains

64
Subdomains

48
IPs

9
Countries

3436 kB
Transfer

8353 kB
Size

20
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alm.com/privacy-policy-new/#section5
Title: Click

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Credit-Union-Times/95378106084

Search URL Search Domain Scan URL

URL: https://twitter.com/CU_Times

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/3821859/

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/Login.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F
Title: Sign In

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F
Title: Register

Search URL Search Domain Scan URL

URL: https://www.alm.com/terms-of-use-summit/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.alm.com/privacy-summit/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.alm.com/

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf19/prgm.cgi
Title: How Digital Technology is Transforming the Branch for the Future

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa438/prgm.cgi
Title: Scenario Planning for the Agile Financial Institution

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_docu103/prgm.cgi
Title: Delivering the Modern Mortgage Experience

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_coop22/prgm.cgi
Title: The Payments Playbook: A Credit Union CEO's Guide to Winning the Payments Game

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_wora328/prgm.cgi
Title: How to Improve Credit Union Decision-Making and Performance with Analytics

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_wora327/prgm.cgi
Title: Financial Services: Making Informed Decisions with Improved Transparency

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa06/prgm.cgi
Title: Covid-19's Impact on the Payments Industry

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf14/prgm.cgi
Title: Why Open and Future-Proof Core Banking is the Key to Success

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf17/prgm.cgi
Title: Credit Unions and Community Banks: Competing with the Giants

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf18/prgm.cgi
Title: Prevailing in an Industry Forever Changed Series: Part 1 - The New Banking Nerve Center and Focus on Financial Health

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_docu102/prgm.cgi
Title: The CIO's Guide to Digital Transformation in Banking

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_inau02/prgm.cgi
Title: PSECU's Digital Transformation Journey -- Insights From the CDO

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_bold07/prgm.cgi
Title: Connected Conversations: How AI and Chatbots Are Making Credit Unions More Human

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_docu101/prgm.cgi
Title: The Digital Banking Roadmap for Credit Unions

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf16/prgm.cgi
Title: Moving Forward with Mortgage - How Credit Unions can Support a Healthier Housing Market

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elan04/prgm.cgi
Title: Top Five Trends at the Terminal

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_docu100/prgm.cgi
Title: Moving Away From LIBOR - Are You Ready for the Change?

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_bold06/prgm.cgi
Title: Take a Modern Approach to Customer Experience: Empowering Frontline Employees and Agents

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa281/prgm.cgi
Title: Six Steps to a Data-Driven Credit Union

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_docu97/prgm.cgi
Title: Overcoming 4 Common Digital Mortgage Barriers

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_bold04/prgm.cgi
Title: Empowering Human Agents in a Digital World

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa131/prgm.cgi
Title: Optimizing Your Member Experience with AI

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa03/prgm.cgi
Title: Gen Z: The Fast and Furiously Cashless

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/login.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/
Title: Sign In Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://store.register.creditutimes.com/ HTTP 302
https://cutimes.com/ HTTP 301
https://www.cutimes.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728 HTTP 302
http://store.cutimes.com/Registration/Login.aspx?mode=token&token=B7A14820-55F2-452A-AB83-1C93C1B93C8D&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20200628153728&debug=lawDomainIPWithRefRedirect HTTP 301
https://store.cutimes.com/Registration/Login.aspx?mode=token&token=B7A14820-55F2-452A-AB83-1C93C1B93C8D&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20200628153728&debug=lawDomainIPWithRefRedirect HTTP 302
https://www.cutimes.com/?slreturn=20200628153728 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595965050749 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595965050749

Request Chain 44

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D572229%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%253Fslreturn%253D20200628153728&_=1595965050781 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D572229%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F%25253Fslreturn%25253D20200628153728%26_%3D1595965050781 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=7409752722090187592&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=572229&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&_=1595965050781

Request Chain 46

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=017396ee0f720017d75db861c76a00078003007000b08&tealium_account=alm&tealium_profile=main HTTP 302
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=017396ee0f720017d75db861c76a00078003007000b08&tealium_account=alm&tealium_profile=main&google_tc= HTTP 302
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=017396ee0f720017d75db861c76a00078003007000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEJiPT-1L0SVH5i63xXlfxPw&google_cver=1

Request Chain 61

https://cm.everesttech.net/cm/dd?d_uuid=85813271935823584130110556411669632253 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XyB_ewAABDbJyVL0

Request Chain 105

https://idsync.rlcdn.com/395886.gif?partner_uid=3612013446478430307 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMjAxMzQ0NjQ3ODQzMDMwNxAAGg0I-_yB-QUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=48666d9ea00573436b28916caad1ffacd3b4829e250e3d34d3d0736412eb89bbf4cb09cee1a4f8eb&person_id=3612013446478430307&eid=50082

Request Chain 106

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=633a508e-f910-4ff3-b0d0-3c30c451b013 HTTP 302
https://ml314.com/csync.ashx?fp=633a508e-f910-4ff3-b0d0-3c30c451b013&person_id=3612013446478430307&eid=53819

Request Chain 107

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3612013446478430307 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3612013446478430307 HTTP 302
https://ml314.com/csync.ashx?fp=e88a47a7df7d683ff24a8aa20c976daa&eid=50146&person_id=3612013446478430307

Request Chain 108

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7409752722090187592&pixelIndex=0&_=1595965050782 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7409752722090187592&pixelIndex=0&_=1595965050782&google_gid=CAESEOrdpnzVK0oc1wRH7IEiPCQ&google_cver=1

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 278

https://colossusssp.com/?c=o&m=cookie HTTP 302
https://sync.colossusssp.com/hms.gif?puid=1696c6356757131299764522a041c41f3b65ee9d

296 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cutimes.com/
Redirect Chain

https://store.register.creditutimes.com/
https://cutimes.com/
https://www.cutimes.com/
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728
http://store.cutimes.com/Registration/Login.aspx?mode=token&token=B7A14820-55F2-452A-AB83-1C93C1B93C8D&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20200628153728&debug=lawDomainIPWithRefRe...
https://store.cutimes.com/Registration/Login.aspx?mode=token&token=B7A14820-55F2-452A-AB83-1C93C1B93C8D&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20200628153728&debug=lawDomainIPWithRefR...
https://www.cutimes.com/?slreturn=20200628153728

94 KB
16 KB

529ms
529ms

Document
text/html

2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4d8df21bfc464b93ae234c429851b1be414fe48b8acd72c9495c377b4a15425

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.cutimes.com
:scheme: https
:path: /?slreturn=20200628153728
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d3a7788b1671e5d105507d9df9ff84c841595965047; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00445525d5f4f58455e445a4a423660; ipAddress=5l04acRWFpUspWM2uA%3d%3d; UCID=dc4e0630-7f4c-4bb0-815c-c84ea5729fec
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 28 Jul 2020 19:37:29 GMT
content-type: text/html;charset=utf-8
cf-ray: 5ba10e14ce700ebb-FRA
content-language: en-US
set-cookie: ssoCompliant=; Max-Age=31536000; Expires=Wed, 28-Jul-2021 19:37:29 GMT; Path=/ NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00445525d5f4f58455e445a4a423660;expires=Tue, 28-Jul-2020 19:42:29 GMT;path=/;secure;httponly
vary: Accept-Encoding
cf-cache-status: DYNAMIC
backend: templates_newlaw_director
cf-request-id: 04388720f800000ebb90aaf200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
content-encoding: br

Redirect headers

status: 302
date: Tue, 28 Jul 2020 19:37:29 GMT
content-type: text/html; charset=utf-8
location: https://www.cutimes.com/?slreturn=20200628153728
cf-ray: 5ba10e120fc90ebb-FRA
cache-control: private
set-cookie: regSID=b53a3ba3-83df-4c9f-93ba-68682818ed93; expires=Tue, 28-Jul-2020 20:37:29 GMT; path=/; HttpOnly ipAddress=5l04acRWFpUspWM2uA%3d%3d; domain=.cutimes.com; expires=Wed, 29-Jul-2020 07:37:29 GMT; path=/ UCID=dc4e0630-7f4c-4bb0-815c-c84ea5729fec; domain=.cutimes.com; expires=Thu, 28-Jul-2050 19:37:29 GMT; path=/
cf-cache-status: DYNAMIC
cf-request-id: 0438871f4400000ebb90a96200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: origin-when-cross-origin
x-aspnet-version: 4.0.30319
x-powered-by: Server #1
vary: Accept-Encoding
server: cloudflare

GET
H2 200 markets.min.css
www.cutimes.com/assets/master-template/css/release/ 328 KB
44 KB 537ms
536ms Stylesheet
text/css 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2020-07-28-15

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d901c0df0666d0ebe00231b25eef17879e714a2cf29d2f57bde706ac040e324b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
cf-request-id: 043887231500000ebb90acd200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"335677-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e182e5b0ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 60ms
7ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

x-fastly-request-id: c6bd364896bc8851fe43ad5046651f7c8f058797
date: Tue, 28 Jul 2020 19:37:29 GMT
content-encoding: gzip
age: 103
x-cache: HIT
status: 200
content-length: 1068
x-served-by: cache-hhn4054-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 1720:7C90:381713:4411AB:5EFD43C0
x-timer: S1595965050.672700,VS0,VE0
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 02 Jul 2020 02:24:16 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 4

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
646 B 60ms
7ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

x-fastly-request-id: bf7031f9133aa5e651265e9b96a080f0ca99f32f
date: Tue, 28 Jul 2020 19:37:29 GMT
content-encoding: gzip
age: 67
x-cache: HIT
status: 200
content-length: 479
x-served-by: cache-hhn4054-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 6342:4FDC:44420C:5446D9:5F124B42
x-timer: S1595965050.672770,VS0,VE0
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sat, 18 Jul 2020 00:59:51 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 2

GET
H2 200 jquery.2.1.3.min.js Show response
www.cutimes.com/assets/master-template/js/ 82 KB
28 KB 37ms
37ms Script
application/javascript 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/jquery.2.1.3.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 1534
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
cf-request-id: 043887231500000ebb90ace200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"84320-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e182e5d0ebb-FRA
x-vnode: 27
expires: Tue, 28 Jul 2020 23:37:29 GMT

GET
H2 200 yi.js Show response
z.moatads.com/almprebidheader476420012280/ 95 KB
36 KB 36ms
10ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almprebidheader476420012280/yi.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e40fbde1dbb4757342b655cc782db23c8f4844a0623a84643a349d52b6cda90

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:29 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 21:09:46 GMT
server: AmazonS3
x-amz-request-id: 0F130EE62A1D3634
etag: "8389737683f8879d84e29825a1ca8102"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17885
accept-ranges: bytes
content-length: 36741
x-amz-id-2: a2UZMHP/vPTKDGa0eSYPylQ/tT+xRNAYzEjM1t2LeLUSGkl0YrX36oq6vHfC6M/VVIGE0cpg4A0=

GET
H2 200 nav-icon-sign-in.png
www.cutimes.com/assets/master-template/images/ 240 B
488 B 67ms
65ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:29 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 8974
cf-polished: origFmt=png, origSize=1322
x-cache: MISS
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in.webp"
cf-bgj: imgq:100,h2pri
content-length: 240
cf-request-id: 043887231700000ebb90ad0200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"1322-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e182e630ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:29 GMT

GET
H2 200 cut-logo-white-nav.png
www.cutimes.com/assets/master-template/images/market-images/ 2 KB
2 KB 23ms
22ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/cut-logo-white-nav.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9c9bc71151e9dc81ff5f49f2f41cec37e30e621233753dd812911fd5eff581

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:29 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 8973
cf-polished: origFmt=png, origSize=2159
x-cache: MISS
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="cut-logo-white-nav.webp"
cf-bgj: imgq:100,h2pri
content-length: 1896
cf-request-id: 043887231700000ebb90ad1200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"2159-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e182e640ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:29 GMT

GET
H2 200 project-management-remote-scheduling-e1589739953748.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 42 KB
42 KB 473ms
424ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/project-management-remote-scheduling-e1589739953748.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8debeacf437f7073c4e205f5cd3718b8a20f8787e92a123df9f29f068bb12a34

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=45537, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 43169
cf-request-id: 043887234800000ebb90ad4200000001
last-modified: Sun, 17 May 2020 18:25:53 GMT
server: cloudflare
etag: "81f58c-b1e1-5a5dc2d3164c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e187f0e0ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 businessman-iceberg-challenge-crisis-e1588091885394.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/04/ 23 KB
23 KB 478ms
429ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/04/businessman-iceberg-challenge-crisis-e1588091885394.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07fd28cc6102a66ddf07b48885ff256f34a94d4baba61fbc09fa8ef8da4fb38b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=24159, status=webp_bigger
x-cache: HIT 1
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 23556
cf-request-id: 043887234700000ebb90ad3200000001
last-modified: Tue, 28 Apr 2020 16:38:05 GMT
server: cloudflare
etag: "818c19-5e5f-5a45c74af81e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e187f0c0ebb-FRA
x-vnode: 27
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 business-meeting-team-connected-e1584045504201.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/03/ 48 KB
49 KB 490ms
441ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/03/business-meeting-team-connected-e1584045504201.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f122c638da51958b56ff82a444640da5f828ab350b58a09af4e3af0f5cc8165c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=51778, status=webp_bigger
x-cache: HIT 6
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 49527
cf-request-id: 043887234800000ebb90ad6200000001
last-modified: Thu, 12 Mar 2020 20:38:24 GMT
server: cloudflare
etag: "7eccd2-ca42-5a0ae559acc24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e187f120ebb-FRA
x-vnode: 28
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 core-system-technology-e1581013011527.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/02/ 48 KB
48 KB 461ms
411ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/02/core-system-technology-e1581013011527.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f984792339e8c74bbbccba46173ab9171305c28975ee4438d05622b09eecc1f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=50494, status=webp_bigger
x-cache: HIT 2
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 48908
cf-request-id: 043887234800000ebb90ad5200000001
last-modified: Thu, 06 Feb 2020 18:16:51 GMT
server: cloudflare
etag: "7cf4eb-c53e-59dec46f5d99e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e187f100ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 51ms
8ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: dafd1b881d818b8b9c8674b4bb37566a838ea31c
date: Tue, 28 Jul 2020 19:37:29 GMT
content-encoding: gzip
age: 103
x-cache: HIT
status: 200
content-length: 1068
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 1720:7C90:381713:4411AB:5EFD43C0
x-timer: S1595965050.673276,VS0,VE0
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 02 Jul 2020 02:24:16 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 2

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 33ms
15ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:29 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 23 Jul 2020 16:13:23 GMT
server: cloudflare
etag: W/"5f19b723-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5ba10e18bbab325c-FRA
cf-request-id: 04388723700000325c16b6f200000001
expires: Thu, 30 Jul 2020 19:37:29 GMT

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
669 B 10ms
10ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: d5e01b8f569c71095881ee837db21f1101711146
date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
age: 68
x-cache: HIT
status: 200
content-length: 479
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 6342:4FDC:44420C:5446D9:5F124B42
x-timer: S1595965050.176680,VS0,VE1
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sat, 18 Jul 2020 00:59:51 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 nav-divot-cutimes.png
www.cutimes.com/assets/master-template/images/market-images/ 122 B
416 B 404ms
403ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-divot-cutimes.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b7c22e1d47c8df63bc6abfa17ec37e1ae4431e70c8df9b918dd20cfed819b23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2020-07-28-15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1086
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="nav-divot-cutimes.webp"
cf-bgj: imgq:100,h2pri
content-length: 122
cf-request-id: 043887254e00000ebb90aec200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"1086-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e1bbeff0ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 nav-divot-red.png
www.cutimes.com/assets/master-template/images/market-images/ 120 B
291 B 421ms
421ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-divot-red.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7559eaf776544be90a6d50a4581875e797898016c60c089ade988267e768e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2911
x-cache: HIT 2
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="nav-divot-red.webp"
cf-bgj: imgq:100,h2pri
content-length: 120
cf-request-id: 043887254f00000ebb90aed200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"2911-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e1bbf020ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 3f25cc00-b9ab-0134-0eba-0cc47a63c1a4 Show response
tag.simpli.fi/sifitag/ 2 KB
3 KB 234ms
197ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 28 Jul 2020 19:37:30 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1998
x-request-id: FiYBwe_uQ6fCbYeDIZVB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET river-load-more-pg.min.js
www.cutimes.com/assets/master-template/js/release/ 0
0

GET ad-scroll-v2.min.js
www.cutimes.com/assets/master-template/js/release/ 0
0

GET
H2 200 master-core-lite.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 27 KB
10 KB 26ms
23ms Script
application/javascript 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9cfa29fa86ce04673d24bcdcfcaccf4e9e6b29f81b64553b13952cddf7194ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 1531
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
cf-request-id: 043887260300000ebb90af9200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"27835-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e1cd97b0ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
17 KB 20ms
17ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14901572
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04388726040000325c16b9f200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Mon, 28 Jan 2019 18:00:51 GMT
server: cloudflare
etag: W/"5c4f4353-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5ba10e1cdbad325c-FRA
expires: Sun, 18 Jul 2021 19:37:30 GMT

GET
H2 200 tealium.js Show response
www.cutimes.com/assets/master-template/js/ 4 KB
1 KB 23ms
20ms Script
application/javascript 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/tealium.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58ecc1cfaf2bd3805360ae09cb08f51468c60a0f5feffc8588706335f92da5e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 1532
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
cf-request-id: 043887260400000ebb90afa200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4577-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e1cd97c0ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H/1.1 200
OK overlayForm.js Show response
store.law.com/Registration/js/ 14 KB
4 KB 285ms
95ms Script
application/javascript 204.14.32.196
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/Registration/js/overlayForm.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.14.32.196 , Rwanda, ASN7124 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / Server #2
Resource Hash: c595655ff7d1e11aa1641d3c5243d12bb62ba0180cc02639081efa1d7f1f09c4

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 19:37:31 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 22 Jul 2020 23:18:35 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: Server #2
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=900
Accept-Ranges: bytes
Content-Length: 3594
ETag: "80171d6c7e60d61:0"

GET common.min.js
www.cutimes.com/assets/master-template/js/release/ 0
0

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 22 Jul 2020 18:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522147
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jul 2021 18:35:03 GMT

GET
H2 200 lazyloadXT.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 3 KB
2 KB 22ms
21ms Script
application/javascript 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386304e8dcdc06a6474321865af2cd47cea2690e7f70223a364eaeaa45f9c74c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 1533
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
cf-request-id: 043887260400000ebb90afc200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2933-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e1cd9830ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 cutimes.prebid.js Show response
www.cutimes.com/assets/master-template/js/prebid/ 207 KB
60 KB 24ms
22ms Script
application/javascript 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfbc7023380757b7eb822963462b2fbdc5bba03a868df9b3f98b58c0a020dcb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 1533
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
cf-request-id: 043887260400000ebb90afd200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"211483-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e1cd9860ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:30 GMT

GET
H2 200 css Show response
fonts.googleapis.com/ 3 KB
1 KB 33ms
15ms Fetch
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b484d46c585707d69102873172a893ffabd34b2b7e17fedf7b19015dbf251a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jul 2020 17:46:21 GMT
server: ESF
date: Tue, 28 Jul 2020 19:37:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jul 2020 19:37:30 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 119 KB
33 KB 97ms
79ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4ffaf6d5d8ebefea1142264d4bd6102067e2fa1ad6751870c4ada82bf35d28da

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 22:26:27 GMT
server: AkamaiNetStorage
etag: "3c000f4ce1f6c78d0947e512fe904ba2:1595456787.143391"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 33027
expires: Tue, 28 Jul 2020 19:42:30 GMT

GET
H2 200 yi.js Show response
mb.moatads.com/ 1 KB
2 KB 164ms
88ms Script
text/html 54.194.147.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&callback=MoatNadoAllJsonpRequest_96779062
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almprebidheader476420012280/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.147.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: 1546c1e8843a302c6ca9ce9ba4356859709c5e7342d259a832762efd786123b0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
server: TornadoServer/4.5.3
etag: "0a79b00f042a8890a753a8c06a219af05333ce11"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 1473

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 18ms
17ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1595965050644&de=9385345937&d=ALM_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=31f9dba90d-clean&iw=af9b55d&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=cutimes.com&bd=cutimes.com&ac=1&bq=11&f=0&na=1450329196&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:30 GMT

GET
H/1.1 200
OK dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Show response
s.dpmsrv.com/ 283 KB
47 KB 77ms
14ms Script
application/x-javascript 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f116cf5298f94d631f3a61dd1dcb27813d5742d9167ec0146206f40480e28c3

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 01:58:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 May 2020 20:47:58 GMT
Server: AmazonS3
Age: 63554
ETag: "8fc8dfe271ccc51f656867158081ffa2"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 48062
X-Amz-Cf-Id: NAcGWLtg-ix3p6iDxzut7WZ6eIb-prwhushEWYkYrcSbiXveTgT9bw==

GET
H2 200 markets.min.css Show response
www.cutimes.com/assets/master-template/css/release/ 328 KB
44 KB 521ms
521ms XHR
text/css 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2020-07-28-15

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d901c0df0666d0ebe00231b25eef17879e714a2cf29d2f57bde706ac040e324b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 2
status: 200
backend: templates_newlaw_director
cf-request-id: 043887273e00000ebb90b07200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"335677-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e1ecdcf0ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:31 GMT

GET
H2 200 p Show response
i.simpli.fi/ 34 B
563 B 51ms
14ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e09104e2d44f1a94518d3115e39e60dec46fd3486d07db5a0c815c434a7899f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 28 Jul 2020 19:37:30 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 22 Jul 2020 18:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522147
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jul 2021 18:35:03 GMT

GET
H2 200 common.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 53 KB
13 KB 433ms
433ms Script
application/javascript 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/common.min.js?2020-07-28-15

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e8ee14092586919b5ca348ed176e27b988cfee653a306a0fed55ef028cd156a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 2
status: 200
backend: templates_newlaw_director
cf-request-id: 043887275a00000ebb90b08200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"54582-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e1efe2d0ebb-FRA
x-vnode: 27
expires: Tue, 28 Jul 2020 23:37:31 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595965050749
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595965050749

362 B
1 KB

42ms
42ms

XHR
application/json

52.208.235.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595965050749

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.235.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0dd8d08c5bd2b3fbe03d7173f6ad59610b72c3cd4f8190d02469dfafce256652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v076-09842fd12.edge-irl1.demdex.com 5.74.0.20200727122545-PR_1451-SNAPSHOT 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: Jnjmytx6QDs=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 300
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.cutimes.com
X-TID: +9RvLrMMS48=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595965050749
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 utag.87.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 9 KB
3 KB 15ms
13ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.87.js?utv=ut4.39.202007222226
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b329fa560bb94ce2f0b8417b01d3744cdda13cbfaa6036800529f302457f6815

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 22:26:28 GMT
server: AkamaiNetStorage
etag: "cd8587db2697e130b292a91760a32f40:1595456788.403344"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2897
expires: Wed, 12 Aug 2020 19:37:30 GMT

GET
H2 200 utag.26.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 19ms
17ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202003232302
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0404edab2dc1f7c6d53acc365707f538e3a6ef3e45c1210526710f01a9cbdac1

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:56 GMT
server: AkamaiNetStorage
etag: "f6fc4a048e38478542f37e53c6fe35da:1592861216.785713"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1505
expires: Wed, 12 Aug 2020 19:37:30 GMT

GET
H2 200 utag.78.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 108 KB
34 KB 20ms
19ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.39.202005222105
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5fc6f0aaafb0654e6f77aee8062743dcc2ed72e3218310a2933c2ce18fc38f94

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:54 GMT
server: AkamaiNetStorage
etag: "b8399314898c109250e76d9335018053:1592861214.18641"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 34830
expires: Wed, 12 Aug 2020 19:37:30 GMT

GET
H2 200 utag.32.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 16ms
15ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.32.js?utv=ut4.39.201909121652
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:56 GMT
server: AkamaiNetStorage
etag: "fb390697366796015697c0162fac7588:1592861216.366485"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1448
expires: Wed, 12 Aug 2020 19:37:30 GMT

GET
H2 200 utag.39.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 19ms
18ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2016 19:05:16 GMT
server: AkamaiNetStorage
etag: "19f5cfea9207d9078058ad07886d8356:1472583916"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 953
expires: Wed, 12 Aug 2020 19:37:30 GMT

GET
H2 200 utag.101.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 13 KB
4 KB 28ms
27ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 300908cbcb84903590648db1851fcb3c493af3aaab47d4109e0a9f8394e06fd7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:53 GMT
server: AkamaiNetStorage
etag: "d92cbafa99067935fba25cba6e9bcb91:1592861213.763276"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4339
expires: Wed, 12 Aug 2020 19:37:30 GMT

GET
H2 200 utag.112.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 27ms
26ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.39.202005192159
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
last-modified: Tue, 19 May 2020 21:59:32 GMT
server: AkamaiNetStorage
etag: "237667acf6557ccb2652f9af3e9f82a8:1589925572.725309"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1014
expires: Wed, 12 Aug 2020 19:37:30 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D572229%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D572229%2526tzOffset%2...
https://a.dpmsrv.com/dpmpxl/index.php?id=7409752722090187592&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=572229&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&_=1595965050781

255 B
1005 B

492ms
103ms

Script
text/javascript

34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=7409752722090187592&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=572229&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&_=1595965050781
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d7244a68f36ce92897fe5787344f0582272526b50f40d1f60123d9cd9e40935f

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 226
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:37:31 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid: cd0a1af7-7e43-40ff-af86-e3c6ebfb339d
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=7409752722090187592&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=572229&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&_=1595965050781
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 48 KB
17 KB 63ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.87.js?utv=ut4.39.202007222226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

797577bb68847511fe77ec4bc0c5e3f6ad5972df5a3119d27cbea537df7a6824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "585 / 750 of 1000 / last-modified: 1595887801"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16580
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:30 GMT

GET
H2

200

i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=017396ee0f720017d75db861c76a00078003007000b08&tealium_account=alm&tealium_profile=main
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=017396ee0f720017d75db861c76a00078003007000b08&tealium_account=alm&tealium_profile=main&goog...
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=017396ee0f720017d75db861c76a00078003007000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEJiPT-1L0SVH5i...

43 B
968 B

20ms
8ms

Image
image/gif

18.158.135.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=017396ee0f720017d75db861c76a00078003007000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEJiPT-1L0SVH5i63xXlfxPw&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.135.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
vary: Origin
x-serverid: uconnect_i-0066b77149e24d74a
x-tid: 017396ee0f720017d75db861c76a00078003007000b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
x-region: eu-central-1
x-acc: alm:main:2:vdata
content-length: 43
pragma: no-cache
x-did: 017396ee0f720017d75db861c76a00078003007000b08
content-type: image/gif
x-ulver: f9fee1d59477ef91bdabcf38237ad62049ca4469-SNAPSHOT
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-uuid: fee0eca3-43f5-4479-bdf6-4e914ff4f7e2
expires: Tue, 28 Jul 2020 19:37:30 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:30 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=017396ee0f720017d75db861c76a00078003007000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEJiPT-1L0SVH5i63xXlfxPw&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 24ms
8ms Script
application/x-javascript 2600:9000:2057:9800:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202003232302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9800:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 18:35:16 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 3734
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: buNRvPIvoSdA2NSiqq-aXl6Djp44Qd9X7vZYtbA0seV0NLFRj8YmLQ==
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
expires: Tue, 28 Jul 2020 20:35:16 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 22 KB
8 KB 28ms
10ms Script
application/x-javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
last-modified: Tue, 28-Jul-2020 19:37:30 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Tue, 04 Aug 2020 19:37:30 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 137ms
31ms Script
application/javascript 34.240.148.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?286
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c293a28e23c66b27bd04bc1742f3aab0ebf6c382961c1e83140f035a08ea5e5d

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 19:37:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2020 16:58:35 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=76864
Connection: keep-alive
Content-Length: 11932
Expires: Wed, 29 Jul 2020 16:58:35 GMT

POST
H2 200 i.gif Show response
collect.tealiumiq.com/alm/main/2/ 43 B
748 B 51ms
14ms XHR
image/gif 18.158.135.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/alm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.135.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryXS8yNE7qJjEViX1A

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
x-serverid: uconnect_i-06ffb618b9c653438
x-tid: 017396ee0f720017d75db861c76a00078003007000b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
x-region: eu-central-1
x-acc: alm:main:2:datacloud
content-length: 43
pragma: no-cache
x-did: 017396ee0f720017d75db861c76a00078003007000b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-ulver: f9fee1d59477ef91bdabcf38237ad62049ca4469-SNAPSHOT
x-uuid: 5d8f8734-b8b9-4005-8a9f-252b6215546e
expires: Tue, 28 Jul 2020 19:37:30 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 7ms
7ms Script
application/x-javascript 23.8.6.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202007222226&cb=1595965050828
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.251 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Tue, 28 Jul 2020 19:47:30 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 297ms
98ms Image
image/gif 35.172.101.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=cutimes.com&p=%2F&u=BzuKR0B0bjoVD4atvA&d=cutimes.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4732&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4061&t=CJEG6DCajH7SHwOwmC9HqUwEv_ny&V=120&i=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&tz=-120&sn=1&sv=ZYniTCFWq1PB5Sz6IDBtjph3ZGK5&sd=1&im=067b2ef3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.101.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 rules-p-tet4NLTPxSXJn.js Show response
rules.quantcount.com/ 3 KB
1 KB 34ms
7ms Script
application/x-javascript 2600:9000:2057:dc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-tet4NLTPxSXJn.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:36:49 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2017 01:28:01 GMT
server: AmazonS3
age: 42
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Zv6go7uUgL0kRV2zA2SqcK5EvE-UnDbhUbVpIir5XnbZkAPHtacEeg==
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)

GET
H/1.1 200
OK 017396ee0f720017d75db861c76a00078003007000b08 Show response
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 27 B
324 B 58ms
9ms Script
application/javascript 18.159.22.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-eu-central-1.tealiumiq.com/alm/main/017396ee0f720017d75db861c76a00078003007000b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1595965050874

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.22.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Version: 2102b23187ef247cb7ff05459f63de9dd5c2c899-SNAPSHOT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Region: eu-central-1
Connection: keep-alive
Content-Length: 27
X-NodeId: i-081a06bae182e221c
Content-Type: application/javascript; charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 38ms
18ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cutimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 38ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cutimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020072001.js Show response
securepubads.g.doubleclick.net/gpt/ 253 KB
90 KB 41ms
17ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 13:10:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91349
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:30 GMT

GET
H2 200 pixel;r=788449885;labels=ALM%20Financial.Credit%20Union%20Times;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728;fpan=1;fpa=P0-738897215-1595965050897;ns=0;ce...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=788449885;labels=ALM%20Financial.Credit%20Union%20Times;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728;fpan=1;fpa=P0-738897215-1595965050897;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=cutimes.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1595965050897;tzo=-120;ogl=type.website%2Ctitle.Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times%2Csite_name.Credit%20Union%20Times%2Curl.https%3A%2F%2Fwww%252Ecutimes%252Ecom%2F%2Cimage.%2F%2Fimages%252Ecutimes%252Ecom%2Fmedia%2Fmaster-template%2Fsocial-share-logos%2Fsocial-share-cut-7%2Cdescription.Credit%20Union%20Times%20investment%20management%20topics%20are%20delivered%20with%20keen%20indusry%20

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html
alm.demdex.net/ Frame B9CA 0
0 131ms
31ms Document
text/html 63.32.152.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.152.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: alm.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200628153728
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=85813271935823584130110556411669632253
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Mon, 27 Jul 2020 14:27:12 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=85813271935823584130110556411669632253;Path=/;Domain=.demdex.net;Expires=Sun, 24-Jan-2021 19:37:31 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: L/xXcePLRd4=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
b.law.com/ 48 B
479 B 94ms
20ms XHR
application/x-javascript 15.236.9.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.law.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=87432060474787271171137196797149698749&ts=1595965050939

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

91bac162bc5604b6d008ad25b1f70ff800018679051b854145d7371ef22a0ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Tue, 28 Jul 2020 19:37:30 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7447d85976-rnjpf
vary: Origin
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XyB_ewAABDbJyVL0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=85813271935823584130110556411669632253
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XyB_ewAABDbJyVL0

42 B
932 B

62ms
61ms

Image
image/gif

52.208.235.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XyB_ewAABDbJyVL0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.235.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v076-015d1cc3f.edge-irl1.demdex.com 5.74.0.20200727122545-PR_1451-SNAPSHOT 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: qmT1YMdyRBA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 28 Jul 2020 19:37:30 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XyB_ewAABDbJyVL0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 644 B
1 KB 30ms
30ms Script
application/javascript 34.240.148.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&pv=1595965050956_ygkvmclp8&bl=en-us&cb=487741&return=&ht=&d=&dc=&si=1595965050956_ygkvmclp8&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?286
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 493aad238e30e4f8bdd893fa05ab71335f2ec01fe0392556d84d37f501e46310

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:37:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 468
Expires: 0

POST
H2 200 adreq Show response
ads.servenobid.com/ 108 B
370 B 149ms
79ms XHR
application/json 52.51.113.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9241
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.113.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4f2343b9cf3c5cf9d7e3819cf7e7632afcd0016c4fd0bda1e5050070decce9dd

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
865 B 152ms
62ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:37:31 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: e4f3a806-568d-4704-8733-7769d72ac1c5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 417ms
222ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:31 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
242 B 243ms
78ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:30 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
866 B 149ms
57ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:37:31 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.247:80
AN-X-Request-Uuid: 9766d451-be85-4586-b2c3-17e0d8f8bce0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 108 B
370 B 145ms
80ms XHR
application/json 52.51.113.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9349
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.113.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4f2343b9cf3c5cf9d7e3819cf7e7632afcd0016c4fd0bda1e5050070decce9dd

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 413ms
220ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:31 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 B
242 B 241ms
77ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:30 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 200 adreq Show response
ads.servenobid.com/ 108 B
379 B 142ms
80ms XHR
application/json 52.51.113.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10832
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.113.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4f2343b9cf3c5cf9d7e3819cf7e7632afcd0016c4fd0bda1e5050070decce9dd

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
865 B 267ms
117ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:37:31 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.69:80
AN-X-Request-Uuid: 6027fe1d-c8ee-4de4-afb2-c13971cc0d66
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 2 B
242 B 246ms
79ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:30 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 419ms
224ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:31 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 425ms
226ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:31 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 200 adreq Show response
ads.servenobid.com/ 108 B
379 B 138ms
79ms XHR
application/json 52.51.113.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=6025
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.113.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4f2343b9cf3c5cf9d7e3819cf7e7632afcd0016c4fd0bda1e5050070decce9dd

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
242 B 235ms
78ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:30 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
866 B 709ms
564ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:37:31 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid: 3f0c749b-db70-4683-91f6-4607880663ef
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
2 KB 106ms
106ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19cae05535f990e788197c828064f1730ea1a554384edac06232c548e437060e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2398
x-xss-protection: 0
google-lineitem-id: 4594036698
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138226581719
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fe6dd6090be5f5d68e78d42488fdcc5e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 102ms
58ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fe6dd6090be5f5d68e78d42488fdcc5e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
619 B 46ms
45ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26afebdc5076bb1a02a32dfa144b0d45f7c314d4648d9ce5e621f90e69ef54af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 101ms
100ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

921839a42efb25cf26b40465e503a9d54ffddc300f65ee90e23918b0639748ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2795
x-xss-protection: 0
google-lineitem-id: 4598612399
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138226921347
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 355ms
355ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b5571e12c90aea280a8f38bd53757b68ffd9ff1b89fb878b646865d4a515768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2478
x-xss-protection: 0
google-lineitem-id: 4583767874
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138225750724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
6 KB 343ms
342ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

842492d06c413da9ca35f875d3537d9a80464bbdd6f24d629445bebb091f71fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5663
x-xss-protection: 0
google-lineitem-id: 5175869470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287720435
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
6 KB 346ms
345ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e17bf13d1a6332ead07be0a1ed7c246857db7880a890012c85d06c1496e75b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5714
x-xss-protection: 0
google-lineitem-id: 5392800908
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317043457
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
286 B 349ms
346ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d8c720ef4fcd4772c311482897005047f73af7ffbbbd82865ee65db3a876188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 344ms
344ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5716ce0b15adaf5069220fc45fe4a099ca9da890b18258de0807583eae4721a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3200
x-xss-protection: 0
google-lineitem-id: 5429561948
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138318142570
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
291 B 347ms
347ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d544a2f887de77c03a7a7500bb5689450c9081761162dbafe567832439022cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 408 B
288 B 350ms
350ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3381192e1985c62816b185d57cd38d4f41ce2e3d06aa7cf6d33bbed794fd044e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
290 B 344ms
344ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ba0629f107423737ada65c0fcd7a851532ddb1d517772b350cd36a1bccab893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 B
287 B 350ms
349ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a915c87bcd3de83940a65672999c62f20a50f8e9994a38dd3f5d7fe681e6b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
287 B 353ms
352ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f894fd8b919c340bfbcd2923c5e75518b3972c6a132140c2e9db2933f75382d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
288 B 350ms
350ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b9f52cc60061d0f83f49d757e9cc4f39d848f655a75f49f7558b76410f971ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 214
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s42636610886194
b.law.com/b/ss/almcut,almglobal/1/JS-1.6/ 43 B
222 B 23ms
23ms Image
image/gif 15.236.9.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.law.com/b/ss/almcut,almglobal/1/JS-1.6/s42636610886194?AQB=1&ndh=1&pf=1&t=28%2F6%2F2020%2021%3A37%3A31%202%20-120&mid=87432060474787271171137196797149698749&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=cut%3Ahome&g=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&cc=USD&ch=cut%3Ahome&server=cut&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c7=undefined%20%7C%20undefined&v24=cut&c30=home&v30=D%3Dc30&c40=21&c41=3%3A30pm&v41=D%3Dc41&c42=tuesday&v42=D%3Dc42&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:30 GMT
x-content-type-options: nosniff
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 29 Jul 2020 19:37:31 GMT
server: jag
xserver: anedge-7447d85976-xppbd
etag: 3427308849887281152-4614406544818946355
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 27 Jul 2020 19:37:31 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 42C6 0
0 46ms
45ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBghSe6heW-6Svud54eJPDRGst7GyLh5WYCqrNM4bLANeJv3p98uC9TfXHpBwZ9XAQIsi2RZMrypu1BmVmFvOeE48G7hEs7YIo9uCkeNyIG6yDpTBQEEv3PIQwnCIlN0ELSHEcG_Mgl8t6cfft656MVV1SXgpF9o3SVpCkTzuMTQ2NdTwlrbtIoLIjw-a_M_HE8K0TXX9LcRWRmzOSAfh4UOzL1Ru0pKI6XpBcSO79ueYIMOBfNx2ai-xD8coRU4uPmfDwQjx9IFOz-g&sig=Cg0ArKJSzNrMM1MTUk4DEAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 42C6 73 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae04f5982a5ed48ec3499534afeb7eea6d5221b951769a9ef6fd932971839ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 42C6 284 KB
97 KB 9ms
9ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 17:53:59 GMT
server: AmazonS3
x-amz-request-id: 87B1FD580E12CBC7
etag: "d2ef9f7d6daa54e46dc7e01ff0592da6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=37914
accept-ranges: bytes
content-length: 98432
x-amz-id-2: AjryOIhHUJTso11HdMdielOS1+HSHOcF+clNguieZv1Xinxvh/j8OSHBppSbUarqtEBjOolvJyM=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

921e018e4be04fba8a1975fcb32b8e64d034160dcb6354c30f616c3bd9196e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27217
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2554 0
0 44ms
43ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseKWIwdOw8VtnMv9aBYnaaHqT6siCEeIkqKpHBtpv5jYe4sejOg-aUSgUPOxnc4ia8c0Mq4x_JJsFPx8syV-KieEONqYEUB8F99Z2rD9SPwVYX_k1kqSBNsaBz6-8uwG7Zr-_musfZfkULFKceNdwjeec7laFz-_DwcZsLsM3RAwRvHuYOrxcWegMQNRfDyT8Yu3R-bmZ0Wd7sNFBE530lU64uQGkBRVDN02PXzIg0oLxNUs29WsbJgqhPFxmtbfAG070gT155wlPmfw&sig=Cg0ArKJSzE0VlzvvjVnWEAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 smart_cutimes.epl
www.dianomi.com/ Frame 9D84 0
0 423ms
110ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20200628153728

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20200628153728
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200628153728
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

status: 200
date: Tue, 28 Jul 2020 19:37:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=ddc4187fb6d9e491d71aa3a2a662e7b1a1595965051; expires=Thu, 27-Aug-20 19:37:31 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2232/12.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 0438872a6e0000cd97cd065200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5ba10e23eafdcd97-CDG
content-encoding: br
cf-h2-pushed: </img/a/pss/2232/12.css>

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2554 73 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae04f5982a5ed48ec3499534afeb7eea6d5221b951769a9ef6fd932971839ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 2554 284 KB
97 KB 12ms
11ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 17:53:59 GMT
server: AmazonS3
x-amz-request-id: 87B1FD580E12CBC7
etag: "d2ef9f7d6daa54e46dc7e01ff0592da6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=37914
accept-ranges: bytes
content-length: 98432
x-amz-id-2: AjryOIhHUJTso11HdMdielOS1+HSHOcF+clNguieZv1Xinxvh/j8OSHBppSbUarqtEBjOolvJyM=

GET
H/1.1 200
OK ibs:dpid=22052&dpuuid=3612013446478430307&redir=
dpm.demdex.net/ 42 B
932 B 36ms
34ms Image
image/gif 52.208.235.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3612013446478430307&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.235.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v076-0602d014b.edge-irl1.demdex.com 5.74.0.20200727122545-PR_1451-SNAPSHOT 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: g+IcafTwT7I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3612013446478430307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMjAxMzQ0NjQ3ODQzMDMwNxAAGg0I-_yB-QUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=48666d9ea00573436b28916caad1ffacd3b4829e250e3d34d3d0736412eb89bbf4cb09cee1a4f8eb&person_id=3612013446478430307&eid=50082

43 B
312 B

40ms
40ms

Image
image/gif

34.240.148.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=48666d9ea00573436b28916caad1ffacd3b4829e250e3d34d3d0736412eb89bbf4cb09cee1a4f8eb&person_id=3612013446478430307&eid=50082
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 19:37:31 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 29 Jul 2020 15:37:31 GMT

Redirect headers

date: Tue, 28 Jul 2020 19:37:31 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=48666d9ea00573436b28916caad1ffacd3b4829e250e3d34d3d0736412eb89bbf4cb09cee1a4f8eb&person_id=3612013446478430307&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=633a508e-f910-4ff3-b0d0-3c30c451b013
https://ml314.com/csync.ashx?fp=633a508e-f910-4ff3-b0d0-3c30c451b013&person_id=3612013446478430307&eid=53819

43 B
312 B

60ms
30ms

Image
image/gif

34.240.148.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=633a508e-f910-4ff3-b0d0-3c30c451b013&person_id=3612013446478430307&eid=53819
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 19:37:30 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 29 Jul 2020 15:37:31 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:37:31 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://ml314.com/csync.ashx?fp=633a508e-f910-4ff3-b0d0-3c30c451b013&person_id=3612013446478430307&eid=53819
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Wed, 29 Jul 2020 15:37:31 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3612013446478430307
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3612013446478430307
https://ml314.com/csync.ashx?fp=e88a47a7df7d683ff24a8aa20c976daa&eid=50146&person_id=3612013446478430307

43 B
312 B

50ms
29ms

Image
image/gif

34.240.148.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=e88a47a7df7d683ff24a8aa20c976daa&eid=50146&person_id=3612013446478430307
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 19:37:30 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 29 Jul 2020 15:37:31 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
status: 302
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=e88a47a7df7d683ff24a8aa20c976daa&eid=50146&person_id=3612013446478430307
cache-control: no-cache
x-server: 10.45.19.136
content-length: 0
expires: 0

GET
H/1.1

200
OK

/
ps.eyeota.net/pixel/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif

0
344 B

11ms
11ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 19:37:31 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=r8hrb20&t=gif
Date: Tue, 28 Jul 2020 19:37:31 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 ad-scroll-v2.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 1 KB
572 B 412ms
411ms Script
application/javascript 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/ad-scroll-v2.min.js?2020-07-28-15

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71589b103fe41e467a42d73570aa89f148b223837869fe205e0914f9e4cf530f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 7
status: 200
backend: templates_newlaw_director
cf-request-id: 043887294100000ebb90b21200000001
cteonnt-length: 1457
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1457-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e220d320ebb-FRA
x-vnode: 27
expires: Tue, 28 Jul 2020 23:37:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 14ms
14ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965051236&de=517968464875&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=2&cb=0&ym=0&cu=1595965051236&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4481724681%3A2255325031%3A4594036698%3A138226581719&zMoatMData=waiting&zMoatPS=footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3783%3A3783%3A4062%3A3812&tz=footer&iq=na&tt=na&tu=waiting&fs=182630&na=1652165559&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 42C6 0
54 B 43ms
43ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUxfVP0LI2Ah5q1QDTEWl8S3MAW6k_lJ4zz8cZgmuVxrLt4IT2GQQY_B-GlNr00my5nntUnce5iAFogKjATGkYRq3s54izafC5_zhQiRaXyZ5YOBzwX4fCwEvAcAGzGITNLqxIXC6P1FpGCNXWKCJUbmJs1s_OwBENzoz8DL4ZDBjXeyuYuJzvy1mf7ja3qtp8WmVaXPXXOLUd_1C33F5t7bqV7Wz4o0B7sct4KcZ2UAIsxuiVRPYPAVvBdQDO44dlFbCx04X-_TcbjfRh&sig=Cg0ArKJSzFP8YiVlnATOEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2554 0
54 B 43ms
43ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5tDeaZ3fp0WrIaorIKXZtcd5iJJ0t6kEOCmGF350umOxP4AIeJ_8KP3B09qI53u2nu4Im1b7errbNmWhMJ7phcalBkxOyJcpoNR_N7L5w8ZIXyJncOhxBbiMyJ4QjA-_7W5mGnwmPorrqohqVT5u_b6sYPNt9qR5kFn9lgz8O_h7HhgnvymBb_rV0C7HDAx2fj0tc42warDy4ZypauXxSf0VNo2WOAW4dnsRNYonkPHVsflQoC8vvnUzL99m3_8PU4VVVKRFYDphxOUNV&sig=Cg0ArKJSzMBAWMaeZax_EAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2554 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3578cb852d3db389a5e95729c71e139cb914539652a95cdc2c8ba894dc546fb2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 13ms
13ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965051285&de=144787467378&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=5&cb=0&ym=0&cu=1595965051285&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&zMoatMData=waiting&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3783%3A3783%3A4062%3A3812&tz=d_footer&iq=na&tt=na&tu=waiting&fs=182630&na=987555165&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C424 0
0 44ms
43ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJs0ANFalK1Ef3wopBhtlANByTaPJbsJ5_tPihWErAGVdQd6BhOXCTX71V-8-f5IWfZe0WrJAf2ixjjrGaLmcMSlHhIi76rYhq8SRqJNAa_GwWFaJS0mGQ6i99YKtNP6VL09-U1TvldyU-dH4P_9Ntg-yUAfZaRccc0wZOyAiFK5KnarYtEZ4zsP-uQ8q9taf_rjyeXx9_7OCSIGTlY8oKizgwnFjTaiDBZI2R_HbxgHf399BLZZCENs5ffBGEjj2MNcprqRD37Q&sig=Cg0ArKJSzBp1MTVhBxX5EAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/ Frame C424 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 01:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Aug 2020 01:36:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C424 73 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae04f5982a5ed48ec3499534afeb7eea6d5221b951769a9ef6fd932971839ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame C424 284 KB
97 KB 9ms
9ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 17:53:59 GMT
server: AmazonS3
x-amz-request-id: 87B1FD580E12CBC7
etag: "d2ef9f7d6daa54e46dc7e01ff0592da6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=37914
accept-ranges: bytes
content-length: 98432
x-amz-id-2: AjryOIhHUJTso11HdMdielOS1+HSHOcF+clNguieZv1Xinxvh/j8OSHBppSbUarqtEBjOolvJyM=

GET
H2 200 4968288104879340377
tpc.googlesyndication.com/simgad/ Frame C424 57 KB
58 KB 8ms
7ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4968288104879340377

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccbd5cc32673a888beb973dbc038e381b729328bda152613cc45866955e4c10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 15:28:15 GMT
x-content-type-options: nosniff
age: 4162156
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58723
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 14:00:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 15:28:15 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C7F 0
0 49ms
43ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8gV_Nyi0Mt9m3f9oZdUJ6iwOy4SI1OVBJfybx4Nug-5csxVYQUxVgH7OchYbhzeH97mmHZXWS71tdI4NSPtjpsZg9fUq2dX66RW4dzbkZUoioTEW4jNszIZryNTqgvJ7PeB9g0lOKPboemvg8XKY5IKdNm7Jc5AEM3qyvGfXIvcYPzivqOtXqBEa3HiWhq9pZzUzsBPepFsIom3uB_Az6hUwzeJfy1n2LYZbFT_j9AG3b31Dr-Bl1OPvKES_Z9_8ELyvWxZ2djpIZ5w&sig=Cg0ArKJSzJzMncdKIRj7EAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/ Frame 3C7F 2 KB
1 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 01:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Aug 2020 01:36:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C7F 73 KB
28 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae04f5982a5ed48ec3499534afeb7eea6d5221b951769a9ef6fd932971839ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3C7F 0
0 37ms
13ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRefJl0OoHCqksOwJqWATuQVz_C9U2LX0fvqkKd6cWxbG6g8v6ZO1GW_nLlxRrwYdjbJLjc
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 3C7F 284 KB
97 KB 12ms
9ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 17:53:59 GMT
server: AmazonS3
x-amz-request-id: 87B1FD580E12CBC7
etag: "d2ef9f7d6daa54e46dc7e01ff0592da6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=37914
accept-ranges: bytes
content-length: 98432
x-amz-id-2: AjryOIhHUJTso11HdMdielOS1+HSHOcF+clNguieZv1Xinxvh/j8OSHBppSbUarqtEBjOolvJyM=

GET
H2 200 1736359314949367011
tpc.googlesyndication.com/simgad/ Frame 3C7F 93 KB
93 KB 12ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1736359314949367011

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a248d3518d5feb7774476d31652f3501b7effc8d55da8beebdeccd00a18b552a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 00:28:17 GMT
x-content-type-options: nosniff
age: 1105754
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95044
x-xss-protection: 0
last-modified: Thu, 09 Jul 2020 17:57:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jul 2021 00:28:17 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F6C7 0
0 9ms
6ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200628153728
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 28 Jul 2020 18:58:30 GMT
expires: Wed, 28 Jul 2021 18:58:30 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2341
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5384 0
0 44ms
43ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss78_xRB-cgLAlrnfW_2Jqf8FZexzBTHEz_fMACT-xuFhe6JB_kgjNRMffbXhrGWujwj7X-x-HriKWDGKvRdk4thcmcUACYRDXR2fZ3qXXu7F7U3sSFn5zJ-tHZH3h5muyau7fVh2CpGbvRRmBLHYcYlJDkboPy-JaPATy1VRyTne9yRsREVCLkhdYCEVbBYkJm-59O1i3s58j10aX8Jm3X-69vjaJHuK2RMhvdA_dMA3I-9b1Q2gQKJihCBCs-ZhuCPIoCs3_uetBTYJw&sig=Cg0ArKJSzLMd0_NakhZVEAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
static.polarcdn.com/creative/ Frame 5384 334 KB
125 KB 56ms
21ms Script
application/javascript 2606:4700::6813:f77e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.polarcdn.com/creative/creative.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:f77e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b050fe43a5b0f1d2ef7358b0f5ac5d0c5fa1c31fefb08fe220b642b03e13acd

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3869
cf-ray: 5ba10e23e8899ac2-FRA
status: 200
content-type: application/javascript
content-length: 127325
cf-request-id: 0438872a7400009ac260044200000001
access-control-allow-origin: *
last-modified: Fri, 24 Jul 2020 21:32:30 GMT
server: cloudflare
cache-control: max-age=10800
etag: W/"5f1b536e-5365b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-varnish: 568922536 568922532
via: 1.1 varnish
access-control-expose-headers: CF-IPCountry
cf-ipcountry: DE
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 28 Jul 2020 21:33:02 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5384 73 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae04f5982a5ed48ec3499534afeb7eea6d5221b951769a9ef6fd932971839ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 5384 284 KB
97 KB 9ms
8ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 17:53:59 GMT
server: AmazonS3
x-amz-request-id: 87B1FD580E12CBC7
etag: "d2ef9f7d6daa54e46dc7e01ff0592da6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=37914
accept-ranges: bytes
content-length: 98432
x-amz-id-2: AjryOIhHUJTso11HdMdielOS1+HSHOcF+clNguieZv1Xinxvh/j8OSHBppSbUarqtEBjOolvJyM=

POST
H2 200 adreq Show response
ads.servenobid.com/ 108 B
379 B 34ms
33ms XHR
application/json 52.51.113.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=6770
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.113.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4f2343b9cf3c5cf9d7e3819cf7e7632afcd0016c4fd0bda1e5050070decce9dd

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 B
242 B 73ms
72ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:31 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 156ms
156ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:31 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
866 B 49ms
48ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:37:31 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 929de9d0-4e7b-4e6b-b0b2-0779d6b54ed7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
6 KB 370ms
368ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=121594580438864&correlator=2882559254693551&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200728&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Dtop1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3D01f4cf49800df94a%3AT%3D1595965051%3AS%3DALNI_MYGr8qUUrOfUkNwob5D1rbiP3i7QQ&bc=31&abxe=1&lmt=1595965051&dt=1595965051480&dlt=1595965049614&idt=1362&frm=20&biw=1600&bih=1200&oid=3&adxs=230&adys=3125&adks=3900858016&ucis=f&ifi=15&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&dssz=50&icsg=708001728&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x130&msz=1140x90&psts=AGkb-H_zKottYWPiG4SILbuerfclVTYjGc8rsjIBPbN6OgEwcSnHjUBMFU7ZqtF54QHwHLGPXDNTN4mQEi4fwDxAh0Hynw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9-CJHSB9TpcdzG8eGE-6fjtsu6whGpFHq5rGi71lBKBSzPf5KXZ66pi7X0XyLI0ysfXUmiy9CbzXmL-FuNzqRPxg%2CAGkb-H-EKXYX1DGe9wL7gnjF82OoOCwFjY3MYvKQFQnFdObG24kzMMAVXgm3aqD2p0HUeEfuPlEoe-jE7b8B4JFVLSTU_A%2CAGkb-H_4B8DBViqYsLSkVjSs72BrXmzExmvYcweA6J8RKy-tywVilowkUhx2mJ30Jrg2ukoIpcT0YcrzI7z-MRFMoADqrg%2CAGkb-H8c24gxjXN-1qbnuZfuxAsHQnWnDJdnB8uy4O7g5Jicf6czifuK1kOE74TsSKicm4Z3UEeCW77ybx_DA5YY0KPTQznf8WACg6wSoDC7mEdK%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-pFU6NSLOUNHI3qihcS1DeuoqtNhg7I8f3SHfK0OyIdXFF24FxfUQMBEUQtwkPPc6uaFbbP8H35WVfkPMxYSwmAQ&ga_vid=772117072.1595965051&ga_sid=1595965051&ga_hid=1266237273&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca6b51b31a0149375119e9bad119762543a373b70a9957c0bb25f6e91d7d7eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5563
x-xss-protection: 0
google-lineitem-id: 5175869470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138288014260
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
12 KB 708ms
707ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=121594580438864&correlator=2882559254693551&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200728&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Dtop&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3D01f4cf49800df94a%3AT%3D1595965051%3AS%3DALNI_MYGr8qUUrOfUkNwob5D1rbiP3i7QQ&bc=31&abxe=1&lmt=1595965051&dt=1595965051486&dlt=1595965049614&idt=1362&frm=20&biw=1600&bih=1200&oid=3&adxs=230&adys=943&adks=2736157804&ucis=g&ifi=16&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&dssz=50&icsg=708001728&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x130&msz=1140x90&psts=AGkb-H_zKottYWPiG4SILbuerfclVTYjGc8rsjIBPbN6OgEwcSnHjUBMFU7ZqtF54QHwHLGPXDNTN4mQEi4fwDxAh0Hynw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9-CJHSB9TpcdzG8eGE-6fjtsu6whGpFHq5rGi71lBKBSzPf5KXZ66pi7X0XyLI0ysfXUmiy9CbzXmL-FuNzqRPxg%2CAGkb-H-EKXYX1DGe9wL7gnjF82OoOCwFjY3MYvKQFQnFdObG24kzMMAVXgm3aqD2p0HUeEfuPlEoe-jE7b8B4JFVLSTU_A%2CAGkb-H_4B8DBViqYsLSkVjSs72BrXmzExmvYcweA6J8RKy-tywVilowkUhx2mJ30Jrg2ukoIpcT0YcrzI7z-MRFMoADqrg%2CAGkb-H8c24gxjXN-1qbnuZfuxAsHQnWnDJdnB8uy4O7g5Jicf6czifuK1kOE74TsSKicm4Z3UEeCW77ybx_DA5YY0KPTQznf8WACg6wSoDC7mEdK%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-pFU6NSLOUNHI3qihcS1DeuoqtNhg7I8f3SHfK0OyIdXFF24FxfUQMBEUQtwkPPc6uaFbbP8H35WVfkPMxYSwmAQ&ga_vid=772117072.1595965051&ga_sid=1595965051&ga_hid=1266237273&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d6ea342be7071b569607dda13c586ac403d46db88dd25b2f5801401eb88a7c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12028
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
6 KB 679ms
678ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=121594580438864&correlator=2882559254693551&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200728&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3Dmiddle&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3D3c49c4e1a7101266%3AT%3D1595965051%3AS%3DALNI_Map8VHbGNHrhuzNIeZQx1yCV_9JZQ&bc=31&abxe=1&lmt=1595965051&dt=1595965051494&dlt=1595965049614&idt=1362&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=1053&adks=4142453217&ucis=h&ifi=17&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&dssz=50&icsg=708001728&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H_zKottYWPiG4SILbuerfclVTYjGc8rsjIBPbN6OgEwcSnHjUBMFU7ZqtF54QHwHLGPXDNTN4mQEi4fwDxAh0Hynw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9-CJHSB9TpcdzG8eGE-6fjtsu6whGpFHq5rGi71lBKBSzPf5KXZ66pi7X0XyLI0ysfXUmiy9CbzXmL-FuNzqRPxg%2CAGkb-H-EKXYX1DGe9wL7gnjF82OoOCwFjY3MYvKQFQnFdObG24kzMMAVXgm3aqD2p0HUeEfuPlEoe-jE7b8B4JFVLSTU_A%2CAGkb-H_4B8DBViqYsLSkVjSs72BrXmzExmvYcweA6J8RKy-tywVilowkUhx2mJ30Jrg2ukoIpcT0YcrzI7z-MRFMoADqrg%2CAGkb-H8c24gxjXN-1qbnuZfuxAsHQnWnDJdnB8uy4O7g5Jicf6czifuK1kOE74TsSKicm4Z3UEeCW77ybx_DA5YY0KPTQznf8WACg6wSoDC7mEdK%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-pFU6NSLOUNHI3qihcS1DeuoqtNhg7I8f3SHfK0OyIdXFF24FxfUQMBEUQtwkPPc6uaFbbP8H35WVfkPMxYSwmAQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=772117072.1595965051&ga_sid=1595965051&ga_hid=1266237273&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb60e5f97a90a5a5976cf1e58a3246df0cf7cd1b4459392380c259c341e36000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5629
x-xss-protection: 0
google-lineitem-id: 5223456239
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138299068990
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C424 0
54 B 44ms
43ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvq1HicY9Xr_QKGKB8H0566gnQzyW2TWqGLCX1n3aX_G2h0YI7DstMOshwr4sroAvjDimNVWaalKjKEZSGG9uqFogOEa_arEGKD1itlfPPycBXld64-6TsigsGtCMee5iMJP6Zq0C-vy0RTmkwr7dP_wOV28AR0n1Wqs1p9ExiZXg_vdxs0VYZdTsrzTiNU0nusbkKxrq2ZXJQcN3iDRuHmyfjLQnhZNQj0uslm1zB1PiBU99uRJMgrXJtzBglkssJybsaxnIYyQLGr&sig=Cg0ArKJSzLtB9gpfALQcEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C424 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c639f8c2d575f37e52df0e4b901f9533aec23454bad6d298fbf7d1ec3bcc1e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 14ms
14ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965051526&de=552301795348&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=8&cb=0&ym=0&cu=1595965051526&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138287720435&zMoatMData=waiting&zMoatPS=top2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3783%3A3783%3A4062%3A3812&tz=top2&iq=na&tt=na&tu=waiting&fs=182630&na=2076582744&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C7F 0
54 B 44ms
43ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9T52JMPxjqju4whd-96DUTpja6ZP9z8Rl0_53kIglfmdIrcaHqdG6wrM1GEiYb75JHBWaRf8rSr--m31U2mTKictvzQwQiG3JnmpKWfaDndLiISDltmWm7v9znLLk2hA6EP0gJo-V33-v2_Sp_bNzWEOpkFO93hXrbnUXzOTcPUDX13DXNoWorcEOlQXGG3orrCX6fOYzniQurbJIYY1gRkYEbJsjmBow5hdgrpLvzh4D4ICzgEbVRRH1bXTLkXhuf0-vqTdo0Z5DnMLU&sig=Cg0ArKJSzA7HwEEUYSt8EAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3C7F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b461677c2eccfe11e75c490ac41c20f001a72482bdbc2bc9e9ff9ae33d5048ac

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 14ms
13ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4968288104879340377&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051526&de=552301795348&cu=1595965051526&m=41&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5643&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=23&cd=0&ah=23&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287720435&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=top2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=top2&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=166382370&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 wt Show response
polarcdn-pentos.com/ Frame 5384 3 B
645 B 76ms
25ms XHR
application/octet-stream 104.17.193.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=1&n=3&p=UNKNOWN&s=1&u=f33689eb-b008-4c3e-b418-c9f198df8cbb&v=1%2F10b57dc&w=1.198.0&y=w&z=v1.7.5&pas=asa-web-dfp&pag1=default&pag2=%2F21665826759%2Fcutimes%2Fhome&padau=21683639053&padav=4885392841&pado=2707950611&padli=5429561948&padc=138318142570&padpm=false&paddait=&paddlat=&pai=911ec&d=www.cutimes.com&l=&pajs=&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&cu=9fd9b04dd4b589c35e34461255f22ed3&t=arx&parcid=2d57b&parid=f394f&parin=1&partm=1&par=s&maxts=0.011&pvhref=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&_=1595965051612
Requested by: Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.193.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 36069
cf-ray: 5ba10e251a3ecd8b-CDG
status: 200
content-length: 3
x-amz-id-2: aiPne3gp6Kz+S6YN1LNX07x1gSRXy3PmAzV+cGXVoxYbAPZtDOwaTYxp2DQIXzHszTGHKKGu79k=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
x-amz-request-id: 4B5C9E3EF075192F
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-request-id: 0438872b2c0000cd8bb81b4200000001
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 247888b460864619be28848b4b663f46 Show response
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/www.cutimes.com/creative/ Frame 5384 74 KB
11 KB 175ms
151ms XHR
application/json 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/www.cutimes.com/creative/247888b460864619be28848b4b663f46
Requested by: Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0cc28abd8a9800ad071fb493f1d09e0bc99d321ec94a329b7aedb74315cb79f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
server: cloudflare
status: 200
etag: W/"5d758a4d03a6d587ebbf9f75b9c3e894"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Country, CF-Ray
cache-control: max-age=900
x-country: DE
cf-ray: 5ba10e24e848d6d5-FRA
cf-request-id: 0438872b0e0000d6d5ffbb4200000001

GET
DATA 200
OK truncated
/ Frame 5384 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e326710eb2cf876245197ddf8edfe8fe4ca32d5169ae8e4f730d315302e8a83a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5384 0
54 B 43ms
43ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscR-ShosKjpLAZ__2zCIqrk2tcPE997EIJ3uNQpw4rw9yJJRXjcGIzGwR26OAK54XhynG_NbWZ-VGOyFBnPUIfGh6rs6eJ60sllcFUYaKHcdEyEzc87lzAQda6umkxiAKr-dQIZwyY2swRUj644VQKqnKs-I1q6nTYAsqbzQxgVleN09EK7Z0WLgBHlxsallo8gzMHCAUo3LaIDfD7LHrtJpU84lWAylFm72OWH8_N8Z4y2tnL9m_xx4h6XjrPsaGblN0oH5pa3F48yJKlEg&sig=Cg0ArKJSzEqItcJ4YDj7EAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
6 KB 794ms
794ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=121594580438864&correlator=2882559254693551&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200728&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=position%3Dmiddle2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3Db4985169dd65aa0b%3AT%3D1595965051%3AS%3DALNI_Ma3lvOPqWOkoAmHs0VWuUDtHxcixA&bc=31&abxe=1&lmt=1595965051&dt=1595965051658&dlt=1595965049614&idt=1362&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=4098&adks=4082410414&ucis=i&ifi=18&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&dssz=50&icsg=708001728&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H_zKottYWPiG4SILbuerfclVTYjGc8rsjIBPbN6OgEwcSnHjUBMFU7ZqtF54QHwHLGPXDNTN4mQEi4fwDxAh0Hynw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9-CJHSB9TpcdzG8eGE-6fjtsu6whGpFHq5rGi71lBKBSzPf5KXZ66pi7X0XyLI0ysfXUmiy9CbzXmL-FuNzqRPxg%2CAGkb-H-EKXYX1DGe9wL7gnjF82OoOCwFjY3MYvKQFQnFdObG24kzMMAVXgm3aqD2p0HUeEfuPlEoe-jE7b8B4JFVLSTU_A%2CAGkb-H_4B8DBViqYsLSkVjSs72BrXmzExmvYcweA6J8RKy-tywVilowkUhx2mJ30Jrg2ukoIpcT0YcrzI7z-MRFMoADqrg%2CAGkb-H8c24gxjXN-1qbnuZfuxAsHQnWnDJdnB8uy4O7g5Jicf6czifuK1kOE74TsSKicm4Z3UEeCW77ybx_DA5YY0KPTQznf8WACg6wSoDC7mEdK%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-pFU6NSLOUNHI3qihcS1DeuoqtNhg7I8f3SHfK0OyIdXFF24FxfUQMBEUQtwkPPc6uaFbbP8H35WVfkPMxYSwmAQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=772117072.1595965051&ga_sid=1595965051&ga_hid=1266237273&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6608ab7c7e045bf6e28e415539326d5d4ec6377ef7e9dcbca557c3dbbe9f003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5686
x-xss-protection: 0
google-lineitem-id: 5175869470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287718665
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 11ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965051576&de=431477845879&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=11&cb=0&ym=0&cu=1595965051576&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4687927377%3A2704293998%3A5392800908%3A138317043457&zMoatMData=waiting&zMoatPS=super_hero&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3783%3A3783%3A4062%3A3812&tz=super_hero&iq=na&tt=na&tu=waiting&fs=182630&na=1731778297&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 river-load-more-pg.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 4 KB
2 KB 400ms
399ms Script
application/javascript 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/river-load-more-pg.min.js?2020-07-28-15

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

245d9d9f1946ab61eb6ae6ac0b4148df3083a4edbcb72b46b8d9f0e48f0b1804

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
cf-request-id: 0438872b1800000ebb90b4f200000001
cteonnt-length: 4071
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4071-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5ba10e24fc290ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F1736359314949367011&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051576&de=431477845879&cu=1595965051576&m=9&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5643&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=1&an=0&gf=1&gg=0&ix=1&ic=1&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=1&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4687927377%3A2704293998%3A5392800908%3A138317043457&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=super_hero&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=17937242&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965051641&de=552644749639&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=14&cb=0&ym=0&cu=1595965051641&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4885392841%3A2707950611%3A5429561948%3A138318142570&zMoatMData=waiting&zMoatPS=native_single2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3783%3A3783%3A4062%3A3812&tz=native_single2&iq=na&tt=na&tu=waiting&fs=182630&na=641856766&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7409752722090187592&pixelIndex=0&_=1595965050782
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7409752722090187592&pixelIndex=0&_=1595965050782&google_gid=CAESEOrdpnzVK0oc1wRH7IEiPCQ&google_cver=1

0
598 B

103ms
102ms

Script
text/javascript

34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7409752722090187592&pixelIndex=0&_=1595965050782&google_gid=CAESEOrdpnzVK0oc1wRH7IEiPCQ&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7409752722090187592&pixelIndex=0&_=1595965050782&google_gid=CAESEOrdpnzVK0oc1wRH7IEiPCQ&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
42 B 127ms
127ms Image
text/plain 35.244.245.222
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=7409752722090187592
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.245.222 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 451
date: Tue, 28 Jul 2020 19:37:31 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
6 KB 1046ms
1046ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=121594580438864&correlator=2882559254693551&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200728&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3Dmiddle1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3Db4985169dd65aa0b%3AT%3D1595965051%3AS%3DALNI_Ma3lvOPqWOkoAmHs0VWuUDtHxcixA&bc=31&abxe=1&lmt=1595965051&dt=1595965051722&dlt=1595965049614&idt=1362&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=1802&adks=742170920&ucis=j&ifi=19&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&dssz=50&icsg=708001728&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H_zKottYWPiG4SILbuerfclVTYjGc8rsjIBPbN6OgEwcSnHjUBMFU7ZqtF54QHwHLGPXDNTN4mQEi4fwDxAh0Hynw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9-CJHSB9TpcdzG8eGE-6fjtsu6whGpFHq5rGi71lBKBSzPf5KXZ66pi7X0XyLI0ysfXUmiy9CbzXmL-FuNzqRPxg%2CAGkb-H-EKXYX1DGe9wL7gnjF82OoOCwFjY3MYvKQFQnFdObG24kzMMAVXgm3aqD2p0HUeEfuPlEoe-jE7b8B4JFVLSTU_A%2CAGkb-H_4B8DBViqYsLSkVjSs72BrXmzExmvYcweA6J8RKy-tywVilowkUhx2mJ30Jrg2ukoIpcT0YcrzI7z-MRFMoADqrg%2CAGkb-H8c24gxjXN-1qbnuZfuxAsHQnWnDJdnB8uy4O7g5Jicf6czifuK1kOE74TsSKicm4Z3UEeCW77ybx_DA5YY0KPTQznf8WACg6wSoDC7mEdK%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-pFU6NSLOUNHI3qihcS1DeuoqtNhg7I8f3SHfK0OyIdXFF24FxfUQMBEUQtwkPPc6uaFbbP8H35WVfkPMxYSwmAQ%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=772117072.1595965051&ga_sid=1595965051&ga_hid=1266237273&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6aae86e1573c19295a0d5e36f9b3bb93588f49f749fab84e94dadcccaba54f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5585
x-xss-protection: 0
google-lineitem-id: 5175869470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287719613
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 9ms
9ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.dianomi.com%2Fsmart_cutimes.epl%3Fid%3D3420%26url%3Dhttps%253A%2F%2Fwww.cutimes.com%2F%253Fslreturn%253D20200628153728&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051285&de=144787467378&cu=1595965051285&m=515&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5893&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=77&cd=0&ah=77&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_footer&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=1765489361&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 /
polarcdn-terrax.com/privacy/v1.0.0/html/optout/readwrite/ Frame 1A7A 0
0 38ms
25ms Document
text/html 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-terrax.com/privacy/v1.0.0/html/optout/readwrite/
Requested by: Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: polarcdn-terrax.com
:scheme: https
:path: /privacy/v1.0.0/html/optout/readwrite/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 28 Jul 2020 19:37:31 GMT
content-type: text/html; charset=utf-8
content-length: 1291
set-cookie: __cfduid=d3dae10d37b3a47edfc7c128fa066d3541595965051; expires=Thu, 27-Aug-20 19:37:31 GMT; path=/; domain=.polarcdn-terrax.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
access-control-allow-headers: Authorization
access-control-expose-headers: CF-IPCountry, X-Country, CF-Ray
cache-control: max-age=900
access-control-allow-origin: *
access-control-allow-methods: GET
timing-allow-origin: *
content-encoding: gzip
x-varnish: 2308966918 2308928200
age: 43
via: 1.1 varnish
cf-cache-status: HIT
accept-ranges: bytes
cf-request-id: 0438872bc80000dfff6fa40200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5ba10e260e4fdfff-FRA

GET
H2 200 wt Show response
polarcdn-pentos.com/ Frame 5384 3 B
92 B 36ms
35ms XHR
application/octet-stream 104.17.193.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-pentos.com/wt?e=2&n=3&p=NA-CREDUNIOTIME-11239181&s=1&u=f33689eb-b008-4c3e-b418-c9f198df8cbb&v=1%2F10b57dc&w=1.198.0&y=w&z=v1.7.5&pas=asa-web-dfp&pag1=default&pag2=%2F21665826759%2Fcutimes%2Fhome&padau=21683639053&padav=4885392841&pado=2707950611&padli=5429561948&padc=138318142570&padpm=false&paddait=&paddlat=&pai=911ec&d=www.cutimes.com&l=+%5BHomepage+5th+Article%5D&pajs=body&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&pecy=DE&c=247888b460864619be28848b4b663f46&t=i&pasp=8888ba32af3743858d0cf37807ec79ab&papss=a&pvhref=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&_=1595965051613
Requested by: Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.193.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 36069
cf-ray: 5ba10e261c2dcd8b-CDG
status: 200
content-length: 3
x-amz-id-2: aiPne3gp6Kz+S6YN1LNX07x1gSRXy3PmAzV+cGXVoxYbAPZtDOwaTYxp2DQIXzHszTGHKKGu79k=
last-modified: Mon, 09 Jul 2018 17:31:51 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
x-amz-request-id: 4B5C9E3EF075192F
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-request-id: 0438872bca0000cd8bb81bc200000001
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 moatad.js Show response
z.moatads.com/polar822lQSh10/ Frame 5384 276 KB
94 KB 8ms
8ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/polar822lQSh10/moatad.js?moatClientLevel1=NA-CREDUNIOTIME-11239181&moatClientLevel2=COOK%20SECURITY%20GROUP%20&moatClientLevel3=Single%20Creative&moatClientLevel4=How%20Credit%20Unions%20are%20balancing%20between%20Digital%20%26%20Traditional%20banking%2C%20Contactless%20vs.%20Physical%20branches&moatClientSlicer1=%20%5BHomepage%205th%20Article%5D
Requested by: Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c53ca30481441065f8fb1fadf4faed737328be0db01ce75876f5aabb55b7555e

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 17:16:40 GMT
server: AmazonS3
x-amz-request-id: CC6207A33B068D92
etag: "661666d0fc61b4c753bdf35bcbb93544"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=35636
accept-ranges: bytes
content-length: 95366
x-amz-id-2: 4XoFnWb2vxjec6MjS2lip1TJjD3H0q4tM0zluPxXbxpigG/sQT3W+x6mxqJcd/IpWmqmgUY4Ttc=

GET
H2 200 5f1896d2fc70759534ae0772
polarcdn-terrax.com/image/v1.0.0/bin/ Frame 5384 289 B
399 B 29ms
28ms Image
image/jpeg 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polarcdn-terrax.com/image/v1.0.0/bin/5f1896d2fc70759534ae0772?v=5e3aa&h=2&w=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae9cd16c95764d6b8b22ad09b609f1135ef2479f4bbe4a9d79e0f0d66fa00ae

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 27701
status: 200
access-control-max-age: 432000
content-type: image/jpeg
content-length: 289
cf-request-id: 0438872bcb0000dfff6fa42200000001
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 2307755935 2307337989
access-control-allow-origin: *
cache-control: public, max-age=432000
accept-ranges: bytes
cf-ray: 5ba10e261e5adfff-FRA

GET
H2 200 5f1896d248e3edcb2315af2e
polarcdn-terrax.com/image/v1.0.0/bin/ Frame 5384 302 B
411 B 16ms
15ms Image
image/jpeg 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polarcdn-terrax.com/image/v1.0.0/bin/5f1896d248e3edcb2315af2e?v=177e1&h=2&w=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f026340bfeceb4d8a9f3b6775de85fff35b723923b62ff41ecc73bb77ccb6ef

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 27701
status: 200
access-control-max-age: 432000
content-type: image/jpeg
content-length: 302
cf-request-id: 0438872bcc0000dfff6fa43200000001
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 2307755934 2307323775
access-control-allow-origin: *
cache-control: public, max-age=432000
accept-ranges: bytes
cf-ray: 5ba10e261e5bdfff-FRA

GET
H2 200 5f1896d248e3edcb2315af2f
polarcdn-terrax.com/image/v1.0.0/bin/ Frame 5384 295 B
781 B 13ms
13ms Image
image/jpeg 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polarcdn-terrax.com/image/v1.0.0/bin/5f1896d248e3edcb2315af2f?v=f5e74&h=2&w=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0810aeab3073f709b2bd743754cc1ce2e2100844908b466af0eee61eb486eba

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 26414
status: 200
access-control-max-age: 432000
content-type: image/jpeg
content-length: 295
cf-request-id: 0438872bcc0000dfff6fa44200000001
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 2307804607 2307125678
access-control-allow-origin: *
cache-control: public, max-age=432000
accept-ranges: bytes
cf-ray: 5ba10e261e60dfff-FRA

GET
H2 200 5f18927748e3edcb2315af1c
polarcdn-terrax.com/image/v1.0.0/bin/ 8 KB
8 KB 14ms
13ms Image
image/jpeg 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polarcdn-terrax.com/image/v1.0.0/bin/5f18927748e3edcb2315af1c?v=63565&w=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94df85eef2d8e9cc23591fb317e79f73f20cc7805db0c0374ea4f68220d0dde0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 27701
status: 200
access-control-max-age: 432000
content-type: image/jpeg
content-length: 8514
cf-request-id: 0438872bcc0000dfff6fa45200000001
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 891563206 890983297
access-control-allow-origin: *
cache-control: public, max-age=432000
accept-ranges: bytes
cf-ray: 5ba10e261e62dfff-FRA

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C962 0
0 44ms
42ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs92IYVPmnD2P8coLL-bGmiOvTx9guTP37v9UvM1VX4NladHzfYQdEWhGDAUSGA0_LBjypPoYxrG5XKSklL0UXygjy3fC3Jw5jKjwPX8YNiF6i16aU0yh93vs4F6B03JFC3IdQ0WSo-81Mh8D3nFUakRPCn0174220zJnr_s8Uo2kYCBjJU9ZjLvezBJQU3EtOqxhvjuIlK3U4UkeuJww2vhSUYnaK-ZPOgvRwwb_EMw-1qNwda3pxkhtYrsVTM5UQruPmk6FG_Q&sig=Cg0ArKJSzIOFlANKEFruEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/ Frame C962 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 01:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Aug 2020 01:36:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C962 73 KB
28 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae04f5982a5ed48ec3499534afeb7eea6d5221b951769a9ef6fd932971839ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame C962 284 KB
97 KB 8ms
7ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:31 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 17:53:59 GMT
server: AmazonS3
x-amz-request-id: 87B1FD580E12CBC7
etag: "d2ef9f7d6daa54e46dc7e01ff0592da6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=37914
accept-ranges: bytes
content-length: 98432
x-amz-id-2: AjryOIhHUJTso11HdMdielOS1+HSHOcF+clNguieZv1Xinxvh/j8OSHBppSbUarqtEBjOolvJyM=

GET
H2 200 6856618701810694934
tpc.googlesyndication.com/simgad/ Frame C962 57 KB
57 KB 8ms
7ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6856618701810694934

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccbd5cc32673a888beb973dbc038e381b729328bda152613cc45866955e4c10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 17:14:35 GMT
x-content-type-options: nosniff
age: 1218176
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58723
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 13:59:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jul 2021 17:14:35 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C962 0
54 B 44ms
44ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWMwJ_8wPbnxu9xyUThmpXz19jk-vMPtLUJgbJAXFySAI7Lm2RU3J_sxZj_KoxwFwtuvejf4dEs40LkJZz_0w1k3vswP09GjmCSbDkQU9D6CD9MMhVXiurgbvCnY9G9w04G--2BfFLsv2dfSQcImmQ42kLlQ3MPnMR7hgi1J6mJ3fVUYhISwIqKOkhw_3SLqneCL6jjc5HFUhjM0OysIUYV7i4aJPos033sA4lQCyFpmkDx63Th_cc1sMnnEIB_02KWnsWRQtlV7s0&sig=Cg0ArKJSzMOZoPWT1ZHIEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C962 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a83fcdbe177b1250c2c8728ab21f6c51b56fa0684744288aafc60563c0dcdbd5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 7ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965051938&de=192869330025&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=18&cb=0&ym=0&cu=1595965051938&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138288014260&zMoatMData=1&zMoatPS=top1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3783%3A3783%3A4062%3A3812&tz=top1&iq=na&tt=na&tu=1&fs=182630&na=1652646464&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F6856618701810694934&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051938&de=192869330025&cu=1595965051938&m=16&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6166&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7&cd=0&ah=7&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138288014260&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=top1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1968363014&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
840 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jul 2020 19:37:32 GMT
server: ESF
date: Tue, 28 Jul 2020 19:37:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2 200 qkq4rhw.js Show response
use.typekit.net/ 19 KB
7 KB 29ms
29ms Script
text/javascript 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

nginx /

Resource Hash

f603a62d6c61d3835d47e1ddb05225aa906b3d21235e6ee2874cf224ef2d8ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Tue, 28 Jul 2020 19:37:32 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 6988

GET
H/1.1 200
OK / Show response
geoip.alm.com/json/ 183 B
448 B 406ms
97ms XHR
application/json 204.14.32.159
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.alm.com/json/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/jquery.2.1.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 204.14.32.159 , Rwanda, ASN7124 (-Reserved AS-, ZZ),
Reverse DNS
Software: /
Resource Hash: 3b82a1b9f0b35b07951ac5938c65b1afe8c456d624f0cf09aa0dadab5eb47b1e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Tue, 28 Jul 2020 19:37:32 GMT
Access-Control-Allow-Credentials: true
X-Database-Date: Sat, 25 Jul 2020 08:05:04 GMT
Content-Length: 183
Vary: Origin
Content-Type: application/json

GET
H2 200 all.json
www.cutimes.com//paging/content/ 92 KB
17 KB 500ms
499ms XHR
application/json 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com//paging/content/all.json?id=33&limit=100&start=10

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/jquery.2.1.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20200628153728
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
cf-ray: 5ba10e285bdd0ebb-FRA
x-vnode: 21
cf-request-id: 0438872d3400000ebb90b74200000001

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 53ms
19ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0a007a11db39c67a44be6498c7d196bb365661520b013dc64cecf7ce67855df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5700
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F1DC 0
0 45ms
43ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnqFPj8ch8nVvkMFjkoKFedU0irN1Hvp0VV8DhXvbS19DO73puxf7CsxVtWMB3YWwI3x7Tf5AqSUioHuGggMlTvr2Cj-UH4liS2YRfk9fjpLGOnt-KF9N0F0tFVPtKHwx-docaB0Fm1xfiuvoZoijrtuq9qv0THe6tl4tWLaybwNkFCjqr_NQfsZW3JnsLHC0gF77Fy6fCH_wrfHREVPNpam_xLlColiG5QXbR3Ca-8A62qomQYlqq29WlpkfyPvABqhkTzXQUVn8C6Oc&sig=Cg0ArKJSzNWrKgrrHHfaEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/ Frame F1DC 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 01:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Aug 2020 01:36:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1DC 73 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae04f5982a5ed48ec3499534afeb7eea6d5221b951769a9ef6fd932971839ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F1DC 0
0 14ms
13ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLUD6Ku1xJeZ5EHueVHdlyDgXlrvWX4_ULXuLHhNCLyb1tkSwPku0G-2s0IM5OvbnNo_B6
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame F1DC 284 KB
97 KB 8ms
8ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 17:53:59 GMT
server: AmazonS3
x-amz-request-id: 87B1FD580E12CBC7
etag: "d2ef9f7d6daa54e46dc7e01ff0592da6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=37913
accept-ranges: bytes
content-length: 98432
x-amz-id-2: AjryOIhHUJTso11HdMdielOS1+HSHOcF+clNguieZv1Xinxvh/j8OSHBppSbUarqtEBjOolvJyM=

GET
H2 200 14052303974320016552
tpc.googlesyndication.com/simgad/ Frame F1DC 30 KB
30 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14052303974320016552

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bfb19d425ac91e5e43bcc78f4fb32e046e1b9f0ddd8267ca85ee4d1bfe185c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 06 Jul 2020 16:06:23 GMT
x-content-type-options: nosniff
age: 1913469
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30718
x-xss-protection: 0
last-modified: Wed, 12 Jun 2019 17:34:58 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jul 2021 16:06:23 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007210634000/ Frame 653E 206 KB
57 KB 53ms
16ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c30c656a67a3c902072c7c839344fbe793788edbbaebb4f7a59b4c3c6750897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8943
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57364
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 17:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da4645546e0fb9cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 17:08:29 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame 653E 16 KB
6 KB 67ms
30ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66f14ced94dbd60cb3c1f8fc74f67f01d05b4cbeee93c877a2e86ad31847eb44

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39390
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5902
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 08:41:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed761c4f9176d72d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 08:41:02 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame 653E 96 KB
29 KB 64ms
28ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8699
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29699
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 17:12:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff583ae049a1bccf"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 17:12:33 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame 653E 4 KB
2 KB 63ms
27ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

360a25e0b7ac5376a0c319d1eac76df31ffcce5b82faa2f3a0b3ef70f370d151

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39390
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1786
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 08:41:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe8a226332f994d7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 08:41:02 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012007210634000/v0/ Frame 653E 48 KB
15 KB 60ms
24ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007210634000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0847fb2a4b12a2cfd5b8775ebf0a1ca59c1d8c34894ee2f3f26e827969f39567

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 39390
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15001
x-xss-protection: 0
server: sffe
date: Tue, 28 Jul 2020 08:41:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f044ff03265d7aa3"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 08:41:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 653E 5 KB
738 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jul 2020 19:30:43 GMT
server: ESF
date: Tue, 28 Jul 2020 19:37:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
DATA 200
OK truncated
/ Frame 653E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e14b2a8a5cd3f493a46c0c7797205a934141a8047f5f04681fefc46f97aedc75

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 653E 2 KB
3 KB 9ms
5ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 30514
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 653E 295 B
398 B 9ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 40737
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Jul 2020 08:18:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 653E 0
0 16ms
13ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRu-WR75-m37THpAyTZ3Zj_lEngOGIU-G4xNAA2TzuHapQhAxeXMvwTdS5Vz2AIVqTk3YbS
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 653E 0
0 50ms
46ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_qlpe34gX-yrM5O5gAeLo4O4CqHOodldtOny8dwLsdKBvOcCEAEgm_Tta2CV4pCCoAegAZPsu_cCyAEB4AIAqAMByAMKqgTnAU_QSLcYZtRvQYTnHJ1wf2pw5xqWiARulfR0kFQ2wLjFc_TC3YFmlIMEBzs9bqtXKb2rAQgji6bWm3cbbuWUQQ_64_g5OmzJzwMd6_j7z0YOat-ErVPObcv2D-MWlulV259smoDyeeBLyusQakbGR_YhPu5ty9v-Ul0keXNjDr-m5MQJ4h8OTQvQ6BnHMTiszEPUA9zXjK-MCRIDy6IqdKG9qgoaudkq6aIIg422oVRx1ICVEq6P_HCwAgcAjNrVgbfuJFrHQkoASjtMvxDNQIBsc0LV25RfTBvjZ5-JwNTJNd2JSss7PMAEqOS-1ZAC4AQBkgUECAQYAZIFBAgFGASgBlGAB8X_oHOoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ68hE0ggJCIDhgHAQARgdgAoDyAsB2BMCiBQEmBYB&sigh=dZTGsiWpn18&tpd=AGWhJmvH6OQhjOzvVnd2fasbqT8vm67EQIdoZ4xyPTwLiMQtXA
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 federal-court-e1561650940418.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/06/ 35 KB
36 KB 409ms
407ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2019/06/federal-court-e1561650940418.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f03039f20268d397923a3abb1a064723126701a8fbf652edcf9b63e6815f5042

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=37303, status=webp_bigger
x-cache: HIT 2
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 36164
cf-request-id: 0438872d9d00000ebb90b79200000001
last-modified: Thu, 27 Jun 2019 15:55:40 GMT
server: cloudflare
etag: "65d1dd-91b7-58c503192e739"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e28fd740ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 Fort-Lauderdale-Fla.-e1595880385524.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 65 KB
65 KB 431ms
430ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/Fort-Lauderdale-Fla.-e1595880385524.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=70331, status=webp_bigger
x-cache: HIT 3
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 66507
cf-request-id: 0438872d9e00000ebb90b7a200000001
last-modified: Mon, 27 Jul 2020 20:06:25 GMT
server: cloudflare
etag: "855759-112bb-5ab71db821dfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e28fd780ebb-FRA
x-vnode: 28
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 Antibody-Tests-e1595854792844.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 45 KB
45 KB 32ms
31ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/Antibody-Tests-e1595854792844.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d12efb125f7aa0f77f3542e7a662530d707cd498cc40132dd4ada382cdf118d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1470
cf-polished: origSize=47728, status=webp_bigger
x-cache: HIT 2
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 46010
cf-request-id: 0438872d9e00000ebb90b7b200000001
last-modified: Mon, 27 Jul 2020 12:59:52 GMT
server: cloudflare
etag: "85565f-ba70-5ab6be608ac08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e28fd790ebb-FRA
x-vnode: 27
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 10ms
6ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fpolarcdn-terrax.com%2Fimage%2Fv1.0.0%2Fbin%2F5f18927748e3edcb2315af1c&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=274&w=850&fy=210&gp=2079.859375&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051641&de=552644749639&cu=1595965051641&m=707&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2079.859375&lb=7676&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=264&cd=0&ah=264&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4885392841%3A2707950611%3A5429561948%3A138318142570&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=native_single2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Creative%20API%20-%20Banner&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=native_single2&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=1257907496&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 653E 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://www.cutimes.com

Response headers

date: Thu, 09 Jul 2020 02:32:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1703077
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 09 Jul 2021 02:32:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 653E 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://www.cutimes.com

Response headers

date: Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 3970556
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 12 Jun 2021 20:41:36 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Origin: https://www.cutimes.com

Response headers

date: Thu, 09 Jul 2020 00:04:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1711978
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Fri, 09 Jul 2021 00:04:34 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

date: Mon, 27 Jul 2020 11:36:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 115257
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 27 Jul 2021 11:36:35 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Origin: https://www.cutimes.com

Response headers

date: Mon, 27 Jul 2020 11:36:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 115257
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 27 Jul 2021 11:36:35 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Origin: https://www.cutimes.com

Response headers

date: Tue, 14 Jul 2020 15:32:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1224277
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 14 Jul 2021 15:32:55 GMT

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 7ms
4ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33656

GET
H2 200 l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 33 KB
33 KB 7ms
4ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 943c47e42eff83d25675ef352e488d2e3aaf8c8af0f019a78d21339836a1f065

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
server: nginx
etag: "0373618e2db17cca6330e4b11556968310f08eb7"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33856

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 8ms
6ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 32 KB
32 KB 68ms
65ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
server: nginx
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32380

GET
H2 200 l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ 32 KB
33 KB 12ms
10ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
server: nginx
etag: "b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33180

GET
H2 200 l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 19 KB
19 KB 31ms
29ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 36c9fc6051d4a3d870934f3f78edcc4acaeb2b289453123baaccceaf125f4456

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
server: nginx
etag: "5cf72d8979177145b3e27e04c6afd6f60bee7a35"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19272

GET
H2 200 l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 19 KB
19 KB 85ms
83ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 46a69b88df8dce5def5cf781098b96c0748ed4359bfe4e7e9047b4606ba91184

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
server: nginx
etag: "70dc2d1e85f8b46c0851a31b57494c0bdb743209"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19068

GET
H2 200 l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 18 KB
18 KB 40ms
38ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 94ff1886b75337d9ecd8fd6c1ea51aee392e6013ac927b81a01fa62d7b79d08b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728
Origin: https://www.cutimes.com

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
server: nginx
etag: "fa20d38ca87af1153085d9146b698f2bb93b7223"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 18468

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F1DC 0
54 B 44ms
44ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHji24m-rt7_qBY8TUG5E4r-ePBhagZBUTIcD4uSqJtiOXotTbTeXxFZ4Lez7gP3c0LmePGezu1U5bdbqMDvA-dGgw0cFqOJgSO6tVgfDPeMQWz2ARpgvN2k1r6g_zAkYRhFUG-3G45N3uh6HY-jBA8V53VTTz5OZr2EkQdCAOiEYva1i1Q3ssLsYPpRGjOIJimGo4PRUA98tNDCddcnpQCvWfNpC0iwhhEfxzQhR1F5xAvBgQ7lpCVWOmfIHOAfJSMxevHETbTdrnokTkpA&sig=Cg0ArKJSzBdiNyKCpro_EAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F1DC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32198729988d205ae1d0940e26851397562c2a144836bce2cda02ddb31570ebb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965052502&de=77250664034&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=21&cb=0&ym=0&cu=1595965052502&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4667555407%3A2625814314%3A5223456239%3A138299068990&zMoatMData=1&zMoatPS=middle&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3783%3A3783%3A4062%3A3812&tz=middle&iq=na&tt=na&tu=1&fs=182630&na=1794419278&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2 200 nav-icon-search-white.png
www.cutimes.com/assets/master-template/images/market-images/ 350 B
636 B 24ms
22ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d836affe5971294b1b43a2a39334836f2519478468c94e43545a9582e749e670

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 8958
cf-polished: origFmt=png, origSize=3368
x-cache: MISS
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-search-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 350
cf-request-id: 0438872ea000000ebb90b93200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"3368-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e2a992a0ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 social-fb-white.png
www.cutimes.com/assets/master-template/images/market-images/ 164 B
364 B 412ms
410ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1222
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="social-fb-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 164
cf-request-id: 0438872ea100000ebb90b94200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"1222-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e2a992d0ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 social-tw-white.png
www.cutimes.com/assets/master-template/images/market-images/ 354 B
584 B 421ms
419ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1583
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="social-tw-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 354
cf-request-id: 0438872ea100000ebb90b95200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"1583-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e2a992f0ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 social-li-white.png
www.cutimes.com/assets/master-template/images/market-images/ 256 B
522 B 435ms
434ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1413
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="social-li-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 256
cf-request-id: 0438872ea100000ebb90b96200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"1413-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e2a99310ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 nav-icon-sign-in-white.png
www.cutimes.com/assets/master-template/images/market-images/ 240 B
424 B 429ms
428ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=3131
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 240
cf-request-id: 0438872ea100000ebb90b97200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"3131-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e2a99320ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 arrow-open.png
www.cutimes.com/assets/master-template/images/market-images/ 134 B
318 B 409ms
408ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/arrow-open.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2986
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="arrow-open.webp"
cf-bgj: imgq:100,h2pri
content-length: 134
cf-request-id: 0438872eb700000ebb90ba0200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"2986-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e2ab9820ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:32 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43DB 0
0 45ms
43ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp6oTFG4IPYp-rtmvscoinhXla69-qJ3Tej-U91CZjme_cm_IcDrpIyE72Ydvi5fBXEE3-Rltg6k5VqTYKhmh5v8PeR3zP9yZ_AA80yrqyd2C3iLmEDSu-046FBed6ZPQyRXegsZbdDQpJcBLGmkX5-U9wVMNj0GGiFiIE60Ny26ZvuH7auTT0ykx68orSaBLRyL_cpJfOHyDHt9vxsjbZ9EECto9dPCxaO5eEAcawC9pAh1eK8DfwiwVEoh7gbqIwNSii87_OYQ&sig=Cg0ArKJSzGYywxjFik5IEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/ Frame 43DB 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 01:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Aug 2020 01:36:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43DB 73 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ae04f5982a5ed48ec3499534afeb7eea6d5221b951769a9ef6fd932971839ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 43DB 0
0 15ms
14ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlXQYP67qd8Ud0umaFC7ETdQyPjNLCxmdURYIDgDcC5_dl6eBZQYrvO43z7XnbhvlSGA8U
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 43DB 573 KB
193 KB 20ms
19ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c0fe923b6eb7df722fafbd39b2b3cd612abb9b78e1f74f9fe93d6a21f9ef22b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: gzip
last-modified: Mon, 27 Jul 2020 19:05:07 GMT
server: AmazonS3
x-amz-request-id: C371605DA705EEA1
etag: "0d4b5697ac36b0f1f032a8cf4d5de92a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=13238
accept-ranges: bytes
content-length: 197030
x-amz-id-2: Sfdlznqi6sxP7qnU6zXH9AtnHN13BOGbukjTv1E28GF20kZ67VoSTpsyJCaAMYhOB6+gIJkc9EI=

GET
H2 200 14219715358696162092
tpc.googlesyndication.com/simgad/ Frame 43DB 62 KB
62 KB 9ms
8ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14219715358696162092

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ddb6ea1b3f3a0beb4a0ffc83fa23ea7ada62d8088a7fa07095d2294c0e20acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 05:31:23 GMT
x-content-type-options: nosniff
age: 50769
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63249
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 13:55:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jul 2021 05:31:23 GMT

GET
H2 200 menu-close-btn.png
www.cutimes.com/assets/master-template/images/ 268 B
460 B 416ms
416ms Image
image/webp 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/menu-close-btn.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=3321
x-cache: MISS
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="menu-close-btn.webp"
cf-bgj: imgq:100,h2pri
content-length: 268
cf-request-id: 0438872f1a00000ebb90baa200000001
last-modified: Thu, 23 Jul 2020 10:59:44 GMT
server: cloudflare
etag: W/"3321-1595501984000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5ba10e2b5b030ebb-FRA
x-vnode: 28
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame D7E7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200628153728
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 28 Jul 2020 18:58:45 GMT
expires: Wed, 28 Jul 2021 18:58:45 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2327
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p.gif
p.typekit.net/ 35 B
178 B 14ms
14ms Image
image/gif 2a02:26f0:10c:28a::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=qkq4rhw&ht=tk&h=www.cutimes.com&f=139.169.175.5474.25136.14541.14546.14548&a=702529&js=1.19.4&app=typekit&e=js&_=1595965052779
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:28a::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
last-modified: Wed, 24 Jun 2020 22:38:51 GMT
server: nginx
etag: "5ef3d5fb-23"
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3C7F 42 B
175 B 41ms
40ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmOykVkrcbCPaWn0bror2yp73EtB9CU1jTCY_DxIhQVToQrZA2_ahoGvtBAyMcHYAD2lNOBKD5-VTARW7DRS4k2sieyGykC6Wx8G5FYbc&sig=Cg0ArKJSzItiG7rg4v5EEAE&adk=3917720313&tt=-1&bs=1600%2C1200&mtos=1128,1128,1128,1128,1128&tos=1128,0,0,0,0&p=0,100,320,1500&mcvt=1128&rs=0&ht=0&tfs=2&tls=1130&mc=1&lte=1&bas=0&bac=0&met=mue&la=1&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1595965051415&dlt&rpt=181&isd=0&msd=0&ext&xdi=0&ps=1600%2C7676&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-7-2-6-6-0-0-0&tvt=1129&is=1400%2C320&iframe_loc=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&r=v&id=osdim&vs=4&uc=7&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=1400x320&itpl=3&v=20200727

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 13ms
12ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14052303974320016552&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052502&de=77250664034&cu=1595965052502&m=12&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7676&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4667555407%3A2625814314%3A5223456239%3A138299068990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle&iq=na&tt=na&tu=1&tc=0&fs=182630&na=562359683&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 653E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 28 Jul 2020 19:37:32 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 405C 0
0 44ms
43ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstclzY69J_cm1cQFcedNylam-l-kroUf4aV7ZCLlJd44RRqca8qkI-I_clPeqgGXxxFm8AIW2CV8bkHvO1clFMOX__OUkZ0oRd0VuGB7w9HtgRNU_pMh38qt0s5S2iqtqdqVCiyo4Vdwr1roAOzDf9EcPEvoi3SBzqs7NZhoxgoUm9qe4KD0ewpWXN686jK0kfvfzCJLb3pQboadySJCuL843ndNjtYpeeJiv2LApEQztB0_9EBIyTS4SrFbVE3qFFVUCr50Y3-Sg&sig=Cg0ArKJSzNEe8hEZWhUmEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/ Frame 405C 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 01:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64880
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Aug 2020 01:36:12 GMT

GET
H2 200 osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 405C 73 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2 200 moatad.js
z.moatads.com/almdfp680616975594/ Frame 405C 284 KB
97 KB 10ms
9ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:32 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 17:53:59 GMT
server: AmazonS3
x-amz-request-id: 87B1FD580E12CBC7
etag: "d2ef9f7d6daa54e46dc7e01ff0592da6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=37913
accept-ranges: bytes
content-length: 98432
x-amz-id-2: AjryOIhHUJTso11HdMdielOS1+HSHOcF+clNguieZv1Xinxvh/j8OSHBppSbUarqtEBjOolvJyM=

GET
H2 200 9114302956224760099
tpc.googlesyndication.com/simgad/ Frame 405C 87 KB
87 KB 8ms
8ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9114302956224760099

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 18:57:03 GMT
x-content-type-options: nosniff
age: 4149629
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89349
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 13:57:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 18:57:03 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43DB 0
54 B 43ms
43ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssF2nQV4ZXRzq5WOHZ3FSr79QmUzD7wjTlqpv11f3sc0b0bnECHXXDvemCMrJQ6bOdD0qH5L3OSoc_p6qO0IZ8D7u4qIIQENgagStiCNnyuA6eDqJBhTO_1pLZD4wxtrPHyvX3hx2NJIhwa6Hh8-ktPO5ZvzWYwUuSF8RY8-O9YFAFpiNGRhHWU5Nb2himyLNP_gn5FkGc-Yv7V0U7LanbR55cpIpwrFtFzUiv6A-O0LI13HYMffip4QVOp0-t1D6OcruAtoSD_MLsx&sig=Cg0ArKJSzE3D08QZUvRLEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 43DB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1_BETA&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965052852&de=169903635800&m=0&ar=2bf682d4aa-clean&iw=none&q=2&cb=0&ym=0&cu=1595965052852&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&zMoatMData=1&zMoatPS=middle2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=2&ih=1&sk=577996129727&tn=2bf682d4aa-clean&pe=1%3A3783%3A3783%3A4062%3A3812&tz=middle2&iq=na&tt=na&tu=1&cm=1&fs=183324&na=193396315&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051576&de=431477845879&cu=1595965051576&m=1129&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7676&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=1&ag=1123&an=1&gi=1&gf=1123&gg=1&ix=1123&ic=1123&ez=1&ck=1123&kw=742&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1123&bx=1&ci=1123&jz=742&dj=1&aa=1&ad=1025&cn=0&gn=1&gk=1025&gl=0&ik=1025&co=1025&cp=742&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=742&cd=2&ah=742&am=2&rf=0&re=1&ft=1025&fv=0&fw=1025&wb=1&cl=0&at=0&d=4687927377%3A2704293998%3A5392800908%3A138317043457&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=super_hero&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=1430575853&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:32 GMT

GET
H2 200 Hispanics.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/04/ 11 KB
12 KB 424ms
420ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2019/04/Hispanics.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 11769
cf-request-id: 043887304a00000ebb90bc9200000001
last-modified: Fri, 26 Apr 2019 13:09:33 GMT
server: cloudflare
etag: "619a67-2df9-5876ea558b983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2d4f9a0ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 United-States-Courthouse-for-the-Southern-District-of-New-York-e1595544007213.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 17 KB
17 KB 502ms
499ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/United-States-Courthouse-for-the-Southern-District-of-New-York-e1595544007213.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 17166
cf-request-id: 043887304a00000ebb90bca200000001
last-modified: Thu, 23 Jul 2020 22:59:28 GMT
server: cloudflare
etag: "854f4a-430e-5ab23cf057192"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2d4f9d0ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 neighborhood-subdivision-e1595530736420.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 20 KB
20 KB 535ms
532ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/neighborhood-subdivision-e1595530736420.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 20571
cf-request-id: 043887304b00000ebb90bcb200000001
last-modified: Thu, 23 Jul 2020 20:54:59 GMT
server: cloudflare
etag: "854ee3-505b-5ab2211cba53e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2d4f9e0ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 americans-with-disabilities-act-ada-e1595535661845.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 12 KB
13 KB 421ms
418ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/americans-with-disabilities-act-ada-e1595535661845.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 12647
cf-request-id: 043887304b00000ebb90bcc200000001
last-modified: Thu, 23 Jul 2020 20:26:28 GMT
server: cloudflare
etag: "854ec3-3167-5ab21abd24989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2d4fa30ebb-FRA
x-vnode: 28
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 DEI-screenshot-e1595532746648.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 12 KB
12 KB 423ms
421ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/DEI-screenshot-e1595532746648.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=13381, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 12486
cf-request-id: 043887304b00000ebb90bcd200000001
last-modified: Thu, 23 Jul 2020 19:34:41 GMT
server: cloudflare
etag: "854e69-3445-5ab20f2a25cfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2d4fa50ebb-FRA
x-vnode: 21
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 communities-of-color-e1595526321762.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 11 KB
11 KB 421ms
419ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/communities-of-color-e1595526321762.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=12141, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 11027
cf-request-id: 043887304b00000ebb90bce200000001
last-modified: Thu, 23 Jul 2020 17:48:55 GMT
server: cloudflare
etag: "854dda-2f6d-5ab1f786275aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2d4fa80ebb-FRA
x-vnode: 145
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 Together-Credit-Union-Plaza-at-Ballpark-Village-2-e1595435071649.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 17 KB
17 KB 421ms
420ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/Together-Credit-Union-Plaza-at-Ballpark-Village-2-e1595435071649.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=18080, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 17046
cf-request-id: 04388731ee00000ebb90bf9200000001
last-modified: Thu, 23 Jul 2020 16:48:02 GMT
server: cloudflare
etag: "854d89-46a0-5ab1e9ea17ad1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2fee440ebb-FRA
x-vnode: 27
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 U.S.-map-with-hundred-dollar-bills-laying-over-it-e1595248917423.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 23 KB
24 KB 405ms
404ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/U.S.-map-with-hundred-dollar-bills-laying-over-it-e1595248917423.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=25727, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 23775
cf-request-id: 04388731ee00000ebb90bfa200000001
last-modified: Wed, 22 Jul 2020 20:18:08 GMT
server: cloudflare
etag: "853513-647f-5ab0d7030a869"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2fee470ebb-FRA
x-vnode: 27
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 contactless-payment-wearing-a-mask-e1595340961943.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 9 KB
9 KB 418ms
417ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/contactless-payment-wearing-a-mask-e1595340961943.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=9746, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 9330
cf-request-id: 04388731f100000ebb90bfb200000001
last-modified: Wed, 22 Jul 2020 20:07:38 GMT
server: cloudflare
etag: "853507-2612-5ab0d4a9a1e30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2fee4d0ebb-FRA
x-vnode: 28
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 Helping-small-businesses-e1595339170499.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/07/ 9 KB
9 KB 402ms
402ms Image
image/jpeg 2606:4700::6812:1f95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/Helping-small-businesses-e1595339170499.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 19:37:33 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=9697, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 8911
cf-request-id: 04388731f100000ebb90bfc200000001
last-modified: Wed, 22 Jul 2020 16:25:49 GMT
server: cloudflare
etag: "8531b2-25e1-5ab0a315ee705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5ba10e2fee520ebb-FRA
x-vnode: 28
expires: Tue, 28 Jul 2020 23:37:33 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 653E 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 30515
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 29 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 653E 295 B
360 B 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 40738
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 29 Jul 2020 08:18:35 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 405C 0
54 B 43ms
43ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuizvPi39S0lThFJGQKjBgKrBXhA6RUgcYmL9RJB6jbX1plcseGRm4rcxbzZlkEGhDrXT6NFrc7kbgjZqp-FI0_wa5USfznBCkwnZMdMDIwZZ_XoA6sBQDwo011wvGGrFiu3hTVAT9OMTDz5uNB6tl_mH_kWgvbCyTwlkEMD2ETovaQ4ojtZwEf_Op6ta1CDcf4YIjj-cydTaTDnIw9Gd69lSd_DC3jeUexR3K0NQND8lxtT0L_6zf82HrZSUvg9onouelfKwCblCvi&sig=Cg0ArKJSzJ94w7S6Q225EAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200628153728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 19:37:33 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 405C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14219715358696162092&i=ALMDFP1_BETA&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052852&de=169903635800&cu=1595965052852&m=86&ar=2bf682d4aa-clean&iw=none&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7676&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=72&cd=0&ah=72&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=2&ih=1&sk=577996129727&tn=2bf682d4aa-clean&tz=middle2&iq=na&tt=na&tu=1&tc=0&cm=1&fs=183324&na=458071369&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 9ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051576&de=431477845879&cu=1595965051576&m=1130&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7676&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=1&ag=1123&an=1123&gi=1&gf=1123&gg=1123&ix=1123&ic=1123&ez=1&ck=1123&kw=742&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1123&bx=1123&ci=1123&jz=742&dj=1&aa=1&ad=1025&cn=1025&gn=1&gk=1025&gl=1025&ik=1025&co=1025&cp=742&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=742&cd=742&ah=742&am=742&rf=0&re=1&ft=1025&fv=1025&fw=1025&wb=1&cl=0&at=0&d=4687927377%3A2704293998%3A5392800908%3A138317043457&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=super_hero&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=733247309&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:33 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 40ms
39ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072001&jk=121594580438864&bg=!HB-lHwdYYMwqB0wh724CAAAAflIAAAAlmQGGPl76yYtXWvdPATb5uR-sMkzowkz1vwMZs8o6TlsQGgUbX_HU1iXp1sPdT1LED4GNtesXcfBgw-9Pi7eC2q_5nKIL13OEDwZ9MOwUTc7xNVIccaR-6yTLUuH8ybmnAwWdm5yHbtkThi5su_66Q9SD4BN9J53asF5umK5YqLy_cBZq9LDZ4Z8YKCeuhnguXU-Bwe7ejq-X3eSFvxL_KSVsTEC1W42NTUQGFWGplpiHGPY-QMCQ2Z0PwNMiOrfxXzYyQMBcJUlb3dHmxjdPfaWRLJLzOoGnB948ZXqc1J8_CXcVIakTV0xx4LQXvtOJt9MdVEmugGVN3gtlDtFAPlcPmx6mVbwi1bJWRqEXdFfUnWOPBm862q0g8wYABZ3vOKZV7nCs5kv4QDXXC0ihwJ4ePl3zH4lC1idtyA9BhqwYxzWZaqtcCWjJUBMGDM7yaMqvkj3izcju6izBRIPpnY1kSifhhk9biLDWQ8uV_3IXN8623Z65fS1XRBFlNKd0lpl1vWsARO0Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 11ms
9ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051576&de=431477845879&cu=1595965051576&m=1131&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7676&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=1&ag=1123&an=1123&gi=1&gf=1123&gg=1123&ix=1123&ic=1123&ez=1&ck=1123&kw=742&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1123&bx=1123&ci=1123&jz=742&dj=1&aa=1&ad=1025&cn=1025&gn=1&gk=1025&gl=1025&ik=1025&co=1025&cp=742&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=742&cd=742&ah=742&am=742&rf=0&re=1&ft=1025&fv=1025&fw=1025&wb=1&cl=0&at=0&d=4687927377%3A2704293998%3A5392800908%3A138317043457&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=super_hero&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=197338829&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965052827&de=468446554239&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=24&cb=0&ym=0&cu=1595965052827&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&zMoatMData=1&zMoatPS=middle2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=1&ih=1&sk=577996129727&tn=2bf682d4aa-clean&pe=1%3A3783%3A3783%3A4062%3A3812&tz=middle2&iq=na&tt=na&tu=1&cm=1&fs=182630&na=141781016&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14219715358696162092&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052827&de=468446554239&cu=1595965052827&m=22&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7676&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6&cd=0&ah=6&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=1&ih=1&sk=577996129727&tn=2bf682d4aa-clean&tz=middle2&iq=na&tt=na&tu=1&tc=0&cm=1&fs=182630&na=623914892&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 9ms
9ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1595965053056&de=194948463795&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=27&cb=0&ym=0&cu=1595965053056&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138287719613&zMoatMData=1&zMoatPS=middle1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3783%3A3783%3A4062%3A3812&tz=middle1&iq=na&tt=na&tu=1&fs=182630&na=640456462&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 9ms
9ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F9114302956224760099&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965053056&de=194948463795&cu=1595965053056&m=19&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9172&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7&cd=0&ah=7&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287719613&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=2036216625&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:33 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 653E 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunp-ZrJ_TmFkJMbekwL7bKJN6VeXUPYTQj2vZekWfr3sB984_s1YS-qcwAdNPlFBJRYXMquc7x6O3uUlpDwFrcLJeIrr6hFmKCjsvjttDX7WLhuk3PioUkatG5WInJyAqrE3I82Dc2oAwVZcCSKfeM&sai=AMfl-YSlaAohb_cfD9_VZARfzHOPIedCcXSzAUpQaqKwKN946_UguCwH-fiwufFmAKjRHXjiMp-yLyalS6ST2ifVKL8qXUWcwbo11SzdybXq7fCtATUo6nSW9RF24u0&sig=Cg0ArKJSzPtyww_N3Zm2EAE&cid=CAASPeRoN95EhD1bVDYZFfsyUzU_Sotl4i5I4q7vkpSFZnKfABoXmO0F1y_3ylIlrTRAmUjMZWU6OBfij3vIFyw&id=ampim&o=315,943&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=432&tls=1432&g=100&h=100&tt=1432&r=v&avms=ampa&adk=2736157804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame AACE 0
0 35ms
9ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200628153728
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=7409752722090187592
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 28 Jul 2020 19:37:34 GMT
Age: 7222393
X-Served-By: cache-lga21948-LGA, cache-hhn4034-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 1199864
X-Timer: S1595965055.513636,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D82B 0
0 35ms
12ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200628153728
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=7409752722090187592
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 28 Jul 2020 19:37:34 GMT
Age: 7222393
X-Served-By: cache-lga21948-LGA, cache-hhn4050-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 1197976
X-Timer: S1595965055.515433,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame F09D 0
0 44ms
8ms Document
text/html 13.224.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.224.194.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200628153728
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

status: 200
content-type: text/html
last-modified: Thu, 23 Jul 2020 21:05:53 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 27 Jul 2020 21:06:03 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: esj7_jGlbbcEt2C0CL21O1EjGhGkOPmjlzwgs4POsHFj9RLNtQDGQw==
age: 81091

GET
H2 200 sync.html
public.servenobid.com/ Frame E328 0
0 42ms
8ms Document
text/html 13.224.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.224.194.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200628153728
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

status: 200
content-type: text/html
last-modified: Thu, 23 Jul 2020 21:05:53 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 27 Jul 2020 21:06:03 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Q2Z9ZYGGBrkLVBL5M1UFGPXEXhsY6xp-dCuT0-YHRGvDq1Ne9mgelw==
age: 81091

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0B41 0
0 25ms
9ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200628153728
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=7409752722090187592
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 28 Jul 2020 19:37:34 GMT
Age: 7222394
X-Served-By: cache-lga21948-LGA, cache-hhn4022-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 1213977
X-Timer: S1595965055.513802,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame 42C7 0
0 39ms
8ms Document
text/html 13.224.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.224.194.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200628153728
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

status: 200
content-type: text/html
last-modified: Thu, 23 Jul 2020 21:05:53 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 27 Jul 2020 21:06:03 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7Li-LyvBZlz35mcmSm-wIJYWhYtAvOqwUaFurMmzPqQnY6o346w4tQ==
age: 81091

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0194 0
0 27ms
9ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200628153728
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=7409752722090187592
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 28 Jul 2020 19:37:34 GMT
Age: 7222394
X-Served-By: cache-lga21948-LGA, cache-hhn4071-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 4225169
X-Timer: S1595965055.519899,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame 56A7 0
0 36ms
9ms Document
text/html 13.224.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.224.194.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200628153728
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

status: 200
content-type: text/html
last-modified: Thu, 23 Jul 2020 21:05:53 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 27 Jul 2020 21:06:03 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4nPkuixQf37mo7qbSNbbf-Nr5UACYF34VdIJ18SK6ik_FCjyFCfObQ==
age: 81091

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame A3C1 0
0 27ms
9ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200628153728
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=7409752722090187592
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 28 Jul 2020 19:37:34 GMT
Age: 7222393
X-Served-By: cache-lga21948-LGA, cache-hhn4031-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 4232429
X-Timer: S1595965055.523056,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame 3B9A 0
0 31ms
10ms Document
text/html 13.224.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.224.194.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200628153728
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200628153728

Response headers

status: 200
content-type: text/html
last-modified: Thu, 23 Jul 2020 21:05:53 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 27 Jul 2020 21:06:03 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: wO4OWtD5zyfj49VTeT9uoCKFKgheIr9iv6F1cSzZ5oK_MxnKCXBlhQ==
age: 81091

GET
H/1.1

200
OK

hms.gif
sync.colossusssp.com/
Redirect Chain

https://colossusssp.com/?c=o&m=cookie
https://sync.colossusssp.com/hms.gif?puid=1696c6356757131299764522a041c41f3b65ee9d

42 B
485 B

652ms
189ms

Image
image/gif

88.214.194.105
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.colossusssp.com/hms.gif?puid=1696c6356757131299764522a041c41f3b65ee9d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.214.194.105 , United Kingdom, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:52:58 GMT
Server: nginx/1.4.6 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0

Redirect headers

Location: https://sync.colossusssp.com/hms.gif?puid=1696c6356757131299764522a041c41f3b65ee9d
Date: Tue, 28 Jul 2020 19:37:34 GMT
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051576&de=431477845879&cu=1595965051576&m=5193&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=1&ag=5186&an=1123&gi=1&gf=5186&gg=1123&ix=5186&ic=5186&ez=1&ck=1123&kw=742&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5186&bx=1123&ci=1123&jz=742&dj=1&aa=1&ad=5088&cn=1025&gn=1&gk=5088&gl=1025&ik=5088&co=1025&cp=742&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4986&cd=742&ah=4986&am=742&rf=0&re=1&ft=5088&fv=1025&fw=1025&wb=2&cl=0&at=0&d=4687927377%3A2704293998%3A5392800908%3A138317043457&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=super_hero&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=937454278&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:36 GMT

GET
H/1.1 200
OK 017396ee0f720017d75db861c76a00078003007000b08
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 1 KB
1 KB 10ms
9ms Script
application/javascript 18.159.22.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-eu-central-1.tealiumiq.com/alm/main/017396ee0f720017d75db861c76a00078003007000b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1595965056878

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.22.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Version: 2102b23187ef247cb7ff05459f63de9dd5c2c899-SNAPSHOT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Region: eu-central-1
Connection: keep-alive
Content-Length: 1041
X-NodeId: i-005ab8c22f7f36fc8
Content-Type: application/javascript; charset=utf-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051526&de=552301795348&cu=1595965051526&m=5359&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5154&cd=23&ah=5154&am=23&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287720435&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=top2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=top2&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=1626251643&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051285&de=144787467378&cu=1595965051285&m=5800&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5168&cd=77&ah=5168&am=77&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_footer&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=1749000433&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051938&de=192869330025&cu=1595965051938&m=5359&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5154&cd=7&ah=5154&am=7&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138288014260&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=top1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1464629456&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052502&de=77250664034&cu=1595965052502&m=5300&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5092&cd=2&ah=5092&am=2&rf=0&re=1&wb=1&cl=0&at=0&d=4667555407%3A2625814314%3A5223456239%3A138299068990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1982972546&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052827&de=468446554239&cu=1595965052827&m=5360&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5152&cd=6&ah=5152&am=6&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=1&ih=1&sk=577996129727&tn=2bf682d4aa-clean&tz=middle2&iq=na&tt=na&tu=1&tc=0&cm=1&fs=182630&na=720197945&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1_BETA&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052852&de=169903635800&cu=1595965052852&m=5364&ar=2bf682d4aa-clean&iw=none&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5148&cd=72&ah=5148&am=72&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=2&ih=1&sk=577996129727&tn=2bf682d4aa-clean&tz=middle2&iq=na&tt=na&tu=1&tc=0&cm=1&fs=183324&na=1714723961&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 12ms
12ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965053056&de=194948463795&cu=1595965053056&m=5346&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5141&cd=7&ah=5141&am=7&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287719613&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1852403206&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:38 GMT

GET
H/1.1 200
OK index.php
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 106ms
105ms Script
text/javascript 34.192.142.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=18252462%2C18600656&cl=1008&pixelIndex=0&r=926098&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=7409752722090187592&_=1595965050783
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1 200
OK seg
ib.adnxs.com/ 43 B
1 KB 46ms
46ms Image
image/gif 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=827&add=18252462,18600656

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jul 2020 19:37:38 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.50:80
AN-X-Request-Uuid: 9552f12f-32ed-41e2-8f45-aad50b6bc468
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=0&f=0&j=&t=1595965051236&de=517968464875&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=28&cb=0&ym=0&cu=1595965051236&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4481724681%3A2255325031%3A4594036698%3A138226581719&zMoatMData=waiting&zMoatPS=footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3783%3A3783%3A4062%3A3812&tz=footer&iq=na&tt=na&tu=waiting&fs=182630&na=1733044889&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051576&de=431477845879&cu=1595965051576&m=10046&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=1&ag=10039&an=5186&gi=1&gf=10039&gg=5186&ix=10039&ic=10039&ez=1&ck=1123&kw=742&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10039&bx=5186&ci=1123&jz=742&dj=1&aa=1&ad=9941&cn=5088&gn=1&gk=9941&gl=5088&ik=9941&co=1025&cp=742&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9837&cd=4986&ah=9837&am=4986&rf=0&re=1&ft=6216&fv=5088&fw=1025&wb=2&cl=0&at=0&d=4687927377%3A2704293998%3A5392800908%3A138317043457&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=super_hero&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=1194407536&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051526&de=552301795348&cu=1595965051526&m=10404&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10195&cd=5154&ah=10195&am=5154&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287720435&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=top2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=top2&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=1164590232&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 9ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=274&w=850&fy=210&gp=2079.859375&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051641&de=552644749639&cu=1595965051641&m=10696&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2079.859375&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10064&cd=264&ah=10064&am=264&rf=0&re=1&wb=1&cl=0&at=0&d=4885392841%3A2707950611%3A5429561948%3A138318142570&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=native_single2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Creative%20API%20-%20Banner&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=native_single2&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=1015801858&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:42 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 10ms
9ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051938&de=192869330025&cu=1595965051938&m=10403&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10195&cd=5154&ah=10195&am=5154&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138288014260&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=top1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=629771384&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:42 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052502&de=77250664034&cu=1595965052502&m=10357&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10147&cd=5092&ah=10147&am=5092&rf=0&re=1&wb=1&cl=0&at=0&d=4667555407%3A2625814314%3A5223456239%3A138299068990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1709259584&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:42 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052827&de=468446554239&cu=1595965052827&m=10402&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10193&cd=5152&ah=10193&am=5152&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=1&ih=1&sk=577996129727&tn=2bf682d4aa-clean&tz=middle2&iq=na&tt=na&tu=1&tc=0&cm=1&fs=182630&na=162398376&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=600&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965053056&de=194948463795&cu=1595965053056&m=10378&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10172&cd=5141&ah=10172&am=5141&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287719613&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=686090159&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:43 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 98ms
98ms Image
image/gif 35.172.101.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=cutimes.com&p=%2F&u=BzuKR0B0bjoVD4atvA&d=cutimes.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=9226&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=4061&t=CJEG6DCajH7SHwOwmC9HqUwEv_ny&V=120&tz=-120&sn=2&sv=ZYniTCFWq1PB5Sz6IDBtjph3ZGK5&sd=1&im=067b2ef3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.101.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 28 Jul 2020 19:37:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK imsync.ashx
ml314.com/ 17 B
427 B 30ms
30ms Script
text/html 34.240.148.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/imsync.ashx?pi=3612013446478430307&data=eyJwaCI6NDczMiwid2giOjEyMDAsInRicyI6MCwiZHQiOjE1LCJwaWQiOiIxNTk1OTY1MDUwOTU2X3lna3ZtY2xwOCIsInNkIjoxMjAwfQ%3D%3D
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?286
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 19:37:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 135

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F1736359314949367011&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051576&de=431477845879&cu=1595965051576&m=15079&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=1&ag=15073&an=10039&gi=1&gf=15073&gg=10039&ix=15073&ic=15073&ez=1&ck=1123&kw=742&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15073&bx=10039&ci=1123&jz=742&dj=1&aa=1&ad=14975&cn=9941&gn=1&gk=14975&gl=9941&ik=14975&co=1025&cp=742&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14869&cd=9837&ah=14869&am=9837&rf=0&re=1&ft=6216&fv=6216&fw=1025&wb=2&cl=0&at=0&d=4687927377%3A2704293998%3A5392800908%3A138317043457&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=super_hero&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=354640696&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:46 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
8ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051285&de=144787467378&cu=1595965051285&m=15670&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15037&cd=5168&ah=15037&am=5168&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_footer&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=1907284923&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:46 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 26ms
9ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=274&w=850&fy=210&gp=2079.859375&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965051641&de=552644749639&cu=1595965051641&m=15728&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2079.859375&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15096&cd=10064&ah=15096&am=10064&rf=0&re=1&wb=1&cl=0&at=0&d=4885392841%3A2707950611%3A5429561948%3A138318142570&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=native_single2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Creative%20API%20-%20Banner&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=native_single2&iq=na&tt=na&tu=waiting&tc=0&fs=182630&na=354259043&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:47 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 10ms
10ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14052303974320016552&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052502&de=77250664034&cu=1595965052502&m=15387&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15181&cd=10147&ah=15181&am=10147&rf=0&re=1&wb=1&cl=0&at=0&d=4667555407%3A2625814314%3A5223456239%3A138299068990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle&iq=na&tt=na&tu=1&tc=0&fs=182630&na=971070884&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:47 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 8ms
7ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1_BETA&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200628153728&id=1&ii=4&f=0&j=&t=1595965052852&de=169903635800&cu=1595965052852&m=15243&ar=2bf682d4aa-clean&iw=none&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9226&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3783%3A3783%3A4062%3A3812&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15036&cd=5148&ah=15036&am=5148&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle2&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=2&ih=1&sk=577996129727&tn=2bf682d4aa-clean&tz=middle2&iq=na&tt=na&tu=1&tc=0&cm=1&fs=183324&na=1332623584&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200628153728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 19:37:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Jul 2020 19:37:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/river-load-more-pg.min.js?2020-07-28-15

Domain: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/ad-scroll-v2.min.js?2020-07-28-15

Domain: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/common.min.js?2020-07-28-15

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 15:38:37	Name: demdex Value: 85813271935823584130110556411669632253
.cutimes.com/	1970-01-20 04:50:37	Name: AMCV_96C4370453295E4C0A490D44%40AdobeOrg Value: -1303530583%7CMCIDTS%7C18472%7CMCMID%7C87432060474787271171137196797149698749%7CMCAAMLH-1596569850%7C6%7CMCAAMB-1596569850%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1595972250s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18479%7CvVersion%7C3.3.0
www.cutimes.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.cutimes.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.cutimes.com/	1970-01-19 20:43:53	Name: __qca Value: P0-738897215-1595965050897
.cutimes.com/	1970-01-19 20:05:01	Name: utag_main Value: v_id:017396ee0f720017d75db861c76a00078003007000b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1595966850738$ses_id:1595965050738%3Bexp-session$vapi_domain:cutimes.com$dcsyncran:1%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$_prevpage:cut%3Ahome%3Bexp-1595968650823$dc_region:eu-central-1%3Bexp-session
www.cutimes.com/	1970-01-19 20:48:13	Name: _cb Value: BzuKR0B0bjoVD4atvA
.cutimes.com/	1969-12-31 23:59:59	Name: AMCVS_96C4370453295E4C0A490D44%40AdobeOrg Value: 1
www.cutimes.com/	1970-01-19 11:19:26	Name: _cb_svref Value: null
www.cutimes.com/	1970-01-19 11:20:51	Name: almGeoLoc2 Value: DE
.cutimes.com/	1970-01-20 04:50:37	Name: __gads Value: ID=b4985169dd65aa0b:T=1595965051:S=ALNI_Ma3lvOPqWOkoAmHs0VWuUDtHxcixA
www.cutimes.com/	1970-01-19 20:48:13	Name: _chartbeat2 Value: .1595965050850.1595965050850.1.ZYniTCFWq1PB5Sz6IDBtjph3ZGK5.1
www.cutimes.com/	1970-01-19 11:19:25	Name: NSC_wbsojti!5_ttm_10.0.254.204 Value: ffffffff0908e00445525d5f4f58455e445a4a423660
www.cutimes.com/	1970-01-19 20:48:13	Name: _cb_ls Value: 1
.cutimes.com/	1970-01-19 11:19:26	Name: s_pers Value: %20qpv_v40%3Dcut%253Ahome%7C1595966851089%3B
.cutimes.com/	1969-12-31 23:59:59	Name: hbx_lt Value: none
www.cutimes.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 2.174
www.cutimes.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.cutimes.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_ppvl%3Dcut%25253Ahome%252C23%252C23%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B%20s_ppv%3Dcut%25253Ahome%252C18%252C18%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B
.cutimes.com/	1970-01-19 12:02:37	Name: __cfduid Value: dfa77fbb0fb067fdbc53209fbfe8b54661595965050

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://static.polarcdn.com/creative/creative.js(Line 2) Message: [MediaVoicePlugin 73907e] [object Object] WARNING [1799943219] [AdPreview] Ignoring injection target ( [object Object] ) and using default ( [object HTMLIFrameElement] ) instead.
console-api	log	(Line 4) Message: Old href 0: sponsored.html?mvi=247888b460864619be28848b4b663f46
console-api	log	(Line 5) Message: https://www.cutimes.com/native?mvi=247888b460864619be28848b4b663f46
console-api	log	(Line 6) Message: New href 0: https://www.cutimes.com/native?mvi=247888b460864619be28848b4b663f46
console-api	log	(Line 4) Message: Old href 1: sponsored.html?mvi=247888b460864619be28848b4b663f46
console-api	log	(Line 5) Message: https://www.cutimes.com/native?mvi=247888b460864619be28848b4b663f46
console-api	log	(Line 6) Message: New href 1: https://www.cutimes.com/native?mvi=247888b460864619be28848b4b663f46
console-api	log	URL: https://store.law.com/Registration/js/overlayForm.js(Line 44) Message: Skip overlay, not logged in or using a shared account.
console-api	info	URL: https://cdn.ampproject.org/rtv/012007210634000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007210634000 https://www.cutimes.com/?slreturn=20200628153728

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
acdn.adnxs.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
alm.demdex.net
b.law.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
collect.tealiumiq.com
colossusssp.com
cutimes.com
datacloud.tealiumiq.com
dpm.demdex.net
fe6dd6090be5f5d68e78d42488fdcc5e.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
geoip.alm.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
images.cutimes.com
match.adsrvr.org
mb.moatads.com
ml314.com
owlcarousel2.github.io
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
polarcdn-pentos.com
polarcdn-terrax.com
ps.eyeota.net
public.servenobid.com
px.moatads.com
rules.quantcount.com
s.dpmsrv.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.polarcdn.com
store.cutimes.com
store.law.com
store.register.creditutimes.com
sync.colossusssp.com
sync.crwdcntrl.net
tag.simpli.fi
tags.tiqcdn.com
tpc.googlesyndication.com
use.typekit.net
visitor-service-eu-central-1.tealiumiq.com
www.cutimes.com
www.dianomi.com
www.google.com
www.googletagservices.com
z.moatads.com
www.cutimes.com
104.17.193.78
104.18.22.230
13.224.194.68
143.204.89.60
15.236.9.100
151.101.113.108
169.50.137.176
169.50.137.179
172.217.18.162
18.158.135.197
18.159.22.75
185.199.108.153
185.33.221.13
204.14.32.159
204.14.32.196
216.58.212.162
23.210.250.213
23.8.6.251
2600:9000:2057:9800:18:1fcd:34e:d2a1
2600:9000:2057:dc00:6:44e3:f8c0:93a1
2606:4700::6810:85e5
2606:4700::6811:4132
2606:4700::6812:1e95
2606:4700::6812:1f95
2606:4700::6813:f77e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2004
2a00:1450:4001:806::2002
2a00:1450:4001:814::2001
2a00:1450:4001:816::2001
2a00:1450:4001:819::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81e::200a
2a00:1450:4001:824::2003
2a01:4a0:1338:28::c38a:ff0b
2a02:26f0:10c:28a::19fd
3.125.70.222
34.192.142.95
34.240.148.251
35.172.101.157
35.244.245.222
52.19.114.209
52.208.235.219
52.211.146.59
52.51.113.24
54.194.147.18
62.149.23.112
63.32.152.233
66.117.28.86
76.74.127.163
88.214.194.105
88.214.194.242
0404edab2dc1f7c6d53acc365707f538e3a6ef3e45c1210526710f01a9cbdac1
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07fd28cc6102a66ddf07b48885ff256f34a94d4baba61fbc09fa8ef8da4fb38b
0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9
0847fb2a4b12a2cfd5b8775ebf0a1ca59c1d8c34894ee2f3f26e827969f39567
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0ba0629f107423737ada65c0fcd7a851532ddb1d517772b350cd36a1bccab893
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0dd8d08c5bd2b3fbe03d7173f6ad59610b72c3cd4f8190d02469dfafce256652
0e40fbde1dbb4757342b655cc782db23c8f4844a0623a84643a349d52b6cda90
0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657
1546c1e8843a302c6ca9ce9ba4356859709c5e7342d259a832762efd786123b0
19cae05535f990e788197c828064f1730ea1a554384edac06232c548e437060e
1ae9cd16c95764d6b8b22ad09b609f1135ef2479f4bbe4a9d79e0f0d66fa00ae
1b484d46c585707d69102873172a893ffabd34b2b7e17fedf7b19015dbf251a7
1b5571e12c90aea280a8f38bd53757b68ffd9ff1b89fb878b646865d4a515768
1bfb19d425ac91e5e43bcc78f4fb32e046e1b9f0ddd8267ca85ee4d1bfe185c8
1c639f8c2d575f37e52df0e4b901f9533aec23454bad6d298fbf7d1ec3bcc1e5
1f116cf5298f94d631f3a61dd1dcb27813d5742d9167ec0146206f40480e28c3
245d9d9f1946ab61eb6ae6ac0b4148df3083a4edbcb72b46b8d9f0e48f0b1804
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
26afebdc5076bb1a02a32dfa144b0d45f7c314d4648d9ce5e621f90e69ef54af
2ae04f5982a5ed48ec3499534afeb7eea6d5221b951769a9ef6fd932971839ef
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7
300908cbcb84903590648db1851fcb3c493af3aaab47d4109e0a9f8394e06fd7
31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47
32198729988d205ae1d0940e26851397562c2a144836bce2cda02ddb31570ebb
3381192e1985c62816b185d57cd38d4f41ce2e3d06aa7cf6d33bbed794fd044e
3578cb852d3db389a5e95729c71e139cb914539652a95cdc2c8ba894dc546fb2
360a25e0b7ac5376a0c319d1eac76df31ffcce5b82faa2f3a0b3ef70f370d151
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36c9fc6051d4a3d870934f3f78edcc4acaeb2b289453123baaccceaf125f4456
386304e8dcdc06a6474321865af2cd47cea2690e7f70223a364eaeaa45f9c74c
3b82a1b9f0b35b07951ac5938c65b1afe8c456d624f0cf09aa0dadab5eb47b1e
3d8c720ef4fcd4772c311482897005047f73af7ffbbbd82865ee65db3a876188
3e8ee14092586919b5ca348ed176e27b988cfee653a306a0fed55ef028cd156a
46a69b88df8dce5def5cf781098b96c0748ed4359bfe4e7e9047b4606ba91184
493aad238e30e4f8bdd893fa05ab71335f2ec01fe0392556d84d37f501e46310
4a915c87bcd3de83940a65672999c62f20a50f8e9994a38dd3f5d7fe681e6b08
4b7c22e1d47c8df63bc6abfa17ec37e1ae4431e70c8df9b918dd20cfed819b23
4d6ea342be7071b569607dda13c586ac403d46db88dd25b2f5801401eb88a7c9
4ddb6ea1b3f3a0beb4a0ffc83fa23ea7ada62d8088a7fa07095d2294c0e20acb
4f026340bfeceb4d8a9f3b6775de85fff35b723923b62ff41ecc73bb77ccb6ef
4f2343b9cf3c5cf9d7e3819cf7e7632afcd0016c4fd0bda1e5050070decce9dd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ffaf6d5d8ebefea1142264d4bd6102067e2fa1ad6751870c4ada82bf35d28da
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5716ce0b15adaf5069220fc45fe4a099ca9da890b18258de0807583eae4721a8
57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4
58ecc1cfaf2bd3805360ae09cb08f51468c60a0f5feffc8588706335f92da5e1
5b050fe43a5b0f1d2ef7358b0f5ac5d0c5fa1c31fefb08fe220b642b03e13acd
5c0fe923b6eb7df722fafbd39b2b3cd612abb9b78e1f74f9fe93d6a21f9ef22b
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5fc6f0aaafb0654e6f77aee8062743dcc2ed72e3218310a2933c2ce18fc38f94
64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa
66f14ced94dbd60cb3c1f8fc74f67f01d05b4cbeee93c877a2e86ad31847eb44
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
71589b103fe41e467a42d73570aa89f148b223837869fe205e0914f9e4cf530f
797577bb68847511fe77ec4bc0c5e3f6ad5972df5a3119d27cbea537df7a6824
7c30c656a67a3c902072c7c839344fbe793788edbbaebb4f7a59b4c3c6750897
7d12efb125f7aa0f77f3542e7a662530d707cd498cc40132dd4ada382cdf118d
7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
842492d06c413da9ca35f875d3537d9a80464bbdd6f24d629445bebb091f71fe
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8b9f52cc60061d0f83f49d757e9cc4f39d848f655a75f49f7558b76410f971ad
8debeacf437f7073c4e205f5cd3718b8a20f8787e92a123df9f29f068bb12a34
914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09
91bac162bc5604b6d008ad25b1f70ff800018679051b854145d7371ef22a0ffb
921839a42efb25cf26b40465e503a9d54ffddc300f65ee90e23918b0639748ef
921e018e4be04fba8a1975fcb32b8e64d034160dcb6354c30f616c3bd9196e82
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab
943c47e42eff83d25675ef352e488d2e3aaf8c8af0f019a78d21339836a1f065
94df85eef2d8e9cc23591fb317e79f73f20cc7805db0c0374ea4f68220d0dde0
94ff1886b75337d9ecd8fd6c1ea51aee392e6013ac927b81a01fa62d7b79d08b
999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a007a11db39c67a44be6498c7d196bb365661520b013dc64cecf7ce67855df
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a248d3518d5feb7774476d31652f3501b7effc8d55da8beebdeccd00a18b552a
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a83fcdbe177b1250c2c8728ab21f6c51b56fa0684744288aafc60563c0dcdbd5
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b329fa560bb94ce2f0b8417b01d3744cdda13cbfaa6036800529f302457f6815
b461677c2eccfe11e75c490ac41c20f001a72482bdbc2bc9e9ff9ae33d5048ac
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a
c0cc28abd8a9800ad071fb493f1d09e0bc99d321ec94a329b7aedb74315cb79f
c293a28e23c66b27bd04bc1742f3aab0ebf6c382961c1e83140f035a08ea5e5d
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c53ca30481441065f8fb1fadf4faed737328be0db01ce75876f5aabb55b7555e
c595655ff7d1e11aa1641d3c5243d12bb62ba0180cc02639081efa1d7f1f09c4
c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14
ca6b51b31a0149375119e9bad119762543a373b70a9957c0bb25f6e91d7d7eb7
ccbd5cc32673a888beb973dbc038e381b729328bda152613cc45866955e4c10e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbc7023380757b7eb822963462b2fbdc5bba03a868df9b3f98b58c0a020dcb5
d0810aeab3073f709b2bd743754cc1ce2e2100844908b466af0eee61eb486eba
d544a2f887de77c03a7a7500bb5689450c9081761162dbafe567832439022cf9
d6aae86e1573c19295a0d5e36f9b3bb93588f49f749fab84e94dadcccaba54f0
d7244a68f36ce92897fe5787344f0582272526b50f40d1f60123d9cd9e40935f
d836affe5971294b1b43a2a39334836f2519478468c94e43545a9582e749e670
d901c0df0666d0ebe00231b25eef17879e714a2cf29d2f57bde706ac040e324b
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e09104e2d44f1a94518d3115e39e60dec46fd3486d07db5a0c815c434a7899f6
e14b2a8a5cd3f493a46c0c7797205a934141a8047f5f04681fefc46f97aedc75
e17bf13d1a6332ead07be0a1ed7c246857db7880a890012c85d06c1496e75b70
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e326710eb2cf876245197ddf8edfe8fe4ca32d5169ae8e4f730d315302e8a83a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d8df21bfc464b93ae234c429851b1be414fe48b8acd72c9495c377b4a15425
e9cfa29fa86ce04673d24bcdcfcaccf4e9e6b29f81b64553b13952cddf7194ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7559eaf776544be90a6d50a4581875e797898016c60c089ade988267e768e7
f03039f20268d397923a3abb1a064723126701a8fbf652edcf9b63e6815f5042
f122c638da51958b56ff82a444640da5f828ab350b58a09af4e3af0f5cc8165c
f603a62d6c61d3835d47e1ddb05225aa906b3d21235e6ee2874cf224ef2d8ecf
f6608ab7c7e045bf6e28e415539326d5d4ec6377ef7e9dcbca557c3dbbe9f003
f894fd8b919c340bfbcd2923c5e75518b3972c6a132140c2e9db2933f75382d9
f984792339e8c74bbbccba46173ab9171305c28975ee4438d05622b09eecc1f4
fb199303a3c6c4ec7d96d3135a9798cf63f52e829aba12d2ae8c30f01425281a
fb60e5f97a90a5a5976cf1e58a3246df0cf7cd1b4459392380c259c341e36000
fc9c9bc71151e9dc81ff5f49f2f41cec37e30e621233753dd812911fd5eff581

www.cutimes.com Open in urlscan Pro 2606:4700::6812:1f95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

296 Requests

99 %HTTPS

36 %IPv6

39 Domains

64 Subdomains

48 IPs

9 Countries

3436 kBTransfer

8353 kBSize

20 Cookies

34 Outgoing links

Page URL History

Redirected requests

296 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cutimes.com Open in urlscan Pro
2606:4700::6812:1f95 Public Scan

Screenshot
Live screenshot

Full Image

296
Requests

99 %
HTTPS

36 %
IPv6

39
Domains

64
Subdomains

48
IPs

9
Countries

3436 kB
Transfer

8353 kB
Size

20
Cookies

296 HTTP transactions
10 data transactions