www.cutimes.com Open in urlscan Pro
2606:4700::6812:1e95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.cutimes.com/
Effective URL:
https://www.cutimes.com/?slreturn=20200814094146
Submission: On September 14 via manual (September 14th 2020, 1:42:09 pm UTC) from US

Summary HTTP 273 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 58 IPs in 9 countries across 47 domains to perform 273 HTTP transactions. The main IP is 2606:4700::6812:1e95, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cutimes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.

This is the only time www.cutimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.208.117.53 162.208.117.53	11403 (NYINTERNET) (NYINTERNET)
2 41	2606:4700::68... 2606:4700::6812:1e95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	204.14.32.196 204.14.32.196	7124 (-Reserved...) (-Reserved AS-)
1 1	2606:4700::68... 2606:4700::6812:1f95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
9	104.111.215.136 104.111.215.136	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.177.118.109 35.177.118.109	16509 (AMAZON-02) (AMAZON-02)
1 4	54.154.62.31 54.154.62.31	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.21 143.204.215.21	16509 (AMAZON-02) (AMAZON-02)
15 22	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4232:7f90:a91e:6d3b:3747	14618 (AMAZON-AES) (AMAZON-AES)
9	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0a	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	204.14.32.159 204.14.32.159	7124 (-Reserved...) (-Reserved AS-)
1	54.194.171.8 54.194.171.8	16509 (AMAZON-02) (AMAZON-02)
2	15.188.154.177 15.188.154.177	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
3 10	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3	3.229.100.58 3.229.100.58	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:0:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
4 15	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1 1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
2	35.156.179.86 35.156.179.86	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
3 8	52.16.104.252 52.16.104.252	16509 (AMAZON-02) (AMAZON-02)
1 1	35.176.206.104 35.176.206.104	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10c... 2a02:26f0:10c:581::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.28.233.150 52.28.233.150	16509 (AMAZON-02) (AMAZON-02)
1	54.173.18.49 54.173.18.49	14618 (AMAZON-AES) (AMAZON-AES)
31	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:2800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.40 143.204.215.40	16509 (AMAZON-02) (AMAZON-02)
5	2a0c:5c81:502... 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696	55081 (24SHELLS) (24SHELLS)
5	52.212.5.193 52.212.5.193	16509 (AMAZON-02) (AMAZON-02)
1 6	88.214.194.242 88.214.194.242	46636 (NATCOWEB) (NATCOWEB)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.22.230 104.18.22.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 5	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
1	34.206.196.114 34.206.196.114	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.154.51.227 54.154.51.227	16509 (AMAZON-02) (AMAZON-02)
2 3	52.48.248.240 52.48.248.240	16509 (AMAZON-02) (AMAZON-02)
2 3	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	23.8.6.203 23.8.6.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4002:c07::5e	15169 (GOOGLE) (GOOGLE)
5	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
5	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	88.214.194.105 88.214.194.105	46636 (NATCOWEB) (NATCOWEB)
273	58

1 162.208.117.53 (New York, United States) 1 redirects

ASN11403 (NYINTERNET, US)
PTR: 162.208.117.53.static.nyinternet.net

link.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700::6812:1e95 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.14.32.196 (Rwanda) 1 redirects

ASN7124 (-Reserved AS-, ZZ)

store.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f95 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

store.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.199.110.153 (United States)

ASN54113 (FASTLY, US)

owlcarousel2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.111.215.136 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-136.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.118.109 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.154.62.31 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.21 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-21.fra53.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 169.50.137.190 (United States) 15 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:7f90:a91e:6d3b:3747 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a01:4a0:1338:28::c38a:ff0a (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.14.32.159 (Rwanda)

ASN7124 (-Reserved AS-, ZZ)

geoip.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.171.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-171-8.eu-west-1.compute.amazonaws.com

alm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.154.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

b.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.172.38 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.229.100.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:0:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.179.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.16.104.252 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-104-252.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.206.104 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:581::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.233.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

visitor-service-eu-central-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.18.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-40.fra53.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.212.5.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.214.194.242 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

67edcf84f6880fb43d9ecfb09f2d9350.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.230 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.174.68 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.200 (Central, Hong Kong) 1 redirects

ASN54825 (PACKET, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.196.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.51.227 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-51-227.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.48.248.240 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.150.20 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.6.203 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-8-6-203.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:c07::5e (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.194.105 (United Kingdom)

ASN46636 (NATCOWEB, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	cutimes.com 4 redirects link.cutimes.com cutimes.com www.cutimes.com store.cutimes.com images.cutimes.com	650 KB
37	doubleclick.net 6 redirects cm.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	161 KB
27	googlesyndication.com 67edcf84f6880fb43d9ecfb09f2d9350.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	306 KB
25	moatads.com z.moatads.com mb.moatads.com px.moatads.com	429 KB
24	simpli.fi 15 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	14 KB
15	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com	11 KB
10	ampproject.org cdn.ampproject.org	215 KB
10	servenobid.com ads.servenobid.com public.servenobid.com	2 KB
10	typekit.net use.typekit.net p.typekit.net	226 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	80 KB
9	tiqcdn.com tags.tiqcdn.com	80 KB
8	ml314.com 3 redirects ml314.com	16 KB
7	colossusssp.com 1 redirects colossusssp.com sync.colossusssp.com	2 KB
6	googletagservices.com www.googletagservices.com	159 KB
5	rlcdn.com 2 redirects idsync.rlcdn.com	927 B
5	adtelligent.com ghb.adtelligent.com ghb1.adtelligent.com ghb2.adtelligent.com	1 KB
5	demdex.net 1 redirects dpm.demdex.net alm.demdex.net	4 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	9 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
4	tealiumiq.com datacloud.tealiumiq.com collect.tealiumiq.com visitor-service-eu-central-1.tealiumiq.com	3 KB
4	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	50 KB
4	cloudflare.com cdnjs.cloudflare.com ajax.cloudflare.com	53 KB
4	github.io owlcarousel2.github.io	4 KB
4	law.com 1 redirects store.law.com b.law.com	6 KB
3	eyeota.net 2 redirects ps.eyeota.net	2 KB
3	crwdcntrl.net 2 redirects sync.crwdcntrl.net bcp.crwdcntrl.net	2 KB
2	openx.net 1 redirects us-u.openx.net	480 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	adsrvr.org 2 redirects match.adsrvr.org	926 B
2	exelator.com 1 redirects loadm.exelator.com	3 KB
2	pro-market.net 2 redirects fei.pro-market.net	825 B
2	google.de adservice.google.de www.google.de	997 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	8 KB
1	rubiconproject.com pixel.rubiconproject.com	774 B
1	googleadservices.com 1 redirects www.googleadservices.com	299 B
1	bluekai.com stags.bluekai.com	329 B
1	bfmio.com sync.bfmio.com	421 B
1	dianomi.com www.dianomi.com
1	intentiq.com sync.intentiq.com
1	quantcount.com rules.quantcount.com	1 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	agkn.com 1 redirects aa.agkn.com	320 B
1	chartbeat.com static.chartbeat.com	14 KB
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	alm.com geoip.alm.com	454 B
1	tremorhub.com simplifi.partners.tremorhub.com	182 B
273	47

	Domain	Requested by
31	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.cutimes.com
22	um.simpli.fi	15 redirects
21	www.cutimes.com	1 redirects www.cutimes.com ajax.cloudflare.com cdnjs.cloudflare.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.cutimes.com tpc.googlesyndication.com cdn.ampproject.org
19	px.moatads.com
19	images.cutimes.com	www.cutimes.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	ib.adnxs.com	3 redirects www.cutimes.com
9	use.typekit.net	www.cutimes.com
9	tags.tiqcdn.com	www.cutimes.com tags.tiqcdn.com
8	ml314.com	3 redirects tags.tiqcdn.com ml314.com
8	fonts.gstatic.com	fonts.googleapis.com www.cutimes.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
6	colossusssp.com	1 redirects www.cutimes.com
6	www.googletagservices.com	tags.tiqcdn.com securepubads.g.doubleclick.net
5	public.servenobid.com	www.cutimes.com
5	acdn.adnxs.com	www.cutimes.com
5	idsync.rlcdn.com	2 redirects
5	ads.servenobid.com	www.cutimes.com
5	cm.g.doubleclick.net	5 redirects
5	z.moatads.com	www.cutimes.com securepubads.g.doubleclick.net
4	dpm.demdex.net	1 redirects
4	fonts.googleapis.com	www.cutimes.com ajax.googleapis.com securepubads.g.doubleclick.net
4	owlcarousel2.github.io	www.cutimes.com
3	www.google.com	1 redirects www.cutimes.com
3	ps.eyeota.net	2 redirects
3	a.dpmsrv.com	s.dpmsrv.com
3	cdnjs.cloudflare.com	www.cutimes.com ajax.cloudflare.com
2	us-u.openx.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	ce.lijit.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	ghb1.adtelligent.com	www.cutimes.com
2	ghb.adtelligent.com	www.cutimes.com
2	visitor-service-eu-central-1.tealiumiq.com	tags.tiqcdn.com
2	b.law.com	tags.tiqcdn.com
2	store.law.com	1 redirects ajax.cloudflare.com
1	sync.colossusssp.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	pixel.rubiconproject.com
1	www.google.de
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	www.dianomi.com	www.cutimes.com
1	67edcf84f6880fb43d9ecfb09f2d9350.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ghb2.adtelligent.com	www.cutimes.com
1	pixel.quantserve.com
1	sync.intentiq.com
1	rules.quantcount.com	secure.quantserve.com
1	ping.chartbeat.net
1	p.typekit.net
1	aa.agkn.com	1 redirects
1	collect.tealiumiq.com	tags.tiqcdn.com
1	secure.quantserve.com	tags.tiqcdn.com
1	datacloud.tealiumiq.com
1	static.chartbeat.com	tags.tiqcdn.com
1	cm.everesttech.net	1 redirects
1	alm.demdex.net	tags.tiqcdn.com
1	geoip.alm.com	cdnjs.cloudflare.com
1	simplifi.partners.tremorhub.com
1	i.simpli.fi	tag.simpli.fi
1	s.dpmsrv.com	www.cutimes.com
1	mb.moatads.com	z.moatads.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	tag.simpli.fi	ajax.cloudflare.com
1	ajax.cloudflare.com	www.cutimes.com
1	store.cutimes.com	1 redirects
1	cutimes.com	1 redirects
1	link.cutimes.com	1 redirects
273	77

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
store.law.com
www.alm.com
cutimes.tradepub.com

Subject Issuer	Validity	Valid
cutimes.com Cloudflare Inc ECC CA-3	`2020-07-22` - `2021-07-22`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
store.law.com Go Daddy Secure Certificate Authority - G2	`2020-07-07` - `2022-09-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.dpmsrv.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.alm.com Trusted Secure Certificate Authority 5	`2018-01-08` - `2021-01-07`	3 years	crt.sh
b.law.com DigiCert SHA2 High Assurance Server CA	`2020-07-05` - `2021-10-08`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.tealiumiq.com Amazon	`2019-11-21` - `2020-12-21`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
*.intentiq.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
ghb.adtelligent.com Let's Encrypt Authority X3	`2020-09-09` - `2020-12-08`	3 months	crt.sh
*.servenobid.com Amazon	`2020-03-12` - `2021-04-12`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2019-09-14` - `2020-12-06`	a year	crt.sh
ghb1.adtelligent.com Let's Encrypt Authority X3	`2020-07-30` - `2020-10-28`	3 months	crt.sh
ghb2.adtelligent.com Let's Encrypt Authority X3	`2020-07-30` - `2020-10-28`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.bfmio.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-04-14` - `2021-04-10`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh
public.servenobid.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-08-25`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.cutimes.com/?slreturn=20200814094146
Frame ID: 7956DB69282C9AC399D02EDE04AA0C03
Requests: 198 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: 8576298B88320D0E348C6532CDEDB720
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2NUHyiBwWV1kiARt7yhSqBzKXKEF8sCyDJmrJvls9Nj3Qb3hS59gl753MzpFFiw4UkbJ0NtDY9KO-tQ5X-BW-GdLUWbes9J0a4yFKVsItKpEQsZiGxrwY07Ei1xUpDvutFKBanYM-4l1HTNEqcq7FruJzQ-mmHfsV7nQ17K9enA1g4J5UDyQ0sy8yMiW4EsuwpfPBeYIWR8Nyh9POP45f5F2k5ovRdJBhYqi15zOZt6NT4XvI3L5pAr6sjqxFSv_Dn65euSmcayA&sig=Cg0ArKJSzJ2lJjSMcMtnEAE&urlfix=1&adurl=
Frame ID: 60E558CF620E0A4C285CAA6A25044D23
Requests: 5 HTTP requests in this frame

Frame: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20200814094146
Frame ID: AC90D1C3CA2270F87B64268D31BF59ED
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGPbNY9UIlgAVMspPuy6037BB1S2YKql7sC4TmaH7qVS99arPrIL85gjCf5wEonfMmKJ8Eo2WGoflT-rlMO4Ul6BUJ_XSe8kkKRSxUIWQTg442DUgEmhRlZmIYndorOAeqhXDazKFNdTSMUCi179cEIm4r4eg_Nr9GWYygLtNeImXawalQl29OuV7HhmUdnVDFdnb3ZBR1OSDUx683kjPuRo9QW8Tq86Qw_p6BQ_aQfu8mRLjy75bnI1bKm9xOKHT6EjMAprhp7ug&sig=Cg0ArKJSzICB-PDQwWxlEAE&urlfix=1&adurl=
Frame ID: 5A108C6597AB4A6D0DAD1B733D0294E3
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 97B6641BB9BFE65A4D9DCEFA4830EAE1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Frame ID: 6D3322807670A86D22CDAA4FBFF297E6
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3A4_lRSXetRNDPfSLwETZW8F-UxuaCv7CXuSaL096CS-wtU6zB8sQFBfxi0QxfyPYFQHY-Ps6uk4E6irXOeX7ge7u6R9WmtPt6HKRC_usIRknf3FjoqpVZ7H5MAumx4IfLNxRa_Nnir95q_5sY778xivoAT5KbFgxUwWLOzIwj9wKWT245rOP96QJX-gxzQHjHFS6GromzKmd4Gf5UIYs6jQ2wrnn5RBlpiPg8rFDh5XoFQypMR60GXmW4wNC-wIN3F-Rggu23cY5&sig=Cg0ArKJSzICSceG8m0xNEAE&adurl=
Frame ID: 1B4DA7998AEEF96A82E35A00E51E1AD2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: ADA8A852CA436EE6F52B179C5A251A25
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Frame ID: 6082E2A11B25922E8D5071A1CEC255D3
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ0OLRWuTzyVLyCLPn0xTnY3HTLQbFR3WFHvA9fwbBn4w_5Ggn4wq69FS2kav9To8_CiA540Qh4jALJXlPX3UPPcFFIx2YavmXko_jOxzNvYHHnFJHNS7kC-5L6cA5gaMAuyawiHam4N2E6viwPa9yGPm4Xsa9ZKNMBiu5rNyXWvGfaoMHpzsTTBv5ca4gRHiTT7qweyQ35zuVOrgc6VCtSHwOciNbsFVdPCjpTfoZnQL1muk2yyiB85V5PBr5A59iUl_j8uVeCnc&sig=Cg0ArKJSzAajxNl1FzxPEAE&adurl=
Frame ID: B22493E847ED8EABF254B9BEAEE5CA8E
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: DDBF6274172606815A174BB64CD0F8D4
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 63568FB87C0B9843B9D28BC5F718D894
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 153B040002286625F6AAE425E8F08B8B
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 8765958B377C353EF3555AD7CB0ED6C0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3E45005D655AA8ADE7DFC3B33E14C968
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 0ED480DF2D77F54576B83C2FE4DF599D
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 8E33FEE3F14A148429253A446B5DD34F
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: D4948C715D5B1B005B7D3B90CFB0BE34
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 20170DE3A5D1E4394FE184FD413C3EF8
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: A2D4B3F4709D59AAC2211DBD23BCF980
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://link.cutimes.com/ HTTP 302
http://cutimes.com/ HTTP 301
https://www.cutimes.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https... HTTP 302
http://store.cutimes.com/Registration/Login.aspx?mode=token&token=81E25A60-4FE1-4851-A909-8F14D91A9C5... HTTP 302
https://www.cutimes.com/?slreturn=20200814094146 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

273
Requests

98 %
HTTPS

38 %
IPv6

47
Domains

77
Subdomains

58
IPs

9
Countries

2498 kB
Transfer

5903 kB
Size

3
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/Credit-Union-Times/95378106084

Search URL Search Domain Scan URL

URL: https://twitter.com/CU_Times

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/3821859/

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/Login.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F
Title: Sign In

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F
Title: Register

Search URL Search Domain Scan URL

URL: https://www.alm.com/terms-of-use-summit/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.alm.com/privacy-summit/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.alm.com/

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa506/prgm.cgi
Title: AI Underwriting: Crash Course for CUs

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_wora360/prgm.cgi
Title: How Finance Leaders Improve Financial Performance by Collaborating with HR

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_snac01/prgm.cgi
Title: Take the Next Step Toward eClosings with Partners and Investors

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_wora361/prgm.cgi
Title: How Finance Leaders Elevate the Role of the Back Office in Financial Services Firms

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf21/prgm.cgi
Title: Commercial Banking: Preparing for What Comes Next

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa463/prgm.cgi
Title: Case Study: Simple Digital Closings for Your Members

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf20/prgm.cgi
Title: Next Gen Banking Automation for Credit Unions

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf19/prgm.cgi
Title: How Digital Technology is Transforming the Branch for the Future

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa438/prgm.cgi
Title: Scenario Planning for the Agile Financial Institution

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_wora328/prgm.cgi
Title: How to Improve Credit Union Decision-Making and Performance with Analytics

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_wora327/prgm.cgi
Title: Financial Services: Making Informed Decisions with Improved Transparency

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa06/prgm.cgi
Title: Covid-19's Impact on the Payments Industry

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf14/prgm.cgi
Title: Why Open and Future-Proof Core Banking is the Key to Success

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf17/prgm.cgi
Title: Credit Unions and Community Banks: Competing with the Giants

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_finf18/prgm.cgi
Title: Prevailing in an Industry Forever Changed Series: Part 1 - The New Banking Nerve Center and Focus on Financial Health

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elan04/prgm.cgi
Title: Top Five Trends at the Terminal

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa03/prgm.cgi
Title: Gen Z: The Fast and Furiously Cashless

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/login.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/
Title: Sign In Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.cutimes.com/ HTTP 302
http://cutimes.com/ HTTP 301
https://www.cutimes.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146 HTTP 302
http://store.cutimes.com/Registration/Login.aspx?mode=token&token=81E25A60-4FE1-4851-A909-8F14D91A9C58&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20200814094146&debug=lawDomainIPWithRefRedirect HTTP 302
https://www.cutimes.com/?slreturn=20200814094146 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1600090909768 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1600090909768

Request Chain 39

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=34A2723A3DAA4BB394459F8242C5B40B

Request Chain 61

https://cm.everesttech.net/cm/dd?d_uuid=73008813480202253362394335355764305867 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X19zHgAABcgAg1L0

Request Chain 62

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D61033%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%253Fslreturn%253D20200814094146&_=1600090910703 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D61033%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F%25253Fslreturn%25253D20200814094146%26_%3D1600090910703 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=1514392788189636656&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=61033&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&_=1600090910703

Request Chain 77

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=01748cd9abd8001373810022a85900078003007000b08&tealium_account=alm&tealium_profile=main HTTP 302
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=01748cd9abd8001373810022a85900078003007000b08&tealium_account=alm&tealium_profile=main&google_tc= HTTP 302
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01748cd9abd8001373810022a85900078003007000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEHN4tbfZDieSUrlh0O8q1GI&google_cver=1

Request Chain 91

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=34A2723A3DAA4BB394459F8242C5B40B HTTP 302
https://um.simpli.fi/aa_px?sk=164880703544000981879

Request Chain 100

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=34A2723A3DAA4BB394459F8242C5B40B

Request Chain 149

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=34A2723A3DAA4BB394459F8242C5B40B;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=34A2723A3DAA4BB394459F8242C5B40B;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/398696.gif?partner_uid=4582076349096742333

Request Chain 150

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=34A2723A3DAA4BB394459F8242C5B40B&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=34A2723A3DAA4BB394459F8242C5B40B&j=0&xl8blockcheck=1

Request Chain 159

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=34A2723A3DAA4BB394459F8242C5B40B

Request Chain 163

https://idsync.rlcdn.com/395886.gif?partner_uid=3613120974125793282 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMzEyMDk3NDEyNTc5MzI4MhAAGg0IoOb9-gUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=fd30566d11eda3cd10f5b77d673d9a7b322fe73eec824ad12dd8784e7e956a1df4cb09cee1a4f8eb&person_id=3613120974125793282&eid=50082

Request Chain 164

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=22f4c168-fdbb-4e9c-81ab-60319c1a2dd3 HTTP 302
https://ml314.com/csync.ashx?fp=22f4c168-fdbb-4e9c-81ab-60319c1a2dd3&person_id=3613120974125793282&eid=53819

Request Chain 165

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613120974125793282 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613120974125793282 HTTP 302
https://ml314.com/csync.ashx?fp=c5f74dcbd93acb4b3df41e311bbd6344&eid=50146&person_id=3613120974125793282

Request Chain 166

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2cTf3EjOrqq0fBgF92GmQUjTNk_qkr9zfbA9BpAo9aoo&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ml314.com/csync.ashx?fp=2cTf3EjOrqq0fBgF92GmQUjTNk_qkr9zfbA9BpAo9aoo&person_id=3613120974125793282&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1514392788189636656&pixelIndex=0&_=1600090910704 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1514392788189636656&pixelIndex=0&_=1600090910704&google_gid=CAESECLigFpYaNmEn1oBz-uNAWs&google_cver=1

Request Chain 192

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=34A2723A3DAA4BB394459F8242C5B40B

Request Chain 194

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=34A2723A3DAA4BB394459F8242C5B40B

Request Chain 195

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=34A2723A3DAA4BB394459F8242C5B40B HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=34A2723A3DAA4BB394459F8242C5B40B&dnr=1

Request Chain 196

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=34A2723A3DAA4BB394459F8242C5B40B

Request Chain 218

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1600090909906&cv=7&fst=1600090909906&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=591551047&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=IXNfX9HNFMi8lgS2vL6oDQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=591551047&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=IXNfX9HNFMi8lgS2vL6oDQ&cid=CAQSKQCNIrLMVWDev9m_a7Tu85UDRD-6wJOGEs1MuJu_bNOql8eArx3yNNn2&random=278790704 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=591551047&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=IXNfX9HNFMi8lgS2vL6oDQ&cid=CAQSKQCNIrLMVWDev9m_a7Tu85UDRD-6wJOGEs1MuJu_bNOql8eArx3yNNn2&random=278790704&ipr=y&ezwbk=AZuM4hDHHEbr6bdHhXKr_5d5jfKM2WbAR_wU5t8NtUkQrYWPDhrKQYobkSMBlcoqOjM1iOUtE9HuVFSL0gmhPdFdOhZY

Request Chain 219

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=34A2723A3DAA4BB394459F8242C5B40B HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=34A2723A3DAA4BB394459F8242C5B40B&__user_check__=1&sync_id=0ca2f1b3-f690-11ea-81b3-173c25ca0c06

Request Chain 220

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=34A2723A3DAA4BB394459F8242C5B40B

Request Chain 225

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=34A2723A3DAA4BB394459F8242C5B40B&expires=365

Request Chain 228

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=34A2723A3DAA4BB394459F8242C5B40B HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=34A2723A3DAA4BB394459F8242C5B40B

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEBeB21xbA78nEwMHGjQ7vEI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34A2723A3DAA4BB394459F8242C5B40B HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 263

https://colossusssp.com/?c=o&m=cookie HTTP 302
https://sync.colossusssp.com/hms.gif?puid=6f692ae4a99f0affaf363886067ab9d05109affc

Request Chain 269

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=18252462,18600656 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D18252462%2C18600656

273 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cutimes.com/
Redirect Chain

http://link.cutimes.com/
http://cutimes.com/
https://www.cutimes.com/
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146
http://store.cutimes.com/Registration/Login.aspx?mode=token&token=81E25A60-4FE1-4851-A909-8F14D91A9C58&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20200814094146&debug=lawDomainIPWithRefRe...
https://www.cutimes.com/?slreturn=20200814094146

83 KB
15 KB

421ms
420ms

Document
text/html

2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25186c8782ac937925d276a7e6132fe998246435e9849e3483ffd01c0dd4020

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.cutimes.com
:scheme: https
:path: /?slreturn=20200814094146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d0d041ee5d2335db445e50bc537a265e81600090905; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00445525d5f4f58455e445a4a423660; ipAddress=5l04acdREJUqongusU4V; UCID=67c90e6d-fdfb-4a0b-810a-a63012a15974
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 14 Sep 2020 13:41:47 GMT
content-type: text/html;charset=utf-8
cf-ray: 5d2a870a8cec05b3-FRA
cache-control: private
content-language: en-US
set-cookie: ssoCompliant=; Max-Age=31536000; Expires=Tue, 14-Sep-2021 13:41:47 GMT; Path=/ NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00445525d5f4f58455e445a4a423660;expires=Mon, 14-Sep-2020 13:46:48 GMT;path=/;secure;httponly
cf-cache-status: DYNAMIC
backend: templates_newlaw_director
cf-request-id: 052e72ba98000005b3ed823200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 21
vary: Accept-Encoding
server: cloudflare
content-encoding: br

Redirect headers

Date: Mon, 14 Sep 2020 13:41:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.cutimes.com/?slreturn=20200814094146
CF-Ray: 5d2a8708fd9505d4-FRA
Cache-Control: private
Set-Cookie: regSID=3908c6ba-36d2-4348-8729-df0d758b5c31; expires=Mon, 14-Sep-2020 14:43:34 GMT; path=/; HttpOnly ipAddress=5l04acdREJUqongusU4V; domain=.cutimes.com; expires=Tue, 15-Sep-2020 01:43:34 GMT; path=/ UCID=67c90e6d-fdfb-4a0b-810a-a63012a15974; domain=.cutimes.com; expires=Wed, 14-Sep-2050 13:43:34 GMT; path=/
CF-Cache-Status: DYNAMIC
cf-request-id: 052e72b99d000005d4f2104200000001
Referrer-Policy: origin-when-cross-origin
X-AspNet-Version: 4.0.30319
X-Powered-By: Server #1
Vary: Accept-Encoding
Server: cloudflare

GET
H2 200 markets.min.css
www.cutimes.com/assets/master-template/css/release/ 328 KB
45 KB 446ms
430ms Stylesheet
text/css 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2020-09-14-09

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d901c0df0666d0ebe00231b25eef17879e714a2cf29d2f57bde706ac040e324b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 2
status: 200
backend: templates_newlaw_director
cf-request-id: 052e72bc5b000005b3ed870200000001
cteonnt-length: 335677
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"335677-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5d2a870d5ddd05b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 105ms
23ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: db023a759ac4fe6a4b5078bb497dd70056448bed
date: Mon, 14 Sep 2020 13:41:47 GMT
content-encoding: gzip
age: 151
x-cache: HIT
status: 200
content-length: 1068
x-served-by: cache-hhn4049-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 4B7C:B1B1:74098:7D3F8:5F471E6A
x-timer: S1600090908.823122,VS0,VE0
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 27 Aug 2020 02:52:39 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 7

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
665 B 112ms
29ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 849664feb047f6287fd75f578d6f7f5503f1e79e
date: Mon, 14 Sep 2020 13:41:47 GMT
content-encoding: gzip
age: 195
x-cache: HIT
status: 200
content-length: 479
x-served-by: cache-hhn4049-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 7E74:08E8:F4DD8:12C701:5F3DC51A
x-timer: S1600090908.823290,VS0,VE0
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 20 Aug 2020 00:38:54 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 2

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
30 KB 43ms
27ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 405126
cf-ray: 5d2a870d684f2bad-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052e72bc6100002badf5a8a200000001
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
etag: W/"5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://www.cloudflare.com/cdn-cgi/beacon/nel-inserter-prod?req_id=pseudo-uid&lkg-colo=fra&lkg-time=1600090907&lkg-ip=2a01:4f8:192:5414::2","weight":90},{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1600090907&lkg-ip=2a01:4f8:192:5414::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Sat, 04 Sep 2021 13:41:47 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 11 KB
4 KB 35ms
19ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 404421
cf-ray: 5d2a870d68502bad-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 052e72bc6100002badf5a8b200000001
last-modified: Thu, 25 Jun 2020 01:22:57 GMT
server: cloudflare
etag: W/"5ef3fc71-2b0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://www.cloudflare.com/cdn-cgi/beacon/nel-inserter-prod?req_id=pseudo-uid&lkg-colo=fra&lkg-time=1600090907&lkg-ip=2a01:4f8:192:5414::2","weight":90},{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1600090907&lkg-ip=2a01:4f8:192:5414::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Sat, 04 Sep 2021 13:41:47 GMT

GET
H2 200 yi.js Show response
z.moatads.com/almprebidheader476420012280/ 95 KB
36 KB 164ms
49ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almprebidheader476420012280/yi.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0e40fbde1dbb4757342b655cc782db23c8f4844a0623a84643a349d52b6cda90

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:47 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 21:09:46 GMT
server: AmazonS3
x-amz-request-id: 0F130EE62A1D3634
etag: "8389737683f8879d84e29825a1ca8102"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41413
accept-ranges: bytes
content-length: 36741
x-amz-id-2: a2UZMHP/vPTKDGa0eSYPylQ/tT+xRNAYzEjM1t2LeLUSGkl0YrX36oq6vHfC6M/VVIGE0cpg4A0=

GET
H2 200 nav-icon-mini-burger-white.png
www.cutimes.com/assets/master-template/images/market-images/ 58 B
234 B 480ms
465ms Image
image/webp 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2855
x-cache: MISS
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-mini-burger-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 58
cf-request-id: 052e72bc61000005b3ed874200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
etag: W/"2855-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a870d6df905b3-FRA
x-vnode: 27
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 nav-icon-search-white.png
www.cutimes.com/assets/master-template/images/market-images/ 350 B
595 B 478ms
463ms Image
image/webp 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d836affe5971294b1b43a2a39334836f2519478468c94e43545a9582e749e670

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=3368
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-search-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 350
cf-request-id: 052e72bc61000005b3ed875200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
etag: W/"3368-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a870d6e0105b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 social-fb-white.png
www.cutimes.com/assets/master-template/images/market-images/ 164 B
459 B 515ms
500ms Image
image/webp 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af416120f43bfee84e300f2a0c359310087a64f1b4f19b39f1f8cd65ce0c84ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1222
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="social-fb-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 164
cf-request-id: 052e72bc62000005b3ed876200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
etag: W/"1222-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a870d6e0505b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 social-tw-white.png
www.cutimes.com/assets/master-template/images/market-images/ 354 B
519 B 478ms
464ms Image
image/webp 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

648e79ebde6cf1350cfa7568f8f5a582d599281cb3245aeef278465cbe3ffeb3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1583
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="social-tw-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 354
cf-request-id: 052e72bc62000005b3ed877200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
etag: W/"1583-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a870d6e0705b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 social-li-white.png
www.cutimes.com/assets/master-template/images/market-images/ 256 B
420 B 480ms
466ms Image
image/webp 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1413
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="social-li-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 256
cf-request-id: 052e72bc62000005b3ed878200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
etag: W/"1413-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a870d6e0b05b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 nav-icon-sign-in.png
www.cutimes.com/assets/master-template/images/ 240 B
489 B 419ms
415ms Image
image/webp 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1322
x-cache: HIT 2
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in.webp"
cf-bgj: imgq:100,h2pri
content-length: 240
cf-request-id: 052e72be39000005b3ed8b3200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
etag: W/"1322-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a87105f0e05b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 cut-logo-white-nav.png
www.cutimes.com/assets/master-template/images/market-images/ 2 KB
2 KB 426ms
422ms Image
image/webp 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/cut-logo-white-nav.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9c9bc71151e9dc81ff5f49f2f41cec37e30e621233753dd812911fd5eff581

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2159
x-cache: MISS
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="cut-logo-white-nav.webp"
cf-bgj: imgq:100,h2pri
content-length: 1896
cf-request-id: 052e72be3a000005b3ed8b4200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
etag: W/"2159-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a87105f1005b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 roadblock-hurdle-challenge-wall-businessman-e1598380052475.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/08/ 52 KB
52 KB 467ms
441ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/08/roadblock-hurdle-challenge-wall-businessman-e1598380052475.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3de412f4dc1f6cf18c2a7fb33d95470ad72070beaf96daf3bc16c76c80475bc6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=56054, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 53275
cf-request-id: 052e72bcc7000005b3ed888200000001
last-modified: Tue, 25 Aug 2020 18:27:31 GMT
server: cloudflare
etag: "8614af-daf6-5adb7db37065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a870e0ff105b3-FRA
x-vnode: 27
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 HR-engaged-employees-e1523579485946.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2018/04/ 33 KB
33 KB 460ms
434ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2018/04/HR-engaged-employees-e1523579485946.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

188e4c5cf1190436b8d71acc70ed6fac0ee24ee601416192511ef974605bb31e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=35393, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 33860
cf-request-id: 052e72bcc7000005b3ed88b200000001
last-modified: Fri, 13 Apr 2018 00:31:25 GMT
server: cloudflare
etag: "a60c21-8a41-569affe09d751"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a870e0ff805b3-FRA
x-vnode: 145
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 project-management-remote-scheduling-e1589739953748.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 42 KB
42 KB 494ms
468ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/project-management-remote-scheduling-e1589739953748.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8debeacf437f7073c4e205f5cd3718b8a20f8787e92a123df9f29f068bb12a34

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=45537, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 43169
cf-request-id: 052e72bcc7000005b3ed88a200000001
last-modified: Sun, 17 May 2020 18:25:53 GMT
server: cloudflare
etag: "81f58c-b1e1-5a5dc2d3164c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a870e0ff605b3-FRA
x-vnode: 28
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 businessman-iceberg-challenge-crisis-e1588091885394.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/04/ 24 KB
24 KB 569ms
544ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/04/businessman-iceberg-challenge-crisis-e1588091885394.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dd2b02623d14a1f2491337fb6b2b461c70b89bb24ee10457d6c5dc2eb112213

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 24159
cf-request-id: 052e72bcc7000005b3ed889200000001
last-modified: Tue, 28 Apr 2020 16:38:05 GMT
server: cloudflare
etag: "818c19-5e5f-5a45c74af81e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a870e0ff405b3-FRA
x-vnode: 27
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 30ms
8ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:47 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 09 Sep 2020 14:39:45 GMT
server: cloudflare
etag: W/"5f58e931-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5d2a870e0de8635f-FRA
cf-request-id: 052e72bcc50000635f669a0200000001
expires: Wed, 16 Sep 2020 13:41:47 GMT

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 83ms
24ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 8923207fa86614679a2ddbffed50f63c56a832ba
date: Mon, 14 Sep 2020 13:41:47 GMT
content-encoding: gzip
age: 151
x-cache: HIT
status: 200
content-length: 1068
x-served-by: cache-hhn4040-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 4B7C:B1B1:74098:7D3F8:5F471E6A
x-timer: S1600090908.903977,VS0,VE0
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 27 Aug 2020 02:52:39 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 5

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
687 B 23ms
23ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 9d663c88b29315dc35433fb434e71716a21afe86
date: Mon, 14 Sep 2020 13:41:48 GMT
content-encoding: gzip
age: 196
x-cache: HIT
status: 200
content-length: 479
x-served-by: cache-hhn4040-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 7E74:08E8:F4DD8:12C701:5F3DC51A
x-timer: S1600090909.946028,VS0,VE0
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 20 Aug 2020 00:38:54 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 4

GET
H2 200 3f25cc00-b9ab-0134-0eba-0cc47a63c1a4 Show response
tag.simpli.fi/sifitag/ 4 KB
5 KB 413ms
305ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

de3e62eea3d8ce417cd7d88eff0f1c0864dd0865df26f2fc8fae4d43adb80e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 14 Sep 2020 13:41:49 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3929
x-request-id: FjSqNEV-pKX9Ka8jtrlB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 river-load-more-pg.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 4 KB
1 KB 420ms
418ms Script
application/javascript 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/river-load-more-pg.min.js?2020-09-14-09

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:49 GMT
content-encoding: br
cf-cache-status: MISS
ntcoent-length: 4031
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
cf-request-id: 052e72c13c000005b3ed944200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4031-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5d2a87152dae05b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:49 GMT

GET
H2 200 ad-scroll-v2.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 1 KB
560 B 437ms
436ms Script
application/javascript 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/ad-scroll-v2.min.js?2020-09-14-09

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15b3822abbc2051e33b81dd6d7a11854edca718b5a77e7711ddce65bdb963caa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:49 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 33
status: 200
backend: templates_newlaw_director
cf-request-id: 052e72c13c000005b3ed945200000001
cteonnt-length: 1440
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1440-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5d2a87152db205b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:49 GMT

GET
H2 200 master-core-lite.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 27 KB
10 KB 24ms
23ms Script
application/javascript 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9cfa29fa86ce04673d24bcdcfcaccf4e9e6b29f81b64553b13952cddf7194ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:49 GMT
content-encoding: br
cf-cache-status: HIT
age: 958
x-cache: MISS
status: 200
backend: templates_newlaw_director
cf-request-id: 052e72c13c000005b3ed946200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"27835-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5d2a87152db405b3-FRA
x-vnode: 145
expires: Mon, 14 Sep 2020 17:41:49 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
15 KB 12ms
11ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 402244
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15508
cf-request-id: 052e72c13a00002badf5b0c200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
etag: "5eb03f26-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d2a87152e422bad-FRA
expires: Sat, 04 Sep 2021 13:41:48 GMT

GET
H2 200 tealium.js Show response
www.cutimes.com/assets/master-template/js/ 4 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/tealium.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58ecc1cfaf2bd3805360ae09cb08f51468c60a0f5feffc8588706335f92da5e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 2826
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
cf-request-id: 052e72c13c000005b3ed947200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4577-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5d2a87152db605b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H/1.1 200
OK overlayForm.js Show response
store.law.com/Registration/js/ 14 KB
4 KB 357ms
116ms Script
application/javascript 204.14.32.196
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/Registration/js/overlayForm.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.14.32.196 , Rwanda, ASN7124 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / Server #1
Resource Hash: c595655ff7d1e11aa1641d3c5243d12bb62ba0180cc02639081efa1d7f1f09c4

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 13:43:35 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 10 Sep 2020 23:23:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: Server #1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=900
Accept-Ranges: bytes
Content-Length: 3594
ETag: "06d236ec987d61:0"

GET
H2 200 common.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 53 KB
13 KB 27ms
26ms Script
application/javascript 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/common.min.js?2020-09-14-09

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9423431867316005a1c000237c6649870a2e388fa2e741fe6d8dbe09137f760c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:49 GMT
content-encoding: br
cf-cache-status: HIT
age: 547
x-cache: HIT 2
status: 200
backend: templates_newlaw_director
cf-request-id: 052e72c13d000005b3ed948200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"54431-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5d2a87152dbc05b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:48 GMT

GET
H2 200 lazyloadXT.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 3 KB
2 KB 438ms
427ms Script
application/javascript 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-cache: MISS
status: 200
backend: templates_newlaw_director
cf-request-id: 052e72c14e000005b3ed94b200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2937-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5d2a87154e2305b3-FRA
x-vnode: 28
expires: Mon, 14 Sep 2020 17:41:49 GMT

GET
H2 200 cutimes.prebid.js Show response
www.cutimes.com/assets/master-template/js/prebid/ 207 KB
61 KB 37ms
27ms Script
application/javascript 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfbc7023380757b7eb822963462b2fbdc5bba03a868df9b3f98b58c0a020dcb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:49 GMT
content-encoding: br
cf-cache-status: HIT
age: 2727
x-cache: MISS
status: 200
backend: templates_newlaw_director
cf-request-id: 052e72c14e000005b3ed94c200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"211483-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5d2a87154e2705b3-FRA
x-vnode: 145
expires: Mon, 14 Sep 2020 17:41:49 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 19ms
9ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16671
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 09:03:58 GMT

GET
H2 200 css Show response
fonts.googleapis.com/ 3 KB
1 KB 89ms
16ms Fetch
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b484d46c585707d69102873172a893ffabd34b2b7e17fedf7b19015dbf251a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 13:29:09 GMT
server: ESF
date: Mon, 14 Sep 2020 13:41:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 13:41:49 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 119 KB
33 KB 250ms
101ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 626cd34e7410949632eab5f59634556c08dcd03e286f57a428a1901ec126959e

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:49 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 17:23:39 GMT
server: AkamaiNetStorage
etag: "ee73a5caf6fecbabf4a8772c96ee5350:1599845018.878005"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 33041
expires: Mon, 14 Sep 2020 13:46:49 GMT

GET
H2 200 yi.js Show response
mb.moatads.com/ 1 KB
2 KB 214ms
71ms Script
text/html 35.177.118.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&callback=MoatNadoAllJsonpRequest_73855636
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almprebidheader476420012280/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.118.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: a7a908374fcc7d8ced61c3d2d3ec5a61391fd02d0515611b763928c016eb7425

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:49 GMT
server: TornadoServer/4.5.3
etag: "2ffa00ec6d9e2936316d2ec89806763a7a7d9a2a"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 1456

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 115ms
111ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1600090909288&de=578504156971&d=ALM_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=31f9dba90d-clean&iw=af9b55d&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=cutimes.com&bd=cutimes.com&ac=1&bq=11&f=0&na=182388588&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:49 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:49 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1600090909768
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1600090909768

362 B
1 KB

53ms
50ms

XHR
application/json

54.154.62.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1600090909768

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.62.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f06c5c7b639aba87547337bfaa30d5d30fd068a0090c6a214da5832aa1915b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-006423049.edge-irl1.demdex.com 5.78.0.20200908113611 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: um/291ywQ+M=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 298
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.cutimes.com
X-TID: 8/unqpSvRWI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1600090909768
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Show response
s.dpmsrv.com/ 284 KB
48 KB 161ms
52ms Script
application/x-javascript 143.204.215.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-21.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d04a53c2fa0c68ba075caed3485fe820cb2a0c18e3ad2298f6c80f1a1dafd57

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Sep 2020 21:16:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2020 21:00:17 GMT
Server: AmazonS3
Age: 59132
ETag: "2e38ee1d8cb116fe20335e0292f8f575"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 48148
X-Amz-Cf-Id: bhKsYemdTwBF5pQGuzurXNLlCFz1f_bkEt1ZRn8aeB0e7Rjz2oms-Q==

GET
H2 200 markets.min.css Show response
www.cutimes.com/assets/master-template/css/release/ 328 KB
45 KB 431ms
430ms XHR
text/css 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2020-09-14-09

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d901c0df0666d0ebe00231b25eef17879e714a2cf29d2f57bde706ac040e324b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: templates_newlaw_director
cf-request-id: 052e72c4c0000005b3ed9c1200000001
cteonnt-length: 335677
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"335677-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 5d2a871ace0805b3-FRA
x-vnode: 27
expires: Mon, 14 Sep 2020 17:41:50 GMT

GET
H2 200 p Show response
i.simpli.fi/ 749 B
1 KB 44ms
42ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e0ccdc211f5297bcbd1c9d1ced3ae48713dc9fd3422ab635d818cdc8980ceaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 14 Sep 2020 13:41:49 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=34A2723A3DAA4BB394459F8242C5B40B

43 B
182 B

305ms
113ms

Image
image/gif

2600:1f18:612b:4232:7f90:a91e:6d3b:3747
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=34A2723A3DAA4BB394459F8242C5B40B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:7f90:a91e:6d3b:3747 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 14 Sep 2020 13:41:50 GMT
server: Apache-Coyote/1.1
content-type: image/gif
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

Redirect headers

date: Mon, 14 Sep 2020 13:41:50 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://simplifi.partners.tremorhub.com/sync?UISF=34A2723A3DAA4BB394459F8242C5B40B
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 13 Sep 2020 13:41:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
840 B 29ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 13:33:54 GMT
server: ESF
date: Mon, 14 Sep 2020 13:41:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 13:41:50 GMT

GET
H2 200 qkq4rhw.js Show response
use.typekit.net/ 19 KB
7 KB 69ms
22ms Script
text/javascript 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

nginx /

Resource Hash

eab94bfcd230b07377dd03ee9f8e0deea86ac3b1d34494e43a9daa6f692c5202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Mon, 14 Sep 2020 13:41:50 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7012

GET
H2 200 utag.87.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 9 KB
3 KB 51ms
50ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.87.js?utv=ut4.39.202007222226
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b329fa560bb94ce2f0b8417b01d3744cdda13cbfaa6036800529f302457f6815

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 22:26:28 GMT
server: AkamaiNetStorage
etag: "cd8587db2697e130b292a91760a32f40:1595456788.403344"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2897
expires: Tue, 29 Sep 2020 13:41:50 GMT

GET
H2 200 utag.26.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 49ms
49ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202003232302
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0404edab2dc1f7c6d53acc365707f538e3a6ef3e45c1210526710f01a9cbdac1

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:56 GMT
server: AkamaiNetStorage
etag: "f6fc4a048e38478542f37e53c6fe35da:1592861216.785713"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1505
expires: Tue, 29 Sep 2020 13:41:50 GMT

GET
H2 200 utag.78.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 108 KB
34 KB 60ms
59ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.39.202009111723
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 95cfe8033d2aaa709f3952f9c3e77cf4ce1bdb22ff6eed11cca3f0b67b7a397d

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 17:23:39 GMT
server: AkamaiNetStorage
etag: "68a11eb3ebf789b99c2b392dffb45f9a:1599845019.539075"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 34856
expires: Tue, 29 Sep 2020 13:41:50 GMT

GET
H2 200 utag.32.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 49ms
48ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.32.js?utv=ut4.39.201909121652
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:56 GMT
server: AkamaiNetStorage
etag: "fb390697366796015697c0162fac7588:1592861216.366485"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1448
expires: Tue, 29 Sep 2020 13:41:50 GMT

GET
H2 200 utag.39.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 51ms
49ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2016 19:05:16 GMT
server: AkamaiNetStorage
etag: "19f5cfea9207d9078058ad07886d8356:1472583916"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 953
expires: Tue, 29 Sep 2020 13:41:50 GMT

GET
H2 200 utag.101.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 13 KB
4 KB 65ms
63ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 300908cbcb84903590648db1851fcb3c493af3aaab47d4109e0a9f8394e06fd7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 21:26:53 GMT
server: AkamaiNetStorage
etag: "d92cbafa99067935fba25cba6e9bcb91:1592861213.763276"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4339
expires: Tue, 29 Sep 2020 13:41:50 GMT

GET
H2 200 utag.112.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 65ms
64ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.39.202005192159
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
content-encoding: gzip
last-modified: Tue, 19 May 2020 21:59:32 GMT
server: AkamaiNetStorage
etag: "237667acf6557ccb2652f9af3e9f82a8:1589925572.725309"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1014
expires: Tue, 29 Sep 2020 13:41:50 GMT

GET
H2 200 all.json Show response
www.cutimes.com//paging/content/ 89 KB
17 KB 213ms
209ms XHR
application/json 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com//paging/content/all.json?id=33&limit=100&start=20

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82095520525aafaa7c5209e5e2f3c2dc2d9e65a423f73288ea0d3f04efeed94d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20200814094146
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
cf-ray: 5d2a871cbb4c05b3-FRA
x-vnode: 27
cf-request-id: 052e72c5f2000005b3ed9e2200000001

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK / Show response
geoip.alm.com/json/ 189 B
454 B 517ms
121ms XHR
application/json 204.14.32.159
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.alm.com/json/
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 204.14.32.159 , Rwanda, ASN7124 (-Reserved AS-, ZZ),
Reverse DNS
Software: /
Resource Hash: c21d676c690a393fb03f001473eefa76a0f812dfd9b21dc57eace934a90b1939

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:51 GMT
Access-Control-Allow-Credentials: true
X-Database-Date: Sat, 12 Sep 2020 08:05:03 GMT
Content-Length: 189
Vary: Origin
Content-Type: application/json

GET
H2 200 car-buying-paperwork-e1599834596663.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/09/ 39 KB
40 KB 497ms
484ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/09/car-buying-paperwork-e1599834596663.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

473e438de12b07327cabffccf5e67130140441dbaa9c995f06b97abee3548c47

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=41693, status=webp_bigger
x-cache: HIT 2
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 40436
cf-request-id: 052e72c78d000005b3ed9ff200000001
last-modified: Fri, 11 Sep 2020 14:29:56 GMT
server: cloudflare
etag: "a213b4-a2dd-5af0a84d3a280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a871f4af905b3-FRA
x-vnode: 27
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 Liberty-Lake-Wash.-e1599852809324.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/09/ 47 KB
47 KB 488ms
476ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/09/Liberty-Lake-Wash.-e1599852809324.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce39d1741d10da4eb3192a238ab22d2f13a6abdfaae77050539ea55aca7a43e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=50710, status=webp_bigger
x-cache: HIT 2
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 48151
cf-request-id: 052e72c78d000005b3eda00200000001
last-modified: Fri, 11 Sep 2020 19:33:29 GMT
server: cloudflare
etag: "a213cd-c616-5af0ec2625e18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a871f4afd05b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 covid-19-cash-e1599846067994.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/09/ 41 KB
42 KB 895ms
884ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/09/covid-19-cash-e1599846067994.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ca2b037b05b96472aa51169c4d58973f93db12406e01c107a1d475407707913

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=44102, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 42438
cf-request-id: 052e72c78d000005b3eda01200000001
last-modified: Fri, 11 Sep 2020 17:41:08 GMT
server: cloudflare
etag: "a213bf-ac46-5af0d309601a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a871f4b0005b3-FRA
x-vnode: 145
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 nav-icon-sign-in-white.png
www.cutimes.com/assets/master-template/images/market-images/ 240 B
677 B 446ms
436ms Image
image/webp 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=3131
x-cache: MISS
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in-white.webp"
cf-bgj: imgq:100,h2pri
content-length: 240
cf-request-id: 052e72c78d000005b3eda02200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
etag: W/"3131-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a871f4b0405b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 arrow-open.png
www.cutimes.com/assets/master-template/images/market-images/ 134 B
301 B 471ms
461ms Image
image/webp 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/arrow-open.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2986
x-cache: HIT 1
status: 200
backend: templates_newlaw_director
content-disposition: inline; filename="arrow-open.webp"
cf-bgj: imgq:100,h2pri
content-length: 134
cf-request-id: 052e72c78d000005b3eda03200000001
last-modified: Thu, 10 Sep 2020 17:59:42 GMT
server: cloudflare
etag: W/"2986-1599760782000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5d2a871f4b0605b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 start-new-career-e1558122915763.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/05/ 10 KB
10 KB 1259ms
1249ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2019/05/start-new-career-e1558122915763.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

788728e63b4885d59e672a2fbdd4c834f41e3c5e898e4a70dec4814a6b4d32be

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 10169
cf-request-id: 052e72c78d000005b3eda04200000001
last-modified: Fri, 17 May 2019 19:57:46 GMT
server: cloudflare
etag: "633c3f-27b9-5891acbe4fd24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a871f4b0705b3-FRA
x-vnode: 145
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 u.s.-capitol-building-sunny-e1560430419267.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/06/ 12 KB
12 KB 927ms
912ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2019/06/u.s.-capitol-building-sunny-e1560430419267.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81ba96c1d40d90b96fc21ef31918f3fba320daa9aaf987de68e482f7e4c98efa

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 11786
cf-request-id: 052e72c7a4000005b3eda07200000001
last-modified: Fri, 14 Jun 2019 13:07:07 GMT
server: cloudflare
etag: "654bd0-2e0a-58b4852d5d133"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a871f6b7e05b3-FRA
x-vnode: 145
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H/1.1 200
OK Cookie set dest5.html
alm.demdex.net/ Frame 8576 0
0 302ms
74ms Document
text/html 54.194.171.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.171.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-171-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: alm.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200814094146
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=73008813480202253362394335355764305867
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 09 Sep 2020 13:51:28 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=73008813480202253362394335355764305867;Path=/;Domain=.demdex.net;Expires=Sat, 13-Mar-2021 13:41:50 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: eAb6rXvfTbk=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
b.law.com/ 48 B
478 B 166ms
44ms XHR
application/x-javascript 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.law.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=77149706308582961843421195697248625035&ts=1600090910669

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

295c7c5ed106e5fef3972eea2d415c3c05d85939c598e7022309c1d608ea0804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Mon, 14 Sep 2020 13:41:50 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5bd4cfd76-6vfc2
vary: Origin
x-c: master-1347.Ibe097b.M0-443
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X19zHgAABcgAg1L0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=73008813480202253362394335355764305867
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X19zHgAABcgAg1L0

42 B
915 B

58ms
58ms

Image
image/gif

54.154.62.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X19zHgAABcgAg1L0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.62.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-06c30e60b.edge-irl1.demdex.com 5.78.0.20200908113611 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: pojVjDjAT94=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 14 Sep 2020 13:41:50 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X19zHgAABcgAg1L0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D61033%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%2...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D61033%2526tzOffset%25...
https://a.dpmsrv.com/dpmpxl/index.php?id=1514392788189636656&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=61033&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&_=1600090910703

243 B
996 B

530ms
122ms

Script
text/javascript

3.229.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=1514392788189636656&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=61033&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&_=1600090910703
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.100.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8697e9c5ccc462abb42eb4b5dca3e9ec7ddfc771ec7e503fa91deed463d288e1

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 217
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:51 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.43:80
AN-X-Request-Uuid: ea1920cd-12d0-4183-aa13-229eadd1bc0e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=1514392788189636656&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=61033&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&_=1600090910703
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 35ms
4ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33656

GET
H2 200 l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 33 KB
33 KB 44ms
15ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 943c47e42eff83d25675ef352e488d2e3aaf8c8af0f019a78d21339836a1f065

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
server: nginx
etag: "0373618e2db17cca6330e4b11556968310f08eb7"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33856

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 41ms
13ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 32 KB
32 KB 35ms
7ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
server: nginx
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32380

GET
H2 200 l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ 32 KB
33 KB 47ms
20ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
server: nginx
etag: "b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33180

GET
H2 200 l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 19 KB
19 KB 34ms
9ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 36c9fc6051d4a3d870934f3f78edcc4acaeb2b289453123baaccceaf125f4456

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
server: nginx
etag: "5cf72d8979177145b3e27e04c6afd6f60bee7a35"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19272

GET
H2 200 l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 19 KB
19 KB 32ms
8ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 46a69b88df8dce5def5cf781098b96c0748ed4359bfe4e7e9047b4606ba91184

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
server: nginx
etag: "70dc2d1e85f8b46c0851a31b57494c0bdb743209"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19068

GET
H2 200 l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 18 KB
18 KB 28ms
5ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 94ff1886b75337d9ecd8fd6c1ea51aee392e6013ac927b81a01fa62d7b79d08b

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:50 GMT
server: nginx
etag: "fa20d38ca87af1153085d9146b698f2bb93b7223"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 18468

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cutimes.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 9467
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:03 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 38ms
10ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cutimes.com
Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 9470
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:00 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 36ms
9ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cutimes.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 9464
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:06 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 40ms
13ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cutimes.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 9469
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:01 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 76ms
7ms Script
application/x-javascript 2600:9000:2057:0:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202003232302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:0:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:40:45 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 66
etag: W/"5ea23d45-8e68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 84HebwjSIzD6C-HCLjeGPPP7PW_u4UUQvRqtRXYoK3WvxwQu_JG2DQ==
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
expires: Mon, 14 Sep 2020 15:40:45 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
19 KB 78ms
15ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.87.js?utv=ut4.39.202007222226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9a1566a9237b6b7b03584c403452894df53d094784c5245d0d81ba353a03ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "632 / 316 of 1000 / last-modified: 1600080145"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18748
x-xss-protection: 0
expires: Mon, 14 Sep 2020 13:41:51 GMT

GET
H2

200

i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=01748cd9abd8001373810022a85900078003007000b08&tealium_account=alm&tealium_profile=main
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=01748cd9abd8001373810022a85900078003007000b08&tealium_account=alm&tealium_profile=main&goog...
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01748cd9abd8001373810022a85900078003007000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEHN4tbfZDieSUr...

43 B
970 B

25ms
23ms

Image
image/gif

35.156.179.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01748cd9abd8001373810022a85900078003007000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEHN4tbfZDieSUrlh0O8q1GI&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.179.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Origin
x-serverid: uconnect_i-0d9aa396d5dadb4ea
x-tid: 01748cd9abd8001373810022a85900078003007000b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
x-region: eu-central-1
x-acc: alm:main:2:vdata
content-length: 43
pragma: no-cache
x-did: 01748cd9abd8001373810022a85900078003007000b08
content-type: image/gif
x-ulver: a03881e69bff6c92d36142bb546a7f64bd6d7e25-SNAPSHOT
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-uuid: 6ef15ee4-887a-4af2-b14c-77904de97820
expires: Mon, 14 Sep 2020 13:41:51 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:51 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01748cd9abd8001373810022a85900078003007000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEHN4tbfZDieSUrlh0O8q1GI&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Feature_1.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/09/ 15 KB
16 KB 668ms
668ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/09/Feature_1.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4c3d3ec75fffee80ec5817de6b4296b464e2aab3f94900fe8fe82ee85e36607

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 15813
cf-request-id: 052e72ca44000005b3eda55200000001
last-modified: Tue, 08 Sep 2020 22:07:35 GMT
server: cloudflare
etag: "d01d25-3dc5-5aed49000d523"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a8723a81a05b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 FR_3.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/09/ 8 KB
8 KB 562ms
561ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/09/FR_3.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e96686618f40e7f50752db166a2af8dd320de7f63b0d4fe858ef493c774f0853

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 7944
cf-request-id: 052e72ca47000005b3eda5b200000001
last-modified: Tue, 08 Sep 2020 22:07:36 GMT
server: cloudflare
etag: "d01d26-1f08-5aed490044fc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a8723a82e05b3-FRA
x-vnode: 27
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 shutterstock_1431394355.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/09/ 10 KB
10 KB 525ms
524ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/09/shutterstock_1431394355.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d5111396fe2cd9014f5abc984719393a9c7bf29e4a2e9b433a04915f07edbef

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 9764
cf-request-id: 052e72ca48000005b3eda5d200000001
last-modified: Tue, 08 Sep 2020 22:05:15 GMT
server: cloudflare
etag: "d01d20-2624-5aed487a754d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a8723a83405b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 shutterstock_795544381.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/09/ 9 KB
9 KB 444ms
441ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/09/shutterstock_795544381.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc6e648e08f3a233ff62180178040fcccc0f5fcd6ba5650a495145ec95382f20

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 9166
cf-request-id: 052e72cb06000005b3eda77200000001
last-modified: Tue, 08 Sep 2020 22:05:15 GMT
server: cloudflare
etag: "d01d1e-23ce-5aed487a4ff29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a8724dc2b05b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 Info_900x1039.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/09/ 12 KB
12 KB 451ms
450ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/09/Info_900x1039.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c34746eb896a4a3fc87a58ced3eac4c264a301416ecd1a4093a50ec6b941aa43

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=13108, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 12331
cf-request-id: 052e72cb36000005b3eda7f200000001
last-modified: Tue, 08 Sep 2020 22:05:15 GMT
server: cloudflare
etag: "d01d1f-3334-5aed487a50ae1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a87252d3805b3-FRA
x-vnode: 21
expires: Mon, 14 Sep 2020 17:41:51 GMT

GET
H2 200 Navy-Federal-Credit-Union-branch-e1598393190282.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/08/ 13 KB
14 KB 423ms
423ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/08/Navy-Federal-Credit-Union-branch-e1598393190282.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e010b8d2444eca54f5949183f138aeb9e298f6ca469ca47c35edaf6703dc08f3

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=14104, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 13435
cf-request-id: 052e72cc58000005b3eda95200000001
last-modified: Tue, 25 Aug 2020 22:09:32 GMT
server: cloudflare
etag: "8615a4-3718-5adbaf52cc667"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a8726fa0f05b3-FRA
x-vnode: 28
expires: Mon, 14 Sep 2020 17:41:52 GMT

GET
H2 200 coronavirus-money-e1596655249679.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/08/ 20 KB
20 KB 523ms
523ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/08/coronavirus-money-e1596655249679.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c585ba75536bdf2746f5c823882a00d348f9ea4f226b35e331d10459d290656

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 20659
cf-request-id: 052e72cc6f000005b3eda97200000001
last-modified: Thu, 06 Aug 2020 19:14:43 GMT
server: cloudflare
etag: "871062-50b3-5ac3a4cf9ea78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a87271a7205b3-FRA
x-vnode: 28
expires: Mon, 14 Sep 2020 17:41:52 GMT

GET
H2 200 credit-cards-stack-e1531930927388.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2018/07/ 12 KB
12 KB 423ms
420ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2018/07/credit-cards-stack-e1531930927388.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89547cf11012b14e0d948446ac4c6edf325e49387044c19a6fbceba4322afe2

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
content-length: 11948
cf-request-id: 052e72cc7e000005b3eda9a200000001
last-modified: Mon, 25 Feb 2019 18:48:09 GMT
server: cloudflare
etag: "5c7f32-2eac-582bc61c9dd58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a87273ab705b3-FRA
x-vnode: 145
expires: Mon, 14 Sep 2020 17:41:52 GMT

GET
H2 200 executive-award-e1542635323770.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2018/11/ 12 KB
12 KB 416ms
408ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2018/11/executive-award-e1542635323770.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f3e0d6c3d8c261eaddc0378f8c4e5fa45497f349b3d125b10f428ac5096717

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=13093, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 12535
cf-request-id: 052e72ccc8000005b3eda9f200000001
last-modified: Fri, 22 Feb 2019 20:54:02 GMT
server: cloudflare
etag: "5c43a7-3325-58281ca7726a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a8727abed05b3-FRA
x-vnode: 28
expires: Mon, 14 Sep 2020 17:41:52 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 22 KB
8 KB 31ms
11ms Script
application/x-javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
content-encoding: gzip
last-modified: Mon, 14-Sep-2020 13:41:51 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Mon, 21 Sep 2020 13:41:51 GMT

POST
H2 200 i.gif Show response
collect.tealiumiq.com/alm/main/2/ 43 B
749 B 102ms
45ms XHR
image/gif 35.156.179.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/alm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.179.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryjA3jHZL69Hp5uMct

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
x-serverid: uconnect_i-01ab5f06dcaa80950
x-tid: 01748cd9abd8001373810022a85900078003007000b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
x-region: eu-central-1
x-acc: alm:main:2:datacloud
content-length: 43
pragma: no-cache
x-did: 01748cd9abd8001373810022a85900078003007000b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-ulver: a03881e69bff6c92d36142bb546a7f64bd6d7e25-SNAPSHOT
x-uuid: b5016cc3-8ea0-4ae6-87d8-bf1f153592d0
expires: Mon, 14 Sep 2020 13:41:51 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 206ms
49ms Script
application/javascript 52.16.104.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?148
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.104.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-104-252.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c293a28e23c66b27bd04bc1742f3aab0ebf6c382961c1e83140f035a08ea5e5d

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 13:41:51 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Sep 2020 18:51:40 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=18588
Connection: keep-alive
Content-Length: 11932
Expires: Mon, 14 Sep 2020 18:51:40 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 163ms
162ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202009111723&cb=1600090911386
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 14 Sep 2020 13:51:51 GMT

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=34A2723A3DAA4BB394459F8242C5B40B
https://um.simpli.fi/aa_px?sk=164880703544000981879

43 B
409 B

38ms
37ms

Image
image/gif

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164880703544000981879

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 13 Sep 2020 13:41:51 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:51 GMT
server: AAWebServer
status: 302
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://um.simpli.fi/aa_px?sk=164880703544000981879
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 s62911690243789
b.law.com/b/ss/almcut,almglobal/1/JS-1.6/ 43 B
244 B 42ms
42ms Image
image/gif 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.law.com/b/ss/almcut,almglobal/1/JS-1.6/s62911690243789?AQB=1&ndh=1&pf=1&t=14%2F8%2F2020%2015%3A41%3A51%201%20-120&mid=77149706308582961843421195697248625035&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=cut%3Ahome&g=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&cc=USD&ch=cut%3Ahome&server=cut&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c7=undefined%20%7C%20undefined&v24=cut&c30=home&v30=D%3Dc30&c40=42&c41=9%3A30am&v41=D%3Dc41&c42=monday&v42=D%3Dc42&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
x-content-type-options: nosniff
x-c: master-1347.Ibe097b.M0-443
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 15 Sep 2020 13:41:51 GMT
server: jag
xserver: anedge-5bd4cfd76-d6qrw
etag: 3436169066771218432-4614336075325811881
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 13 Sep 2020 13:41:51 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
409 B 47ms
47ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 13 Sep 2020 13:41:51 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
182 B 30ms
9ms Image
image/gif 2a02:26f0:10c:581::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=qkq4rhw&ht=tk&h=www.cutimes.com&f=139.169.175.5474.25136.14541.14546.14548&a=702529&js=1.20.0&app=typekit&e=js&_=1600090911686
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:581::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
last-modified: Wed, 24 Jun 2020 21:05:53 GMT
server: nginx
etag: "5ef3c031-23"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK 01748cd9abd8001373810022a85900078003007000b08 Show response
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 27 B
324 B 139ms
35ms Script
application/javascript 52.28.233.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-eu-central-1.tealiumiq.com/alm/main/01748cd9abd8001373810022a85900078003007000b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1600090911712

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.233.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Version: 2102b23187ef247cb7ff05459f63de9dd5c2c899-SNAPSHOT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Region: eu-central-1
Connection: keep-alive
Content-Length: 27
X-NodeId: i-0c1343c11099b7dc5
Content-Type: application/javascript; charset=utf-8

GET
H2 200 WOCCU-e1599591057161.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/09/ 14 KB
14 KB 429ms
424ms Image
image/jpeg 2606:4700::6812:1e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/09/WOCCU-e1599591057161.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a9552c638b5abee40f33731d470273da39c1917b17c130404de0660fd83f657

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-polished: origSize=15154, status=webp_bigger
x-cache: MISS
status: 200
backend: contribsreimg_prod_director
cf-bgj: imgq:100,h2pri
content-length: 14316
cf-request-id: 052e72cce7000005b3edaa4200000001
last-modified: Fri, 11 Sep 2020 14:06:26 GMT
server: cloudflare
etag: "d0204e-3b32-5af0a30c69b8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=14400
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
accept-ranges: bytes
cf-ray: 5d2a8727dc7605b3-FRA
x-vnode: 28
expires: Mon, 14 Sep 2020 17:41:52 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 361ms
124ms Image
image/gif 54.173.18.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=cutimes.com&p=%2F&u=CDdB-yBnCXSYCXo_j3&d=cutimes.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7798&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3618&t=DA22ruW8v80CmjrayKXmZeDHGGZn&V=120&i=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&tz=-120&sn=1&sv=CenkiGBUtrEpBdTl6pj3MKqSWce7&sd=1&im=067b2ef3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.18.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 14 Sep 2020 13:41:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 pubads_impl_2020090701.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 126ms
57ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

sffe /

Resource Hash

22bbb6b40bd42c0475a9a999d1a60f7e16760777f89b418722efdfb9f9532996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 08:38:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94141
x-xss-protection: 0
expires: Mon, 14 Sep 2020 13:41:51 GMT

GET
H2 200 rules-p-tet4NLTPxSXJn.js Show response
rules.quantcount.com/ 3 KB
1 KB 134ms
113ms Script
application/x-javascript 2600:9000:2057:2800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-tet4NLTPxSXJn.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2017 01:28:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "f0a36155fe2ee3d6ce46f06d32dfc5df"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-id: g8M9UmjcjMhhIiIB_tvojQcxWCbO28CvItNWxsQocagQUF_kOyPTfw==
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=34A2723A3DAA4BB394459F8242C5B40B

0
0

128ms
38ms

Image
text/html

143.204.215.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=34A2723A3DAA4BB394459F8242C5B40B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-40.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 14 Sep 2020 13:41:51 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=34A2723A3DAA4BB394459F8242C5B40B
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 13 Sep 2020 13:41:51 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 644 B
1 KB 58ms
55ms Script
application/javascript 52.16.104.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&pv=1600090911881_zih46dptc&bl=en-us&cb=4900132&return=&ht=&d=&dc=&si=1600090911881_zih46dptc&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?148
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.104.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-104-252.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 55fcc36d404b4d875c92237054ba62953d74b8c1d7a94963b3a4d64fd8ac5014

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 468
Expires: 0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 38ms
34ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 13 Sep 2020 13:41:51 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 40ms
40ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 13 Sep 2020 13:41:51 GMT

GET
H2 200 pixel;r=1658313882;labels=ALM%20Financial.Credit%20Union%20Times;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146;fpan=1;fpa=P0-1001251089-1600090912006;ns=0;...
pixel.quantserve.com/ 35 B
371 B 10ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1658313882;labels=ALM%20Financial.Credit%20Union%20Times;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146;fpan=1;fpa=P0-1001251089-1600090912006;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=cutimes.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1600090912006;tzo=-120;ogl=type.website%2Ctitle.Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times%2Csite_name.Credit%20Union%20Times%2Curl.https%3A%2F%2Fwww%252Ecutimes%252Ecom%2F%2Cimage.%2F%2Fimages%252Ecutimes%252Ecom%2Fmedia%2Fmaster-template%2Fsocial-share-logos%2Fsocial-share-cut-7%2Cdescription.Credit%20Union%20Times%20investment%20management%20topics%20are%20delivered%20with%20keen%20indusry%20

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
266 B 82ms
24ms XHR
application/json 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:52 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 200 adreq Show response
ads.servenobid.com/ 222 B
464 B 286ms
159ms XHR
application/json 52.212.5.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=450
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 940a74fc39455a0851b8ab872aa97071323d5503762784e81665e471f521a635

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 161ms
161ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9ca841cce80db57b948f0f1a1d235cb34ca2fb5561476bfff4448329f85e3cba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:52 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.51:80
AN-X-Request-Uuid: 37f70f55-a4e4-4542-861f-240f628b75e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 481ms
249ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 122ms
71ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

192de9e946a90570e67fb656898b1d3d2dbec5cf3d20899dcb26e6bf44d8ce12

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:52 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.137:80
AN-X-Request-Uuid: 36cbd2d8-7712-4379-9cc0-e1ed58a87459
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 222 B
464 B 241ms
135ms XHR
application/json 52.212.5.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5407
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 940a74fc39455a0851b8ab872aa97071323d5503762784e81665e471f521a635

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 B
266 B 101ms
24ms XHR
application/json 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:52 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 475ms
229ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 2 B
266 B 110ms
25ms XHR
application/json 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:52 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 111ms
50ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5d9aa9dee627fd0311b2ee7c48687d74d4bd499c25abcffeba3b132aefe23657

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:52 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid: 1b767d6a-8570-4c5f-b466-fbfd3a482135
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 222 B
464 B 215ms
116ms XHR
application/json 52.212.5.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=2557
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 940a74fc39455a0851b8ab872aa97071323d5503762784e81665e471f521a635

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 468ms
228ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 487ms
250ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 97ms
44ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e2bcf4102349f0cd5fdcb72d6cd14907309be7004762f8fa3d52f9d25c328b1d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:52 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.151:80
AN-X-Request-Uuid: 6841e505-e6c6-4120-986f-3e8e10399595
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 222 B
464 B 204ms
114ms XHR
application/json 52.212.5.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=7137
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 940a74fc39455a0851b8ab872aa97071323d5503762784e81665e471f521a635

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
266 B 71ms
23ms XHR
application/json 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:52 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 52ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cutimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 50ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cutimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
2 KB 113ms
75ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=position%3Dfooter&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912224&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=8751&adks=861478772&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x8841&msz=1600x90&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

19cddda1a9e63e54c17fd2ef1903b1650f06f5831b9cbc492cedc9cbd02b5978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2328
x-xss-protection: 0
google-lineitem-id: 4594036698
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138226581719
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
67edcf84f6880fb43d9ecfb09f2d9350.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 71ms
16ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://67edcf84f6880fb43d9ecfb09f2d9350.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 42ms
9ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
835 B 102ms
71ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=position%3Dinterstitial&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912248&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=0&adks=1969790685&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x8841&msz=1600x1&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

6ac5fb28b5242f3daf1596aae06370571e7a2b57612b762a6dc220b7d14ee121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 78ms
71ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=645x300&prev_scp=position%3Dd_footer&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912254&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=210&adys=8085&adks=4021305364&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x300&msz=1180x300&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

d506190ae7e775bf95029e1164e52348d6f41f8a313697b7f32c5da557a438a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2727
x-xss-protection: 0
google-lineitem-id: 4598612399
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138226921347
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
2 KB 73ms
68ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x450&prev_scp=position%3Dd_right_rail&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912284&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=2092&adks=682374457&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x951&msz=300x450&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

e3d9ff8877c75250401f08c7f04e0f450f07b68ef5e92b792f58e28385eefc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2413
x-xss-protection: 0
google-lineitem-id: 4583767874
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138225750724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 510ms
486ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Dtop2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912304&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=230&adys=8405&adks=3900858017&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x130&msz=1140x90&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

6cca3ba0a81c29809eb74e6fc378dfbb76b727fa82f8e663ab9dcccb7f63445c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11797
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 B
249 B 468ms
461ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1400x320&prev_scp=position%3Dsuper_hero&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912329&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=100&adys=1&adks=3917720313&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x320&msz=1600x320&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

3a3925a5471123eff562de1d89ab33da4e27c3fa8b67203da3843b5fd28c5671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 411 B
253 B 450ms
449ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x2&prev_scp=position%3Dnative_single1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912353&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=210&adys=1276&adks=2845293689&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=850x2764&msz=850x2&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

639a16fca910eb03ea92ecc62a54a00ed3f16fef8175ce5fdd46af8b8b613824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
242 B 433ms
429ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x2&prev_scp=position%3Dnative_single2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912370&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=210&adys=1791&adks=2845293688&ucis=8&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=850x2764&msz=850x2&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

b539d1b49f122a9bc1848fd99f4ceb24e9702d15c8cce313987250b6da579375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
248 B 425ms
424ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x2&prev_scp=position%3Dnative_collection&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912385&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=2060&adks=368509216&ucis=9&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x2&msz=300x2&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

3c83708266abbc196f0d54048ada00b9b67cca2270173d5334aea17faef506ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 414 B
257 B 397ms
386ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1090x95&prev_scp=position%3Des_pushdown&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912396&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=255&adys=965&adks=4000283948&ucis=a&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x8841&msz=1600x95&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

568dcbef00630083bac5e920152c656883c3702bfd37893141af955f51d0a45d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
246 B 382ms
375ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&prev_scp=position%3Des_logo_pushdown&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912436&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=260&adys=924&adks=3316484052&ucis=b&ifi=11&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x8841&msz=1080x31&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

17894c85c8bcba083353d5825b75d0e5062a0c9b264b9a88861f45d881345b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 214
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 B
250 B 368ms
367ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x400&prev_scp=position%3Des_rr_module&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912448&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=1161&adks=3343328048&ucis=c&ifi=12&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x431&msz=300x400&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

deccc92c610ece5f1c0ab3f2eb5148202f7523c2888bccda1dd730c8c2b1ea00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
243 B 366ms
364ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&prev_scp=position%3Des_logo_rr&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912458&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=1130&adks=3770076490&ucis=d&ifi=13&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x431&msz=300x31&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

841d64c973bfaa2b0d537a6a09e600cffaa2feaeebfe5d0e8d73721fbcd49ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
247 B 349ms
348ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=88x31%7C150x31&prev_scp=position%3Dii_logo&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1600090912&dt=1600090912465&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=210&adys=4066&adks=3321161185&ucis=e&ifi=14&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x31&msz=1180x31&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

e802988297e04c0c23bcc4e90a2cb741b3789d7b51aed6437ae7517110fe047d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020090701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40ef96bb4242b99c8a35c40583ca16751aaba7a7ffdc538709060300cc64d5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6406
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 60E5 0
0 68ms
67ms Fetch
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2NUHyiBwWV1kiARt7yhSqBzKXKEF8sCyDJmrJvls9Nj3Qb3hS59gl753MzpFFiw4UkbJ0NtDY9KO-tQ5X-BW-GdLUWbes9J0a4yFKVsItKpEQsZiGxrwY07Ei1xUpDvutFKBanYM-4l1HTNEqcq7FruJzQ-mmHfsV7nQ17K9enA1g4J5UDyQ0sy8yMiW4EsuwpfPBeYIWR8Nyh9POP45f5F2k5ovRdJBhYqi15zOZt6NT4XvI3L5pAr6sjqxFSv_Dn65euSmcayA&sig=Cg0ArKJSzJ2lJjSMcMtnEAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:52 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 smart_cutimes.epl
www.dianomi.com/ Frame AC90 0
0 183ms
94ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20200814094146

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20200814094146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200814094146
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

status: 200
date: Mon, 14 Sep 2020 13:41:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d87daf984ce00140dbb41e42eb4c6673e1600090912; expires=Wed, 14-Oct-20 13:41:52 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2232/12.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 052e72cf940000cc3e0f22d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d2a872c2ccfcc3e-ZRH
content-encoding: br
cf-h2-pushed: </img/a/pss/2232/12.css>

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60E5 74 KB
28 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a55cb35db6842298c40fdef3e7e6e84a243de080837cb0ec1fba94dea19513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599824047903655"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28764
x-xss-protection: 0
expires: Mon, 14 Sep 2020 13:41:52 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 60E5 284 KB
97 KB 62ms
57ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: df5cc429c122a016592c785ff260ddcb876acbb930401c486e5295c2f2e3fc1a

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 20:22:22 GMT
server: AmazonS3
x-amz-request-id: 1B9ED17C6813FE0F
etag: "843f96fb08dc8ab7fac1326505d97f98"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21288
accept-ranges: bytes
content-length: 98419
x-amz-id-2: Hrzek8jcL54W9KLqjawjlBQ7Bn2lw9j+Ic+CI5TBJBQDeuTDHMiGVgToUTo8510UmVOsO77JhPE=

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599824047903655"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27476
x-xss-protection: 0
expires: Mon, 14 Sep 2020 13:41:52 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5A10 0
0 69ms
67ms Fetch
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGPbNY9UIlgAVMspPuy6037BB1S2YKql7sC4TmaH7qVS99arPrIL85gjCf5wEonfMmKJ8Eo2WGoflT-rlMO4Ul6BUJ_XSe8kkKRSxUIWQTg442DUgEmhRlZmIYndorOAeqhXDazKFNdTSMUCi179cEIm4r4eg_Nr9GWYygLtNeImXawalQl29OuV7HhmUdnVDFdnb3ZBR1OSDUx683kjPuRo9QW8Tq86Qw_p6BQ_aQfu8mRLjy75bnI1bKm9xOKHT6EjMAprhp7ug&sig=Cg0ArKJSzICB-PDQwWxlEAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:52 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A10 74 KB
28 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a55cb35db6842298c40fdef3e7e6e84a243de080837cb0ec1fba94dea19513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599824047903655"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28764
x-xss-protection: 0
expires: Mon, 14 Sep 2020 13:41:52 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 5A10 284 KB
97 KB 67ms
66ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: df5cc429c122a016592c785ff260ddcb876acbb930401c486e5295c2f2e3fc1a

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 20:22:22 GMT
server: AmazonS3
x-amz-request-id: 1B9ED17C6813FE0F
etag: "843f96fb08dc8ab7fac1326505d97f98"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21288
accept-ranges: bytes
content-length: 98419
x-amz-id-2: Hrzek8jcL54W9KLqjawjlBQ7Bn2lw9j+Ic+CI5TBJBQDeuTDHMiGVgToUTo8510UmVOsO77JhPE=

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 97B6 0
0 36ms
12ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200814094146
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 14 Sep 2020 12:50:33 GMT
expires: Tue, 14 Sep 2021 12:50:33 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3079
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

451

398696.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=34A2723A3DAA4BB394459F8242C5B40B;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=34A2723A3DAA4BB394459F8242C5B40B;mimetype=img;sr
https://idsync.rlcdn.com/398696.gif?partner_uid=4582076349096742333

0
42 B

33ms
33ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398696.gif?partner_uid=4582076349096742333
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 451
date: Mon, 14 Sep 2020 13:41:53 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
anserver: gapp-eu-5.c.datonics-gcp-01.internal
location: https://idsync.rlcdn.com/398696.gif?partner_uid=4582076349096742333
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=34A2723A3DAA4BB394459F8242C5B40B&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=34A2723A3DAA4BB394459F8242C5B40B&j=0&xl8blockcheck=1

0
2 KB

47ms
41ms

Image
text/plain

147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=34A2723A3DAA4BB394459F8242C5B40B&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 14 Sep 2020 13:41:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Mon, 14 Sep 2020 13:41:53 GMT
server: nginx
x-powered-by: Undertow/1
status: 302
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=34A2723A3DAA4BB394459F8242C5B40B&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 44ms
40ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 13 Sep 2020 13:41:52 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
227 B 379ms
379ms XHR
application/json 88.214.194.242
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.214.194.242 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:53 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 200 adreq Show response
ads.servenobid.com/ 222 B
464 B 101ms
99ms XHR
application/json 52.212.5.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=1212
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 940a74fc39455a0851b8ab872aa97071323d5503762784e81665e471f521a635

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 B
266 B 25ms
24ms XHR
application/json 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 14 Sep 2020 13:41:52 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 49ms
49ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ada8b43f800c66d55364ee22b0d7b39b4784b7a3d8958244d241f29f25ea0782

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:52 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.156:80
AN-X-Request-Uuid: c383ab6e-6e66-4cbd-99d0-924c08f0de6f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
6 KB 130ms
127ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Dtop&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3D227300c815f1e4d6%3AT%3D1600090912%3AS%3DALNI_MYAGBD1UdOETgR8NEg6jePu7Z8qfw&bc=31&abxe=1&lmt=1600090912&dt=1600090912693&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=230&adys=623&adks=2736157804&ucis=f&ifi=15&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=50&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x130&msz=1140x90&psts=AGkb-H97WMSucDzD3nQTBxAeN97I59RuNWxIx18F8f_O1CIEF0N2fDFSrRT3Nb7_xFspVPmVgQUG4McPWQg-0oJXc11Njw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-EuKLxTUu3BqsxEOVkFHtER0G9HgDg-9vYFhmr-cTbarpEmS3toz5jbf3-pLPcMkgsVopdwKNVivuLPfF52lyJLg%2CAGkb-H_cObHkKFWmJT5TDDcQggdTkLWS6TQ4Q9qmrB5Quka6IfZuaIt-fed8OYtr_pIB0QAKNwSodTD7UpMZQyLUlAoD-g&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

d03912a982e301543324679c8503b9dd78bd5a7de4ae69563b67da692cba8524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5669
x-xss-protection: 0
google-lineitem-id: 5451867738
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321291299
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
11 KB 424ms
424ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3Dmiddle&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3D227300c815f1e4d6%3AT%3D1600090912%3AS%3DALNI_MYAGBD1UdOETgR8NEg6jePu7Z8qfw&bc=31&abxe=1&lmt=1600090912&dt=1600090912732&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=733&adks=4142453217&ucis=g&ifi=16&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=50&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H97WMSucDzD3nQTBxAeN97I59RuNWxIx18F8f_O1CIEF0N2fDFSrRT3Nb7_xFspVPmVgQUG4McPWQg-0oJXc11Njw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-EuKLxTUu3BqsxEOVkFHtER0G9HgDg-9vYFhmr-cTbarpEmS3toz5jbf3-pLPcMkgsVopdwKNVivuLPfF52lyJLg%2CAGkb-H_cObHkKFWmJT5TDDcQggdTkLWS6TQ4Q9qmrB5Quka6IfZuaIt-fed8OYtr_pIB0QAKNwSodTD7UpMZQyLUlAoD-g&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

21e4ff3d7d3ca227fdbd2b882c7de4cafea8ab91d24bf430959a2ac101eb307a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11742
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 308 B
162 B 818ms
817ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Dtop1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3D227300c815f1e4d6%3AT%3D1600090912%3AS%3DALNI_MYAGBD1UdOETgR8NEg6jePu7Z8qfw&bc=31&abxe=1&lmt=1600090912&dt=1600090912744&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=230&adys=3459&adks=3900858016&ucis=h&ifi=17&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=50&icsg=844424975011776&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x130&msz=1140x90&psts=AGkb-H97WMSucDzD3nQTBxAeN97I59RuNWxIx18F8f_O1CIEF0N2fDFSrRT3Nb7_xFspVPmVgQUG4McPWQg-0oJXc11Njw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-EuKLxTUu3BqsxEOVkFHtER0G9HgDg-9vYFhmr-cTbarpEmS3toz5jbf3-pLPcMkgsVopdwKNVivuLPfF52lyJLg%2CAGkb-H_cObHkKFWmJT5TDDcQggdTkLWS6TQ4Q9qmrB5Quka6IfZuaIt-fed8OYtr_pIB0QAKNwSodTD7UpMZQyLUlAoD-g&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

0686c4b1da37e3ccb773798e752e8ec844e5054d3d82766aea659ad6f743ac8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=34A2723A3DAA4BB394459F8242C5B40B

0
421 B

521ms
122ms

Image
text/plain

34.206.196.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=34A2723A3DAA4BB394459F8242C5B40B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.196.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 14 Sep 2020 13:41:53 GMT

Redirect headers

date: Mon, 14 Sep 2020 13:41:52 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://sync.bfmio.com/sync?pid=141&uid=34A2723A3DAA4BB394459F8242C5B40B
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 13 Sep 2020 13:41:52 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 14 Sep 2020 13:41:52 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
6 KB 1046ms
1045ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3Dmiddle1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3D227300c815f1e4d6%3AT%3D1600090912%3AS%3DALNI_MYAGBD1UdOETgR8NEg6jePu7Z8qfw&bc=31&abxe=1&lmt=1600090912&dt=1600090912772&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=1975&adks=742170920&ucis=i&ifi=18&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=51&icsg=3377699900047106&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H97WMSucDzD3nQTBxAeN97I59RuNWxIx18F8f_O1CIEF0N2fDFSrRT3Nb7_xFspVPmVgQUG4McPWQg-0oJXc11Njw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-EuKLxTUu3BqsxEOVkFHtER0G9HgDg-9vYFhmr-cTbarpEmS3toz5jbf3-pLPcMkgsVopdwKNVivuLPfF52lyJLg%2CAGkb-H_cObHkKFWmJT5TDDcQggdTkLWS6TQ4Q9qmrB5Quka6IfZuaIt-fed8OYtr_pIB0QAKNwSodTD7UpMZQyLUlAoD-g&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

a79bf22e30f5c611c094b5b7c1fc293017b134e7928f2b9e9dbb673c1029253e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6474
x-xss-protection: 0
google-lineitem-id: 5451901887
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138320393150
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=22052&dpuuid=3613120974125793282&redir=
dpm.demdex.net/ 42 B
915 B 79ms
58ms Image
image/gif 54.154.62.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3613120974125793282&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.62.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-0af6758bb.edge-irl1.demdex.com 5.78.0.20200908113611 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 2tcbfNEZRuw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3613120974125793282
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMzEyMDk3NDEyNTc5MzI4MhAAGg0IoOb9-gUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=fd30566d11eda3cd10f5b77d673d9a7b322fe73eec824ad12dd8784e7e956a1df4cb09cee1a4f8eb&person_id=3613120974125793282&eid=50082

43 B
312 B

70ms
69ms

Image
image/gif

52.16.104.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=fd30566d11eda3cd10f5b77d673d9a7b322fe73eec824ad12dd8784e7e956a1df4cb09cee1a4f8eb&person_id=3613120974125793282&eid=50082
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.104.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-104-252.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 13:41:53 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Tue, 15 Sep 2020 09:41:53 GMT

Redirect headers

date: Mon, 14 Sep 2020 13:41:53 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=fd30566d11eda3cd10f5b77d673d9a7b322fe73eec824ad12dd8784e7e956a1df4cb09cee1a4f8eb&person_id=3613120974125793282&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=22f4c168-fdbb-4e9c-81ab-60319c1a2dd3
https://ml314.com/csync.ashx?fp=22f4c168-fdbb-4e9c-81ab-60319c1a2dd3&person_id=3613120974125793282&eid=53819

43 B
312 B

56ms
52ms

Image
image/gif

52.16.104.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=22f4c168-fdbb-4e9c-81ab-60319c1a2dd3&person_id=3613120974125793282&eid=53819
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.104.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-104-252.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 13:41:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Tue, 15 Sep 2020 09:41:53 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://ml314.com/csync.ashx?fp=22f4c168-fdbb-4e9c-81ab-60319c1a2dd3&person_id=3613120974125793282&eid=53819
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Tue, 15 Sep 2020 09:41:53 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613120974125793282
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613120974125793282
https://ml314.com/csync.ashx?fp=c5f74dcbd93acb4b3df41e311bbd6344&eid=50146&person_id=3613120974125793282

43 B
312 B

185ms
57ms

Image
image/gif

52.16.104.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=c5f74dcbd93acb4b3df41e311bbd6344&eid=50146&person_id=3613120974125793282
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.104.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-104-252.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 13:41:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Tue, 15 Sep 2020 09:41:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
status: 302
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=c5f74dcbd93acb4b3df41e311bbd6344&eid=50146&person_id=3613120974125793282
cache-control: no-cache
x-server: 10.45.3.54
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2cTf3EjOrqq0fBgF92GmQUjTNk_qkr9zfbA9BpAo9aoo&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ml314.com/csync.ashx?fp=2cTf3EjOrqq0fBgF92GmQUjTNk_qkr9zfbA9BpAo9aoo&person_id=3613120974125793282&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

32ms
31ms

Image
image/gif

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 13:41:53 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Mon, 14 Sep 2020 13:41:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Cache-Control: private
Connection: keep-alive
Content-Length: 193
Expires: Tue, 15 Sep 2020 09:41:53 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1514392788189636656&pixelIndex=0&_=1600090910704
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1514392788189636656&pixelIndex=0&_=1600090910704&google_gid=CAESECLigFpYaNmEn1oBz-uNAWs&google_cver=1

0
598 B

134ms
121ms

Script
text/javascript

3.229.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1514392788189636656&pixelIndex=0&_=1600090910704&google_gid=CAESECLigFpYaNmEn1oBz-uNAWs&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.100.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:52 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1514392788189636656&pixelIndex=0&_=1600090910704&google_gid=CAESECLigFpYaNmEn1oBz-uNAWs&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
66 B 99ms
38ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1514392788189636656
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 451
date: Mon, 14 Sep 2020 13:41:52 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 60E5 0
21 B 80ms
78ms Image
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVIwJztnABTg0V0oYwjOiY2pqwtv_MQ6DpOZmri3Ky5vIB_l8GkL5BpCn1yWtbXbEm3ZWRsdxcbcq1VUs_z5iItrfsePEEY8kyVbz56wSWcxjAB70s7_DQ072NbuJqjypIQp3pLPKa4pWTChn1xLqf5ugylYWDf8FB37wJ3LOMorGaTkPh3o4-QFdf-9dw6v2SYIxSK7ew0YOh0p-a-_Mb8HkIytH5_qKP0WcSSQbESk38kv6-qiy2AmfWlHKTXaFPltTpiPfYQXsx4w&sig=Cg0ArKJSzMIEFYQ2CkM5EAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:52 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 60E5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 181b857630c087670f0d86121e26a8285447f3e18e126d2b823b94d1c3183692

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 78ms
67ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1600090912921&de=536682719322&m=0&ar=440eac9-clean&iw=42b3e3b&q=2&cb=0&ym=0&cu=1600090912921&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&zMoatMData=1&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3604%3A3604%3A3619%3A3575&tz=d_footer&iq=na&tt=na&tu=1&fs=184562&na=746471003&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
165 B 68ms
67ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=938417673652625&r=728x90%7C970x90%7C970x250&w=970&h=250&a=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009010507000/ Frame 6D33 206 KB
57 KB 72ms
5ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1835
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57296
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 13:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e379dcbf00ec980"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 13:11:18 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 6D33 16 KB
6 KB 84ms
17ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15580
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 09:22:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c8394c73e5080432"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 09:22:13 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 6D33 95 KB
29 KB 82ms
16ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1866
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29275
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 13:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56557b91d9fb04b1"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 13:10:47 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 6D33 4 KB
2 KB 82ms
16ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15580
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1795
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 09:22:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0cc102b09e8903d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 09:22:13 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 6D33 47 KB
14 KB 79ms
13ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15579
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14591
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 09:22:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4ca25f57e218a94a"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 09:22:14 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 6D33 7 KB
1 KB 71ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 12:00:26 GMT
server: ESF
date: Mon, 14 Sep 2020 13:41:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3620702344865397605/ Frame 6D33 64 KB
65 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3620702344865397605/downsize_200k_v1?w=600&h=314

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

152f878f5fc44ffd8e8bbe8ae601a640cdf4c4fd6a915633c0a5c9b51fd9d2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 21:22:57 GMT
x-content-type-options: nosniff
age: 317936
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65984
x-xss-protection: 0
last-modified: Sun, 10 May 2020 20:51:29 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 21:22:57 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/261858287594200900/ Frame 6D33 25 KB
26 KB 6ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/261858287594200900/downsize_200k_v1

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba56c4931c6b1939e8a46ecdf794f91a906d7c6e45df3cf6f110075735485412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 02:09:08 GMT
x-content-type-options: nosniff
age: 559965
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25974
x-xss-protection: 0
last-modified: Sun, 10 May 2020 20:51:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Sep 2021 02:09:08 GMT

GET
DATA 200
OK truncated
/ Frame 6D33 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6D33 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6246ba8541691078d893b1c470688e94e583f15b0086c3cf69bb9c893b23cba9

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D33 2 KB
3 KB 47ms
47ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 50859
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D33 295 B
388 B 50ms
49ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 56912
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Sep 2020 21:53:21 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6D33 0
0 52ms
51ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHgvFdF__d8N7ew9PZ7vJsD02lW5NKAf5BhtdUKILsNZEW-mShuHmhOetY0C42aIefZiiPKV3PZhlUNwQsfdATB_AuWg
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6D33 0
0 61ms
60ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWQsrIHNfX-jnF6am3gPR4qrAA9_S9Jldn9X63o4Mv-EeEAEgm_Tta2D1lc6B4ASgAYmF8OIDyAEJqQKJ7uhjJOSzPuACAKgDAcgDCqoE-wFP0LXZyVWtM6bPwmbzwlLQq0w62kPtJsK8Z3bRhSN2eznFajI1lwkLBZQaSHl1L8ZeYDauhjkyQSKyL3Mg7LjYe2BU_DMj7cjOhq0HcxVXzsPO4CrdCieTJv_H_usn1sPDZyQYD9qJ5eekPChU1-Pl3xHToaczG52fNVvvKyhWvIhlT1BkSQvXqQ0-Qk7IBcCfEC7yRid-0LYZ7rLBzueMT1hEAvBBzCkgL8VrXIOfMlwln0jIE2eT-YO8myPp8fZL4oBbj6RbpeebF-p3eSDNbO0X7OJN8xAr1Hcsy0pVuHOPsQVUJevlAFZRRg0KWphzXBbdmAz8oGK0ucAE7Oe_vYwD4AQBkgUECAQYAZIFBAgFGASgBi6AB9_6jx2oB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwDyBwQQx7An0ggHCIBhEAEYHYAKA8gLAdgTDIgUAQ&sigh=ABGrWsw0T7A&template_id=484&tpd=AGWhJmtCCSIduUE-KESF3McIh9enCXDNwKxPM1zQIjhsLpzfKw
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B4D 0
0 75ms
61ms Fetch
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3A4_lRSXetRNDPfSLwETZW8F-UxuaCv7CXuSaL096CS-wtU6zB8sQFBfxi0QxfyPYFQHY-Ps6uk4E6irXOeX7ge7u6R9WmtPt6HKRC_usIRknf3FjoqpVZ7H5MAumx4IfLNxRa_Nnir95q_5sY778xivoAT5KbFgxUwWLOzIwj9wKWT245rOP96QJX-gxzQHjHFS6GromzKmd4Gf5UIYs6jQ2wrnn5RBlpiPg8rFDh5XoFQypMR60GXmW4wNC-wIN3F-Rggu23cY5&sig=Cg0ArKJSzICSceG8m0xNEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200909/r20110914/client/ Frame 1B4D 3 KB
1 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200909/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Sep 2020 09:35:33 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B4D 74 KB
28 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a55cb35db6842298c40fdef3e7e6e84a243de080837cb0ec1fba94dea19513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599824047903655"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28764
x-xss-protection: 0
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 1B4D 284 KB
97 KB 62ms
49ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: df5cc429c122a016592c785ff260ddcb876acbb930401c486e5295c2f2e3fc1a

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 20:22:22 GMT
server: AmazonS3
x-amz-request-id: 1B9ED17C6813FE0F
etag: "843f96fb08dc8ab7fac1326505d97f98"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21287
accept-ranges: bytes
content-length: 98419
x-amz-id-2: Hrzek8jcL54W9KLqjawjlBQ7Bn2lw9j+Ic+CI5TBJBQDeuTDHMiGVgToUTo8510UmVOsO77JhPE=

GET
H3-Q050 200 4136858795798781337
tpc.googlesyndication.com/simgad/ Frame 1B4D 37 KB
37 KB 21ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4136858795798781337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19a9762fe389e49d4e8a49a7ac09a93848d19a61068f9ca03ddd97359c6f1b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 18:41:01 GMT
x-content-type-options: nosniff
age: 241252
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38027
x-xss-protection: 0
last-modified: Thu, 27 Aug 2020 20:36:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Sep 2021 18:41:01 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=34A2723A3DAA4BB394459F8242C5B40B

62 B
329 B

279ms
174ms

Image
image/gif

23.8.6.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=34A2723A3DAA4BB394459F8242C5B40B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.8.6.203 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-8-6-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 13:41:53 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 5dee
Content-Type: image/gif

Redirect headers

date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://stags.bluekai.com/site/29931?id=34A2723A3DAA4BB394459F8242C5B40B
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 13 Sep 2020 13:41:53 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5A10 0
21 B 77ms
64ms Image
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssHts9qRnLvqRsIOAoNHvtcBlbD4AWpM22deZHAf6G78UkoCdviFs4jgoyvRcNgo__08GAMSDSh-CmBfHC1egl-cVfEvAQEU0soNLNnG37TP7t7Lr7Mx48ekzIS-j2aPbwh17D_-5SNJVbByyh1n08B4OWTE9ZFhSTfKoEFtsHGaEJa3ioLZ83d1CV9UNcrwg6BANXR43o0x0gS-Mot85Jh4Rm9mLjV6MplzJxc1In5mmCQs2nACkIesgw17phfdDeUbbxlPJPNIcOLg&sig=Cg0ArKJSzDcb5MCLoyPiEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

tpid=34A2723A3DAA4BB394459F8242C5B40B
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=34A2723A3DAA4BB394459F8242C5B40B

49 B
716 B

83ms
73ms

Image
image/gif

52.48.248.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=34A2723A3DAA4BB394459F8242C5B40B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
status: 200
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.170
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=34A2723A3DAA4BB394459F8242C5B40B
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 13 Sep 2020 13:41:53 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=34A2723A3DAA4BB394459F8242C5B40B
https://ce.lijit.com/merge?pid=2&3pid=34A2723A3DAA4BB394459F8242C5B40B&dnr=1

0
433 B

45ms
45ms

Image
text/plain

216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=34A2723A3DAA4BB394459F8242C5B40B&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:53 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:53 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=34A2723A3DAA4BB394459F8242C5B40B&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=34A2723A3DAA4BB394459F8242C5B40B

0
42 B

35ms
34ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=34A2723A3DAA4BB394459F8242C5B40B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 451
date: Mon, 14 Sep 2020 13:41:53 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://idsync.rlcdn.com/419566.gif?partner_uid=34A2723A3DAA4BB394459F8242C5B40B
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 13 Sep 2020 13:41:53 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame ADA8 0
0 9ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200814094146
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 14 Sep 2020 12:50:41 GMT
expires: Tue, 14 Sep 2021 12:50:41 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3072
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
195 B 1033ms
1032ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=938417673652625&correlator=3044825852850576&output=ldjh&impl=fifs&adsid=NT&eid=21067406%2C21066781%2C21067193%2C21067199&vrg=2020090701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200914&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=position%3Dmiddle2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3D6f7da81df2b6bdfe%3AT%3D1600090912%3AS%3DALNI_MY4FZOzclHjKSKaDz2U_Zx3Z2m8yA&bc=31&abxe=1&lmt=1600090913&dt=1600090913146&dlt=1600090907719&idt=4304&frm=20&biw=1600&bih=1200&oid=3&adxs=1090&adys=4338&adks=4082410414&ucis=j&ifi=19&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&dssz=49&icsg=844424975011776&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H_FHcdR8tOKUA6fbgSM32TpNSB0GFjSUlmtTPM4EvOU45XlaVQqo-0Rx4uyRDWPdG9y8kvcAMkxcgCTJk3TdqRKdw%2CAGkb-H97WMSucDzD3nQTBxAeN97I59RuNWxIx18F8f_O1CIEF0N2fDFSrRT3Nb7_xFspVPmVgQUG4McPWQg-0oJXc11Njw%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-EuKLxTUu3BqsxEOVkFHtER0G9HgDg-9vYFhmr-cTbarpEmS3toz5jbf3-pLPcMkgsVopdwKNVivuLPfF52lyJLg%2CAGkb-H_cObHkKFWmJT5TDDcQggdTkLWS6TQ4Q9qmrB5Quka6IfZuaIt-fed8OYtr_pIB0QAKNwSodTD7UpMZQyLUlAoD-g%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=971198663.1600090912&ga_sid=1600090912&ga_hid=812389778&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

4df30972b64ac3ed2d573fe2f412ec01df5ff2af514776b291d6caf7355b0672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6D33 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cutimes.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 9471
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:02 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6D33 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cutimes.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 9473
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 68ms
66ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.dianomi.com%2Fsmart_cutimes.epl%3Fid%3D3420%26url%3Dhttps%253A%2F%2Fwww.cutimes.com%2F%253Fslreturn%253D20200814094146&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090912921&de=536682719322&cu=1600090912921&m=42&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8418&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12&cd=0&ah=12&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_footer&iq=na&tt=na&tu=1&tc=0&fs=184562&na=1483067333&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B4D 0
21 B 71ms
69ms Image
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWWUB0h-7Vt1gKwNm-xTyrr9kLLDPhr7dVWMvQHCu9_B0pbxsjV6xhkD-80jFKZNAfr4ywZXCmbMpnXj5qeL4lyTtBBN0A43HF84Up6fbgVTCDIPI9H9z9byKQ-oURUZCfp_ujSzClvQmqaHvBvotmysHzhN0srNu-InZHGcmbALpMl8SjDjBulM_0YdHfaff9v7Zm9f6E9kLJIEsRIoxZIksBzj0AmxS08efFQdMIDaBw2JGuGBMFp8qKVXKfAZbY3JE2P0oPCK-UQ9o&sig=Cg0ArKJSzOoYcavOU8CqEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009010507000/ Frame 6082 206 KB
56 KB 73ms
16ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 5973
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57296
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 12:02:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e379dcbf00ec980"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 12:02:20 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 6082 16 KB
6 KB 71ms
15ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15580
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 09:22:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c8394c73e5080432"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 09:22:13 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 6082 95 KB
30 KB 63ms
8ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6008
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29275
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 12:01:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56557b91d9fb04b1"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 12:01:45 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 6082 4 KB
2 KB 72ms
15ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15580
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1795
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 09:22:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0cc102b09e8903d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 09:22:13 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 6082 47 KB
14 KB 71ms
15ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15579
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14591
x-xss-protection: 0
server: sffe
date: Mon, 14 Sep 2020 09:22:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4ca25f57e218a94a"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 09:22:14 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 6082 7 KB
747 B 57ms
54ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 11:53:11 GMT
server: ESF
date: Mon, 14 Sep 2020 13:41:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6082 2 KB
2 KB 13ms
11ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 50859
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6082 295 B
320 B 51ms
49ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 56912
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Sep 2020 21:53:21 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/3620702344865397605/ Frame 6082 95 KB
95 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3620702344865397605/2076313506083323656

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09a3c96ada466c416f4da0ad24231dcf6d35b9b04180855670188e44f1260a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 02:09:08 GMT
x-content-type-options: nosniff
age: 559965
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97233
x-xss-protection: 0
last-modified: Sun, 10 May 2020 20:51:47 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Sep 2021 02:09:08 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/261858287594200900/ Frame 6082 25 KB
25 KB 51ms
51ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/261858287594200900/downsize_200k_v1

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba56c4931c6b1939e8a46ecdf794f91a906d7c6e45df3cf6f110075735485412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 02:09:08 GMT
x-content-type-options: nosniff
age: 559965
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25974
x-xss-protection: 0
last-modified: Sun, 10 May 2020 20:51:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Sep 2021 02:09:08 GMT

GET
DATA 200
OK truncated
/ Frame 6082 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6082 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9843a28989b95af8269606bc2127ea6e803ee0ad46091fb22cf5d3dcdd9eaa68

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6082 0
0 52ms
52ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS37kJcaIP-Mwp9QW6PTDmCsoOJRKTrcDG5xTNU9v2GlN6Oo4APK2WeyCtDf16NntUVSP-w343uB71alv01WSavpFhp6Q
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6082 0
0 68ms
67ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CasF9IHNfX6XaMYKr3gPl_JzwB9_S9Jldn9X63o4Mv-EeEAEgm_Tta2D1lc6B4ASgAYmF8OIDyAEJqQLvq8eeKeezPuACAKgDAcgDCqoE-gFP0CrrAcfuv2oOTw7k7Mo4za9HAvujJ6MSoQwKQJbrTgMq5dgUUPpQU8z4Z7MswDr0-DNUTf1JD40mAyOFdobrQIqGgxvbAV1ix1WKzBrxipA8XpxXrOXt5Y_45qG4VZWqCs1aA9rcq6p0YEHtdFQZ0pbCRP3TO8BJiJrlIMb6YNDQ-LZAu72nBRlUZ_8ZDb0XiuDbMdd4TL0X3X8CutQCUqT5NvcaCUiwWfDtAfvZvo6L_BOgniZ3Joh5AUBFRxp1MDHavNbkAZw_0uu9SjTLxpXRtoZQShsuRoeUlZA78yH3l916-2DX4WjKgzF-Zsh1N7Bk-pJMI6f_wATs57-9jAPgBAGSBQQIBBgBkgUECAUYBKAGLoAH3_qPHagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAPIHBBDnuVPSCAcIgGEQARgdgAoDyAsB2BMMiBQB&sigh=st6rI1S23gU&template_id=484&tpd=AGWhJmuI3M6dUj2qRu1qPCnaxpnbeAvJSMnF2N-Cu638j38y_g
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1B4D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36ce03bc512cc02d7289be3f318a25f64db44fb7bee984cf1ee10083191286a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1600090909906&cv=7&fst=1600090909906&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=591551047&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=fa...
https://www.google.com/pagead/1p-conversion/1026675585/?random=591551047&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_v...
https://www.google.de/pagead/1p-conversion/1026675585/?random=591551047&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vt...

42 B
107 B

27ms
25ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=591551047&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=IXNfX9HNFMi8lgS2vL6oDQ&cid=CAQSKQCNIrLMVWDev9m_a7Tu85UDRD-6wJOGEs1MuJu_bNOql8eArx3yNNn2&random=278790704&ipr=y&ezwbk=AZuM4hDHHEbr6bdHhXKr_5d5jfKM2WbAR_wU5t8NtUkQrYWPDhrKQYobkSMBlcoqOjM1iOUtE9HuVFSL0gmhPdFdOhZY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=591551047&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=IXNfX9HNFMi8lgS2vL6oDQ&cid=CAQSKQCNIrLMVWDev9m_a7Tu85UDRD-6wJOGEs1MuJu_bNOql8eArx3yNNn2&random=278790704&ipr=y&ezwbk=AZuM4hDHHEbr6bdHhXKr_5d5jfKM2WbAR_wU5t8NtUkQrYWPDhrKQYobkSMBlcoqOjM1iOUtE9HuVFSL0gmhPdFdOhZY
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=34A2723A3DAA4BB394459F8242C5B40B
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=34A2723A3DAA4BB394459F8242C5B40B&__user_check__=1&sync_id=0ca2f1b3-f690-11ea-81b3-173c25ca0c06

43 B
548 B

35ms
35ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=34A2723A3DAA4BB394459F8242C5B40B&__user_check__=1&sync_id=0ca2f1b3-f690-11ea-81b3-173c25ca0c06
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 13:41:53 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 98
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 14 Sep 2020 13:41:53 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=34A2723A3DAA4BB394459F8242C5B40B&__user_check__=1&sync_id=0ca2f1b3-f690-11ea-81b3-173c25ca0c06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 124
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=34A2723A3DAA4BB394459F8242C5B40B

43 B
1 KB

34ms
34ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=34A2723A3DAA4BB394459F8242C5B40B

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:41:53 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.36:80
AN-X-Request-Uuid: 90642f53-3249-436d-8222-de7e4b321779
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://ib.adnxs.com/setuid?entity=66&code=34A2723A3DAA4BB394459F8242C5B40B
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 13 Sep 2020 13:41:53 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6082 11 KB
11 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cutimes.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 9473
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6082 11 KB
11 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cutimes.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 9471
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 53ms
47ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1600090913040&de=28634384095&m=0&ar=440eac9-clean&iw=42b3e3b&q=5&cb=0&ym=0&cu=1600090913040&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4481724681%3A2255325031%3A4594036698%3A138226581719&zMoatMData=1&zMoatPS=footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3604%3A3604%3A3619%3A3575&tz=footer&iq=na&tt=na&tu=1&fs=184562&na=1918432851&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H2 404 cw_match
um.simpli.fi/ 0
0 43ms
37ms Image
text/html 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://um.simpli.fi/cw_match
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: be.89.32a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=34A2723A3DAA4BB394459F8242C5B40B&expires=365

42 B
774 B

99ms
25ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=34A2723A3DAA4BB394459F8242C5B40B&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=34A2723A3DAA4BB394459F8242C5B40B&expires=365
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 13 Sep 2020 13:41:53 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D33 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 50859
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D33 295 B
319 B 10ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 56912
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Sep 2020 21:53:21 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=34A2723A3DAA4BB394459F8242C5B40B
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=34A2723A3DAA4BB394459F8242C5B40B

43 B
180 B

33ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=34A2723A3DAA4BB394459F8242C5B40B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 14 Sep 2020 13:41:53 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=34A2723A3DAA4BB394459F8242C5B40B
alt-svc: clear
content-length: 0

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEBeB21xbA78nEwMHGjQ7vEI&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=34A2723A3DAA4BB394459F8242C5B40B
https://um.simpli.fi/g_match?id=

0
320 B

38ms
37ms

Image
text/plain

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
status: 204
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 13 Sep 2020 13:41:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 48ms
47ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1600090913284&de=208359318808&m=0&ar=440eac9-clean&iw=42b3e3b&q=8&cb=0&ym=0&cu=1600090913284&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4908004232%3A2733697657%3A5451867738%3A138321291299&zMoatMData=1&zMoatPS=top&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3604%3A3604%3A3619%3A3575&tz=top&iq=na&tt=na&tu=1&fs=184562&na=599751668&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6082 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Sep 2020 23:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 50859
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Sep 2020 23:34:14 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6082 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Sep 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 56912
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 14 Sep 2020 21:53:21 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 49ms
48ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4136858795798781337&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913284&de=208359318808&cu=1600090913284&m=18&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8530&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=0&ag=3&an=0&gf=3&gg=0&ix=3&ic=3&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=3&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6&cd=0&ah=6&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4908004232%3A2733697657%3A5451867738%3A138321291299&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=top&iq=na&tt=na&tu=1&tc=0&fs=184562&na=1348712013&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 41ms
40ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020090701&jk=938417673652625&bg=!2Nul28NYaAozFkHisL8CAAAAulIAAAAXCgCSlW4rH2HDXnwXKFRvK32DvOsSsmLAIMghmXCVoBOfmR8v9FJc9KpCpcVBryDlMgf8rrbueJRICYraIrJtrATxKCA-39sVkRqcsUyF9JuJh2-0_qQg2gmKvtuumzeKJ9iwjxNjIcRW5AdWQb9WT74oGTsrEgUO3s7uwWCuXR0l_X3TlIhHNxR3mGjqmie7ep1vRhOZAajPUHs1g5ey1tI7_Fbs5T9gjc62bm6mTVPu4oJ6cSjGMXmjZm4u2v6iZK0h-2KfWAxK-6BAOUGoujVI2CR5bFZZMCejVHrw1K-PkdudPqBOQekKFTkdgANN4VUXEqv9vE2SUprNSc0ZIwKpec6IbeSL6l-bTX4xYittdkZUNbola3K2Pd4gSbgIsYicGCyqT4sJFURKb_Fh5iywPLZj2shfIranPgwKLBJRBeNfPCn_QNpBEIR3wMk1ZbLHSLkBUksTlbUoPlJ50rIKmT9GB8vKsiAnl2GI-YUgyIaqSzkAtXeiLDSXUYq4dJNRrH_5gJ5QhJTeaC07F2PDcXx2nF9wWnLrDlYJO6C_GCfn2JiZ9LFpw5YRnn_clALP9eDciT8jyRuhOQjSG3tQYuKoS4215I1CPZGM_srYcxrNEGISV7ZKyvnI95YpgWU016Yp5F9y939xgSNsKnaq7G1zEWqFchmv0ELSRZxZF_jybR-85WJ5v9g0f9acnMHE2tNyibYivvnUJRbrI_hGpHeseG1fKAxRiDsjqjh_SFQ_oOYQTmblYg8Nzb0U

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 39ms
38ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=938417673652625&r=300x250%7C300x600&w=300&h=250&a=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B224 0
0 61ms
60ms Fetch
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ0OLRWuTzyVLyCLPn0xTnY3HTLQbFR3WFHvA9fwbBn4w_5Ggn4wq69FS2kav9To8_CiA540Qh4jALJXlPX3UPPcFFIx2YavmXko_jOxzNvYHHnFJHNS7kC-5L6cA5gaMAuyawiHam4N2E6viwPa9yGPm4Xsa9ZKNMBiu5rNyXWvGfaoMHpzsTTBv5ca4gRHiTT7qweyQ35zuVOrgc6VCtSHwOciNbsFVdPCjpTfoZnQL1muk2yyiB85V5PBr5A59iUl_j8uVeCnc&sig=Cg0ArKJSzAajxNl1FzxPEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200909/r20110914/client/ Frame B224 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200909/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Sep 2020 09:35:33 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B224 74 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a55cb35db6842298c40fdef3e7e6e84a243de080837cb0ec1fba94dea19513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599824047903655"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28764
x-xss-protection: 0
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame B224 284 KB
97 KB 49ms
48ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: df5cc429c122a016592c785ff260ddcb876acbb930401c486e5295c2f2e3fc1a

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:41:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 20:22:22 GMT
server: AmazonS3
x-amz-request-id: 1B9ED17C6813FE0F
etag: "843f96fb08dc8ab7fac1326505d97f98"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21287
accept-ranges: bytes
content-length: 98419
x-amz-id-2: Hrzek8jcL54W9KLqjawjlBQ7Bn2lw9j+Ic+CI5TBJBQDeuTDHMiGVgToUTo8510UmVOsO77JhPE=

GET
H3-Q050 200 14224205038009931836
tpc.googlesyndication.com/simgad/ Frame B224 31 KB
31 KB 7ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14224205038009931836

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090701.js?21067406

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e557f0675149a5e4b49228fe82b55ff12f1ddb07bdae5b30e567e9ee6c805734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:30:38 GMT
x-content-type-options: nosniff
age: 7875
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31246
x-xss-protection: 0
last-modified: Tue, 18 Aug 2020 19:24:15 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Sep 2021 11:30:38 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B224 0
21 B 64ms
61ms Image
image/gif 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxO4wyiPAgfxVwi_-zEYH3-pArE9M5DDIWXxl1rFHpLgkzEmKNBWLgIjx6k5Dw8wFOCojNQfSlCCiV6potLjGa-DuJc4GdDTJQ7pO8nnaasTJa_cS477JEhX5wdJMNd6WruLov-uNu9iFP730vrKdSCPO4qxz8FsUIENOlF5JbzifCmWHyw7nJvfhTYJo6GI3jUriQf4L0XMBpc7UcodNM-s7HevsshyCEz6-gCEn-78hbIRGj1m5ziFugczcptMOPXeeNPl1w2qPxBQ&sig=Cg0ArKJSzKuU7bRkVTTeEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Sep 2020 13:41:53 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B224 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7555c17c306ac00f7504a734cecffbffbb0d1230d8f019cc79a59e9b01781f5a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 48ms
48ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1600090913918&de=190802149143&m=0&ar=440eac9-clean&iw=42b3e3b&q=11&cb=0&ym=0&cu=1600090913918&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2733081821%3A5451901887%3A138320393150&zMoatMData=1&zMoatPS=middle1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3604%3A3604%3A3619%3A3575&tz=middle1&iq=na&tt=na&tu=1&fs=184562&na=2066797282&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:53 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B224 52 KB
20 KB 25ms
24ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200814094146

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

bb9f373ea03c3464cc79f633b6b7416a29891c87f4c66f0e8555849256ac25f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 13:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20629
x-xss-protection: 0
server: cafe
etag: 2994844941659910662
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Sep 2020 14:39:11 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B224 0
339 B 318ms
106ms Other
image/gif 2607:f8b0:4002:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kf2ktewz&ctx=2&qqid=CO_T3ZPj6OsCFdWYdwodXyQIRw&met.4=fb.3~lb.13~ol.2x~idt.2ht~dt.-tr&met.3=197.z~298.11~123.z_3~118.1g~118.1g~118.1i~118.1i~117.2x~118.2x~118.3w~143.3x_1~113.41_4~112.3z_6~118.47&met.1=1.kf2ktesz~14.1~15.0~16.1~17.1~18.1~19.1~20.2x~21.2x~22.11~23.11&met.7=CCIQBBgBIAQoBDAEaAVwQXgVsAEBuAED~CBwQChgBIAQoBDAMOAhoBnALeM0KgAGyCogBmRSwAQG4AQM~CCoQChgBIAQoBDAWOBE~CBsQCiAFODs~CBcQBhgBIAUoBTANOAhoBnAMePX0AYABjvQBiAGO9AGwAQG4AQM~CCIQBhgBICYoJjBmOEBoKHBmeBWwAQG4AQM~CCgQChgBIGooajCFATgbaGtwgwF4waIBgAGVoQGIAaqhA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c07::5e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 48ms
47ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14224205038009931836&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913918&de=190802149143&cu=1600090913918&m=14&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2733081821%3A5451901887%3A138320393150&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle1&iq=na&tt=na&tu=1&tc=0&fs=184562&na=18526884&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 49ms
48ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913284&de=208359318808&cu=1600090913284&m=1064&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=1&ag=1053&an=3&gi=1&gf=1053&gg=3&ix=1053&ic=1053&ez=1&ck=1053&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1053&bx=3&ci=1053&jz=855&dj=1&aa=0&ad=938&cn=0&gk=938&gl=0&ik=938&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=855&cd=6&ah=855&am=6&rf=0&re=1&ft=515&fv=0&fw=515&wb=1&cl=0&at=0&d=4908004232%3A2733697657%3A5451867738%3A138321291299&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=top&iq=na&tt=na&tu=1&tc=0&fs=184562&na=1116457266&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 53ms
53ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913284&de=208359318808&cu=1600090913284&m=1066&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=1&ag=1053&an=1053&gi=1&gf=1053&gg=1053&ix=1053&ic=1053&ez=1&ck=1053&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1053&bx=1053&ci=1053&jz=855&dj=1&aa=0&ad=938&cn=938&gk=938&gl=938&ik=938&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=855&cd=855&ah=855&am=855&rf=0&re=1&ft=515&fv=515&fw=515&wb=1&cl=0&at=0&d=4908004232%3A2733697657%3A5451867738%3A138321291299&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=top&iq=na&tt=na&tu=1&tc=0&fs=184562&na=2045422045&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 51ms
50ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913284&de=208359318808&cu=1600090913284&m=1067&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=1&ag=1053&an=1053&gi=1&gf=1053&gg=1053&ix=1053&ic=1053&ez=1&ck=1053&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1053&bx=1053&ci=1053&jz=855&dj=1&aa=0&ad=938&cn=938&gk=938&gl=938&ik=938&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=855&cd=855&ah=855&am=855&rf=0&re=1&ft=515&fv=515&fw=515&wb=1&cl=0&at=0&d=4908004232%3A2733697657%3A5451867738%3A138321291299&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=top&iq=na&tt=na&tu=1&tc=0&fs=184562&na=1072619333&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:54 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1B4D 42 B
834 B 62ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOMqPu3dH-31lRyN9DQI--W7vfxhrVJ_WTWTWUzeywrlqFZoFbsH47ZJiPb3JhxU22S3MVSx81cm8doTOeXWlsdeQSHye_MYcj9C1BHFA&sig=Cg0ArKJSzMv4qzb9NEiTEAE&adk=2736157804&tt=-1&bs=1600%2C1200&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&p=623,436,713,1164&rxlist=1&mcvt=1081&rs=0&ht=0&tfs=174&tls=1254&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=138&md=2&btr=0&cpmav=0&lm=2&rst=1600090913034&dlt&rpt=245&isd=0&msd=0&xdi=0&ps=1600%2C8440&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1253&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20200911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 48ms
48ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913284&de=208359318808&cu=1600090913284&m=1270&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=1&ag=1259&an=1053&gi=1&gf=1259&gg=1053&ix=1259&ic=1259&ez=1&ck=1053&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1259&bx=1053&ci=1053&jz=855&dj=1&aa=1&ad=1144&cn=938&gn=1&gk=1144&gl=938&ik=1144&co=1144&cp=1056&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1056&cd=855&ah=1056&am=855&rf=0&re=1&ft=721&fv=515&fw=515&wb=1&cl=0&at=0&d=4908004232%3A2733697657%3A5451867738%3A138321291299&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=top&iq=na&tt=na&tu=1&tc=0&fs=184562&na=1363624667&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:54 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6082 42 B
93 B 70ms
69ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFK0n5GjWfmhZwpOhDTcdT4HRMI89DBB1I9XCNkTb_h-bfbXfnbE3SIU-kTL0ez9ycCIhyS-d8hU5qgDd3QLnN_p-x2pKBh9vS7J7hibu3XYNRK4z4DofsMR8&sai=AMfl-YTb9X5DfsCslMi5n0nCtNPV0qZ4Bol7Yf-cMMC0cpUB3CIAOI6pQWjU3i_UB8iiUak8EgvUWn20lQH-KXUdf5H8nwyET9cAaGwF5vA923eVa9nNkyuJMA0KL7I&sig=Cg0ArKJSzI5LfMXYpAIZEAE&cid=CAASFeRo_dvFLS9L_md8nbsNQg76BtFMeA&id=ampim&o=1090,733&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=108&tls=1111&g=77.8333306312561&h=77.8333306312561&tt=1111&r=v&avms=ampa&adk=4142453217

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame DDBF 0
0 99ms
27ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200814094146
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 14 Sep 2020 13:41:55 GMT
Age: 11348256
X-Served-By: cache-lga21948-LGA, cache-hhn4081-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 5144953
X-Timer: S1600090916.784601,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame 6356 0
0 83ms
15ms Document
text/html 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200814094146
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

status: 200
cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Fri, 11 Sep 2020 01:45:09 GMT
accept-ranges: bytes
etag: "f5b818a65bad8fbb775af4b86dfa305c"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: NzKcQHBtmWXjGbK7zlSrwBFEMN2RwayoED937N5GqToZEto5NVHrZDYV19kc+qpKUfhZacllbJQ=
x-amz-request-id: 1745C93869A8B3F9
x-azure-ref-originshield: 0VnleXwAAAAA52Pr45xRJSJewFWcYilcMTE9OMjFFREdFMDIwOQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0I3NfXwAAAACoybD6s17dSLOfhAbfIGDKQkVSMzBFREdFMDQyMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
date: Mon, 14 Sep 2020 13:41:55 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 153B 0
0 84ms
23ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200814094146
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 14 Sep 2020 13:41:55 GMT
Age: 11348255
X-Served-By: cache-lga21948-LGA, cache-hhn4025-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 5156378
X-Timer: S1600090916.782158,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame 8765 0
0 73ms
16ms Document
text/html 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200814094146
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

status: 200
cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Fri, 11 Sep 2020 01:45:09 GMT
accept-ranges: bytes
etag: "f5b818a65bad8fbb775af4b86dfa305c"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: NzKcQHBtmWXjGbK7zlSrwBFEMN2RwayoED937N5GqToZEto5NVHrZDYV19kc+qpKUfhZacllbJQ=
x-amz-request-id: 1745C93869A8B3F9
x-azure-ref-originshield: 0VnleXwAAAAA52Pr45xRJSJewFWcYilcMTE9OMjFFREdFMDIwOQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0I3NfXwAAAABuV1gfWUfjQ5kBJMTotBxEQkVSMzBFREdFMDQyMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
date: Mon, 14 Sep 2020 13:41:55 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3E45 0
0 96ms
24ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200814094146
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 14 Sep 2020 13:41:55 GMT
Age: 11348256
X-Served-By: cache-lga21948-LGA, cache-hhn4041-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 5130160
X-Timer: S1600090916.800772,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0ED4 0
0 95ms
23ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200814094146
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 14 Sep 2020 13:41:55 GMT
Age: 11348256
X-Served-By: cache-lga21948-LGA, cache-hhn4026-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 2046154
X-Timer: S1600090916.801882,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame 8E33 0
0 67ms
17ms Document
text/html 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200814094146
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

status: 200
cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Fri, 11 Sep 2020 01:45:09 GMT
accept-ranges: bytes
etag: "f5b818a65bad8fbb775af4b86dfa305c"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: NzKcQHBtmWXjGbK7zlSrwBFEMN2RwayoED937N5GqToZEto5NVHrZDYV19kc+qpKUfhZacllbJQ=
x-amz-request-id: 1745C93869A8B3F9
x-azure-ref-originshield: 0VnleXwAAAAA52Pr45xRJSJewFWcYilcMTE9OMjFFREdFMDIwOQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0I3NfXwAAAAA8xPo0CiIXTIqtkSXnv20eQkVSMzBFREdFMDQyMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
date: Mon, 14 Sep 2020 13:41:55 GMT

GET
H2 200 sync.html
public.servenobid.com/ Frame D494 0
0 63ms
16ms Document
text/html 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200814094146
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

status: 200
cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Fri, 11 Sep 2020 01:45:09 GMT
accept-ranges: bytes
etag: "f5b818a65bad8fbb775af4b86dfa305c"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: NzKcQHBtmWXjGbK7zlSrwBFEMN2RwayoED937N5GqToZEto5NVHrZDYV19kc+qpKUfhZacllbJQ=
x-amz-request-id: 1745C93869A8B3F9
x-azure-ref-originshield: 0VnleXwAAAAA52Pr45xRJSJewFWcYilcMTE9OMjFFREdFMDIwOQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0I3NfXwAAAADkpM3b6QJ0QK4LCLTLE5TXQkVSMzBFREdFMDQyMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
date: Mon, 14 Sep 2020 13:41:55 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2017 0
0 96ms
67ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200814094146
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 14 Sep 2020 13:41:55 GMT
Age: 11348255
X-Served-By: cache-lga21948-LGA, cache-hhn4025-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 5156379
X-Timer: S1600090916.806740,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame A2D4 0
0 22ms
17ms Document
text/html 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200814094146
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200814094146

Response headers

status: 200
cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Fri, 11 Sep 2020 01:45:09 GMT
accept-ranges: bytes
etag: "f5b818a65bad8fbb775af4b86dfa305c"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: NzKcQHBtmWXjGbK7zlSrwBFEMN2RwayoED937N5GqToZEto5NVHrZDYV19kc+qpKUfhZacllbJQ=
x-amz-request-id: 1745C93869A8B3F9
x-azure-ref-originshield: 0VnleXwAAAAA52Pr45xRJSJewFWcYilcMTE9OMjFFREdFMDIwOQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0I3NfXwAAAADxfX4svUjQSJR231WZBBQuQkVSMzBFREdFMDQyMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
date: Mon, 14 Sep 2020 13:41:55 GMT

GET
H/1.1

200
OK

hms.gif
sync.colossusssp.com/
Redirect Chain

https://colossusssp.com/?c=o&m=cookie
https://sync.colossusssp.com/hms.gif?puid=6f692ae4a99f0affaf363886067ab9d05109affc

42 B
485 B

3612ms
122ms

Image
image/gif

88.214.194.105
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.colossusssp.com/hms.gif?puid=6f692ae4a99f0affaf363886067ab9d05109affc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.214.194.105 , United Kingdom, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:42:57 GMT
Server: nginx/1.4.6 (Ubuntu)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0

Redirect headers

Location: https://sync.colossusssp.com/hms.gif?puid=6f692ae4a99f0affaf363886067ab9d05109affc
Date: Mon, 14 Sep 2020 13:41:55 GMT
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 01748cd9abd8001373810022a85900078003007000b08 Show response
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 1 KB
1 KB 353ms
37ms Script
application/javascript 52.28.233.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-eu-central-1.tealiumiq.com/alm/main/01748cd9abd8001373810022a85900078003007000b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1600090917601

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.233.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5f83e232abbed4d517c7ed76118c0c87b57d1a63cbbb08158e095b19b437c0cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Version: 2102b23187ef247cb7ff05459f63de9dd5c2c899-SNAPSHOT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Region: eu-central-1
Connection: keep-alive
Content-Length: 1041
X-NodeId: i-069b1f7004ff3d1fc
Content-Type: application/javascript; charset=utf-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 116ms
79ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090912921&de=536682719322&cu=1600090912921&m=5250&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5007&cd=12&ah=5007&am=12&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_footer&iq=na&tt=na&tu=1&tc=0&fs=184562&na=1621844685&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:58 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 348ms
58ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913284&de=208359318808&cu=1600090913284&m=5250&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=1&ag=5238&an=1259&gi=1&gf=5238&gg=1259&ix=5238&ic=5238&ez=1&ck=1053&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5238&bx=1259&ci=1053&jz=855&dj=1&aa=1&ad=5123&cn=1144&gn=1&gk=5123&gl=1144&ik=5123&co=1144&cp=1056&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4925&cd=1056&ah=4925&am=1056&rf=0&re=1&ft=4700&fv=721&fw=515&wb=2&cl=0&at=0&d=4908004232%3A2733697657%3A5451867738%3A138321291299&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=top&iq=na&tt=na&tu=1&tc=0&fs=184562&na=1968399020&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:59 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 62ms
50ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913918&de=190802149143&cu=1600090913918&m=5284&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5050&cd=4&ah=5050&am=4&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2733081821%3A5451901887%3A138320393150&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle1&iq=na&tt=na&tu=1&tc=0&fs=184562&na=1608608548&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:41:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:41:59 GMT

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 126ms
125ms Script
text/javascript 3.229.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=18252462%2C18600656&cl=1008&pixelIndex=0&r=694921&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1514392788189636656&_=1600090910705
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.100.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=18252462,18600656
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D18252462%2C18600656

43 B
1 KB

38ms
37ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D18252462%2C18600656

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:42:00 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid: cf1d8385-5d44-4b1c-8ee0-0e3d3005c884
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Sep 2020 13:42:00 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.132:80
AN-X-Request-Uuid: 0b0e7b67-1641-418e-b1b0-003e74fbdc47
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D%25env%28APPNEXUS_ID%29%26add%3D18252462%2C18600656
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 71ms
46ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=0&f=0&j=&t=1600090913040&de=28634384095&m=0&ar=440eac9-clean&iw=42b3e3b&q=12&cb=0&ym=0&cu=1600090913040&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4481724681%3A2255325031%3A4594036698%3A138226581719&zMoatMData=1&zMoatPS=footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3604%3A3604%3A3619%3A3575&tz=footer&iq=na&tt=na&tu=1&fs=184562&na=577270695&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:42:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:42:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 140ms
138ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090912921&de=536682719322&cu=1600090912921&m=10375&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10159&cd=5007&ah=10159&am=5007&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_footer&iq=na&tt=na&tu=1&tc=0&fs=184562&na=311274387&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:42:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:42:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 51ms
50ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913284&de=208359318808&cu=1600090913284&m=10062&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=1&ag=10051&an=5238&gi=1&gf=10051&gg=5238&ix=10051&ic=10051&ez=1&ck=1053&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10051&bx=5238&ci=1053&jz=855&dj=1&aa=1&ad=9936&cn=5123&gn=1&gk=9936&gl=5123&ik=9936&co=1144&cp=1056&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9828&cd=4925&ah=9828&am=4925&rf=0&re=1&ft=5055&fv=4700&fw=515&wb=2&cl=0&at=0&d=4908004232%3A2733697657%3A5451867738%3A138321291299&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=top&iq=na&tt=na&tu=1&tc=0&fs=184562&na=1615157418&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:42:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:42:03 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 52ms
51ms Image
image/gif 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2BBEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB41kNBBBBBBBBBBBBBhcjG6BBJMhLeBk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200814094146&id=1&ii=4&f=0&j=&t=1600090913918&de=190802149143&cu=1600090913918&m=10400&ar=440eac9-clean&iw=42b3e3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8440&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3604%3A3604%3A3619%3A3575&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10194&cd=5050&ah=10194&am=5050&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2733081821%3A5451901887%3A138320393150&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=middle1&iq=na&tt=na&tu=1&tc=0&fs=184562&na=914274832&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200814094146
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 13:42:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Sep 2020 13:42:04 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cutimes.com/	1970-01-19 13:11:22	Name: __cfduid Value: d4eb2070e16a0e23dd92a4f4fc0a35dc11600090907
www.cutimes.com/	1970-01-19 12:28:11	Name: NSC_wbsojti!5_ttm_10.0.254.204 Value: ffffffff0908e00445525d5f4f58455e445a4a423660
www.cutimes.com/	1970-01-19 21:13:46	Name: ssoCompliant Value:

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.1
console-api	log	URL: https://store.law.com/Registration/js/overlayForm.js(Line 44) Message: Skip overlay, not logged in or using a shared account.
console-api	info	URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009010507000 https://www.cutimes.com/?slreturn=20200814094146
console-api	info	URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009010507000 https://www.cutimes.com/?slreturn=20200814094146

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

67edcf84f6880fb43d9ecfb09f2d9350.safeframe.googlesyndication.com
a.dpmsrv.com
aa.agkn.com
acdn.adnxs.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
alm.demdex.net
b.law.com
bcp.crwdcntrl.net
cdn.ampproject.org
cdnjs.cloudflare.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
collect.tealiumiq.com
colossusssp.com
csi.gstatic.com
cutimes.com
datacloud.tealiumiq.com
dpm.demdex.net
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
geoip.alm.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
images.cutimes.com
link.cutimes.com
loadm.exelator.com
match.adsrvr.org
mb.moatads.com
ml314.com
owlcarousel2.github.io
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
ps.eyeota.net
public.servenobid.com
px.moatads.com
rules.quantcount.com
s.dpmsrv.com
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
stags.bluekai.com
static.chartbeat.com
store.cutimes.com
store.law.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
tags.tiqcdn.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
use.typekit.net
visitor-service-eu-central-1.tealiumiq.com
www.cutimes.com
www.dianomi.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
z.moatads.com
104.111.215.136
104.18.22.230
143.204.215.21
143.204.215.40
147.75.102.200
15.188.154.177
151.101.113.108
162.208.117.53
169.50.137.176
169.50.137.190
172.217.18.2
172.217.23.130
185.199.110.153
185.94.180.126
204.14.32.159
204.14.32.196
216.52.2.48
216.58.205.226
23.210.250.213
23.8.6.203
2600:1901:0:8eee::
2600:1f18:612b:4232:7f90:a91e:6d3b:3747
2600:9000:2057:0:18:1fcd:34e:d2a1
2600:9000:2057:2800:6:44e3:f8c0:93a1
2606:4700::6810:a823
2606:4700::6811:4e6b
2606:4700::6812:1e95
2606:4700::6812:1f95
2607:f8b0:4002:c07::5e
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:bdf::10
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:802::2001
2a00:1450:4001:819::2001
2a00:1450:4001:819::200a
2a00:1450:4001:81b::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:821::2002
2a00:1450:4001:825::200a
2a01:4a0:1338:28::c38a:ff0a
2a02:26f0:10c:581::19fd
2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
3.229.100.58
34.206.196.114
35.156.179.86
35.176.206.104
35.177.118.109
35.244.159.8
35.244.174.68
37.252.172.38
52.16.104.252
52.212.5.193
52.28.233.150
52.48.248.240
52.57.150.20
54.154.51.227
54.154.62.31
54.173.18.49
54.194.171.8
66.117.28.86
69.173.144.139
88.214.194.105
88.214.194.242
0404edab2dc1f7c6d53acc365707f538e3a6ef3e45c1210526710f01a9cbdac1
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0686c4b1da37e3ccb773798e752e8ec844e5054d3d82766aea659ad6f743ac8f
075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09a3c96ada466c416f4da0ad24231dcf6d35b9b04180855670188e44f1260a46
0a9552c638b5abee40f33731d470273da39c1917b17c130404de0660fd83f657
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e40fbde1dbb4757342b655cc782db23c8f4844a0623a84643a349d52b6cda90
0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657
12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e
152f878f5fc44ffd8e8bbe8ae601a640cdf4c4fd6a915633c0a5c9b51fd9d2aa
15b3822abbc2051e33b81dd6d7a11854edca718b5a77e7711ddce65bdb963caa
17894c85c8bcba083353d5825b75d0e5062a0c9b264b9a88861f45d881345b63
181b857630c087670f0d86121e26a8285447f3e18e126d2b823b94d1c3183692
188e4c5cf1190436b8d71acc70ed6fac0ee24ee601416192511ef974605bb31e
192de9e946a90570e67fb656898b1d3d2dbec5cf3d20899dcb26e6bf44d8ce12
19cddda1a9e63e54c17fd2ef1903b1650f06f5831b9cbc492cedc9cbd02b5978
1b484d46c585707d69102873172a893ffabd34b2b7e17fedf7b19015dbf251a7
21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41
21e4ff3d7d3ca227fdbd2b882c7de4cafea8ab91d24bf430959a2ac101eb307a
22bbb6b40bd42c0475a9a999d1a60f7e16760777f89b418722efdfb9f9532996
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
295c7c5ed106e5fef3972eea2d415c3c05d85939c598e7022309c1d608ea0804
2c585ba75536bdf2746f5c823882a00d348f9ea4f226b35e331d10459d290656
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300908cbcb84903590648db1851fcb3c493af3aaab47d4109e0a9f8394e06fd7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36c9fc6051d4a3d870934f3f78edcc4acaeb2b289453123baaccceaf125f4456
36ce03bc512cc02d7289be3f318a25f64db44fb7bee984cf1ee10083191286a0
3a3925a5471123eff562de1d89ab33da4e27c3fa8b67203da3843b5fd28c5671
3c83708266abbc196f0d54048ada00b9b67cca2270173d5334aea17faef506ca
3d04a53c2fa0c68ba075caed3485fe820cb2a0c18e3ad2298f6c80f1a1dafd57
3d5111396fe2cd9014f5abc984719393a9c7bf29e4a2e9b433a04915f07edbef
3dd2b02623d14a1f2491337fb6b2b461c70b89bb24ee10457d6c5dc2eb112213
3de412f4dc1f6cf18c2a7fb33d95470ad72070beaf96daf3bc16c76c80475bc6
40ef96bb4242b99c8a35c40583ca16751aaba7a7ffdc538709060300cc64d5e6
46a69b88df8dce5def5cf781098b96c0748ed4359bfe4e7e9047b4606ba91184
473e438de12b07327cabffccf5e67130140441dbaa9c995f06b97abee3548c47
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df30972b64ac3ed2d573fe2f412ec01df5ff2af514776b291d6caf7355b0672
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55fcc36d404b4d875c92237054ba62953d74b8c1d7a94963b3a4d64fd8ac5014
568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d
568dcbef00630083bac5e920152c656883c3702bfd37893141af955f51d0a45d
58ecc1cfaf2bd3805360ae09cb08f51468c60a0f5feffc8588706335f92da5e1
5ca2b037b05b96472aa51169c4d58973f93db12406e01c107a1d475407707913
5d9aa9dee627fd0311b2ee7c48687d74d4bd499c25abcffeba3b132aefe23657
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5f83e232abbed4d517c7ed76118c0c87b57d1a63cbbb08158e095b19b437c0cd
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6246ba8541691078d893b1c470688e94e583f15b0086c3cf69bb9c893b23cba9
626cd34e7410949632eab5f59634556c08dcd03e286f57a428a1901ec126959e
639a16fca910eb03ea92ecc62a54a00ed3f16fef8175ce5fdd46af8b8b613824
648e79ebde6cf1350cfa7568f8f5a582d599281cb3245aeef278465cbe3ffeb3
6ac5fb28b5242f3daf1596aae06370571e7a2b57612b762a6dc220b7d14ee121
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
6cca3ba0a81c29809eb74e6fc378dfbb76b727fa82f8e663ab9dcccb7f63445c
6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002
7555c17c306ac00f7504a734cecffbffbb0d1230d8f019cc79a59e9b01781f5a
76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897
788728e63b4885d59e672a2fbdd4c834f41e3c5e898e4a70dec4814a6b4d32be
7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
81ba96c1d40d90b96fc21ef31918f3fba320daa9aaf987de68e482f7e4c98efa
82095520525aafaa7c5209e5e2f3c2dc2d9e65a423f73288ea0d3f04efeed94d
841d64c973bfaa2b0d537a6a09e600cffaa2feaeebfe5d0e8d73721fbcd49ac0
8697e9c5ccc462abb42eb4b5dca3e9ec7ddfc771ec7e503fa91deed463d288e1
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
8debeacf437f7073c4e205f5cd3718b8a20f8787e92a123df9f29f068bb12a34
914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92a55cb35db6842298c40fdef3e7e6e84a243de080837cb0ec1fba94dea19513
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab
940a74fc39455a0851b8ab872aa97071323d5503762784e81665e471f521a635
9423431867316005a1c000237c6649870a2e388fa2e741fe6d8dbe09137f760c
943c47e42eff83d25675ef352e488d2e3aaf8c8af0f019a78d21339836a1f065
94ff1886b75337d9ecd8fd6c1ea51aee392e6013ac927b81a01fa62d7b79d08b
95cfe8033d2aaa709f3952f9c3e77cf4ce1bdb22ff6eed11cca3f0b67b7a397d
9843a28989b95af8269606bc2127ea6e803ee0ad46091fb22cf5d3dcdd9eaa68
999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9ca841cce80db57b948f0f1a1d235cb34ca2fb5561476bfff4448329f85e3cba
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a79bf22e30f5c611c094b5b7c1fc293017b134e7928f2b9e9dbb673c1029253e
a7a908374fcc7d8ced61c3d2d3ec5a61391fd02d0515611b763928c016eb7425
ada8b43f800c66d55364ee22b0d7b39b4784b7a3d8958244d241f29f25ea0782
af416120f43bfee84e300f2a0c359310087a64f1b4f19b39f1f8cd65ce0c84ab
afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b329fa560bb94ce2f0b8417b01d3744cdda13cbfaa6036800529f302457f6815
b4f3e0d6c3d8c261eaddc0378f8c4e5fa45497f349b3d125b10f428ac5096717
b539d1b49f122a9bc1848fd99f4ceb24e9702d15c8cce313987250b6da579375
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a
ba56c4931c6b1939e8a46ecdf794f91a906d7c6e45df3cf6f110075735485412
bb9f373ea03c3464cc79f633b6b7416a29891c87f4c66f0e8555849256ac25f8
c21d676c690a393fb03f001473eefa76a0f812dfd9b21dc57eace934a90b1939
c293a28e23c66b27bd04bc1742f3aab0ebf6c382961c1e83140f035a08ea5e5d
c34746eb896a4a3fc87a58ced3eac4c264a301416ecd1a4093a50ec6b941aa43
c595655ff7d1e11aa1641d3c5243d12bb62ba0180cc02639081efa1d7f1f09c4
c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14
c9a1566a9237b6b7b03584c403452894df53d094784c5245d0d81ba353a03ce1
cce39d1741d10da4eb3192a238ab22d2f13a6abdfaae77050539ea55aca7a43e
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbc7023380757b7eb822963462b2fbdc5bba03a868df9b3f98b58c0a020dcb5
d03912a982e301543324679c8503b9dd78bd5a7de4ae69563b67da692cba8524
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31
d506190ae7e775bf95029e1164e52348d6f41f8a313697b7f32c5da557a438a4
d836affe5971294b1b43a2a39334836f2519478468c94e43545a9582e749e670
d901c0df0666d0ebe00231b25eef17879e714a2cf29d2f57bde706ac040e324b
dc6e648e08f3a233ff62180178040fcccc0f5fcd6ba5650a495145ec95382f20
de3e62eea3d8ce417cd7d88eff0f1c0864dd0865df26f2fc8fae4d43adb80e0c
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deccc92c610ece5f1c0ab3f2eb5148202f7523c2888bccda1dd730c8c2b1ea00
df5cc429c122a016592c785ff260ddcb876acbb930401c486e5295c2f2e3fc1a
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
e010b8d2444eca54f5949183f138aeb9e298f6ca469ca47c35edaf6703dc08f3
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e0ccdc211f5297bcbd1c9d1ced3ae48713dc9fd3422ab635d818cdc8980ceaaf
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e25186c8782ac937925d276a7e6132fe998246435e9849e3483ffd01c0dd4020
e2bcf4102349f0cd5fdcb72d6cd14907309be7004762f8fa3d52f9d25c328b1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d9ff8877c75250401f08c7f04e0f450f07b68ef5e92b792f58e28385eefc2a
e4c3d3ec75fffee80ec5817de6b4296b464e2aab3f94900fe8fe82ee85e36607
e557f0675149a5e4b49228fe82b55ff12f1ddb07bdae5b30e567e9ee6c805734
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e802988297e04c0c23bcc4e90a2cb741b3789d7b51aed6437ae7517110fe047d
e89547cf11012b14e0d948446ac4c6edf325e49387044c19a6fbceba4322afe2
e96686618f40e7f50752db166a2af8dd320de7f63b0d4fe858ef493c774f0853
e9cfa29fa86ce04673d24bcdcfcaccf4e9e6b29f81b64553b13952cddf7194ba
eab94bfcd230b07377dd03ee9f8e0deea86ac3b1d34494e43a9daa6f692c5202
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06c5c7b639aba87547337bfaa30d5d30fd068a0090c6a214da5832aa1915b49
f19a9762fe389e49d4e8a49a7ac09a93848d19a61068f9ca03ddd97359c6f1b0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fc9c9bc71151e9dc81ff5f49f2f41cec37e30e621233753dd812911fd5eff581

www.cutimes.com Open in urlscan Pro 2606:4700::6812:1e95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

273 Requests

98 %HTTPS

38 %IPv6

47 Domains

77 Subdomains

58 IPs

9 Countries

2498 kBTransfer

5903 kBSize

3 Cookies

27 Outgoing links

Page URL History

Redirected requests

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cutimes.com Open in urlscan Pro
2606:4700::6812:1e95 Public Scan

Screenshot
Live screenshot

Full Image

273
Requests

98 %
HTTPS

38 %
IPv6

47
Domains

77
Subdomains

58
IPs

9
Countries

2498 kB
Transfer

5903 kB
Size

3
Cookies

273 HTTP transactions
2 data transactions