urlscan.io logo urlscan.io
SecurityTrails logo

www.cutimes.com Open in urlscan Pro
2606:4700::6812:3b7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://linkmktg.cutimes.com/click/32120067.20312/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGluZy1hdHRhY2stZXhwb3N...
Effective URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_...
Submission: On August 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 96 IPs in 9 countries across 71 domains to perform 371 HTTP transactions. The main IP is 2606:4700::6812:3b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cutimes.com. The Cisco Umbrella rank of the primary domain is 462367.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 21st 2023. Valid for: a year.
This is the only time www.cutimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.222.82.214 14618 (AMAZON-AES)
3 46 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 192.226.84.37 16524 (METTEL)
9 2a02:26f0:310... 20940 (AKAMAI-ASN1)
14 23.213.165.236 16625 (AKAMAI-AS)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.244.141.151 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.201.104.135 396982 (GOOGLE-CL...)
3 52.222.208.154 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
2 130.162.160.243 31898 (ORACLE-BM...)
13 2600:9000:223... 16509 (AMAZON-02)
19 104.18.41.105 13335 (CLOUDFLAR...)
1 13.32.99.16 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 23.218.48.210 16625 (AKAMAI-AS)
2 204.180.130.165 53866 (QTS-AS)
6 2a00:1450:400... 15169 (GOOGLE)
3 204.180.130.159 53866 (QTS-AS)
1 3 52.211.144.29 16509 (AMAZON-02)
3 18 185.89.210.212 29990 (ASN-APPNEX)
3 54.166.243.20 14618 (AMAZON-AES)
19 2a00:1450:400... 15169 (GOOGLE)
1 18.66.112.103 16509 (AMAZON-02)
3 34.111.234.236 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 146.75.116.157 54113 (FASTLY)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
8 99.83.218.184 16509 (AMAZON-02)
4 75.2.40.13 16509 (AMAZON-02)
1 34.254.109.178 16509 (AMAZON-02)
2 63.140.62.160 16509 (AMAZON-02)
1 1 52.30.226.31 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 52.54.96.194 14618 (AMAZON-AES)
1 2600:9000:205... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.212.152.189 14618 (AMAZON-AES)
1 2600:9000:20e... 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 13.32.119.77 16509 (AMAZON-02)
6 185.64.189.112 62713 (AS-PUBMATIC)
7 147.75.84.158 54825 (PACKET)
3 9 193.3.178.3 399668 (E-PLANNING-)
12 18.197.249.97 16509 (AMAZON-02)
7 216.52.2.91 32475 (SINGLEHOP...)
12 2602:803:c003... 26667 (RUBICONPR...)
6 34.107.148.139 396982 (GOOGLE-CL...)
12 185.86.138.121 201081 (SMARTADSE...)
7 51.38.120.206 16276 (OVH)
6 35.227.252.103 15169 (GOOGLE)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
7 9 142.250.181.226 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
1 3 2a03:2880:f17... 32934 (FACEBOOK)
11 2a00:1450:400... 15169 (GOOGLE)
1 18.208.125.13 14618 (AMAZON-AES)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
1 1 217.79.188.21 24961 (MYLOC-AS ...)
1 217.79.188.11 24961 (MYLOC-AS ...)
1 2 142.250.186.70 15169 (GOOGLE)
2 18.66.112.11 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 23.213.164.238 16625 (AKAMAI-AS)
1 23.218.208.23 ()
2 95.101.149.233 16625 (AKAMAI-AS)
1 23.32.184.180 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
3 5 69.173.144.139 26667 (RUBICONPR...)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
3 52.223.40.198 16509 (AMAZON-02)
2 3 52.46.128.147 16509 (AMAZON-02)
2 4 52.94.222.140 16509 (AMAZON-02)
1 3 198.47.127.19 62713 (AS-PUBMATIC)
1 1 178.250.7.11 44788 (ASN-CRITE...)
7 185.64.191.210 62713 (AS-PUBMATIC)
1 34.246.113.219 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.174.89.161 14618 (AMAZON-AES)
3 4 37.157.3.20 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
2 198.47.127.20 ()
1 1 2620:116:800d... ()
1 2606:4700:10:... ()
1 2 77.243.51.122 ()
1 1 51.222.80.231 ()
1 3.75.62.37 ()
3 3 35.157.107.99 ()
1 1 3.126.44.120 ()
371 96
1    3.222.82.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-82-214.compute-1.amazonaws.com
linkmktg.cutimes.com
46    2606:4700::6812:3b7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cutimes.com
store.cutimes.com
images.cutimes.com
3    192.226.84.37 (Manchester, United States)

ASN16524 (METTEL, US)
store.law.com
geoip.alm.com
9    2a02:26f0:3100::1735:2a43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
14    23.213.165.236 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-236.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2606:4700::6812:d5a (United States)

ASN13335 (CLOUDFLARENET, US)
imageserver.amlaw.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    35.244.141.151 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 151.141.244.35.bc.googleusercontent.com
cdn.yourbow.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com
vi.ml314.com
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:223c:9800:1e:5cef:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)
olytics.omeda.com
2    130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
13    2600:9000:223e:c400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
19    104.18.41.105 (None, )

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
data.dianomi.com
1    13.32.99.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-16.fra60.r.cloudfront.net
s.dpmsrv.com
1    2606:4700:10::6816:39ae (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
4    23.218.48.210 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-48-210.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    204.180.130.165 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
oqs.omeda.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    204.180.130.159 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com
cdp.omeda.com
3    52.211.144.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-144-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
18    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    54.166.243.20 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-243-20.compute-1.amazonaws.com
a.dpmsrv.com
19    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    18.66.112.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-103.fra56.r.cloudfront.net
ak.sail-horizon.com
3    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a02:26f0:3100::1735:2a09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
8    99.83.218.184 (United States)

ASN16509 (AMAZON-02, US)
PTR: a710cf531d4cd2506.awsglobalaccelerator.com
api.sail-track.com
4    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    34.254.109.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-109-178.eu-west-1.compute.amazonaws.com
alm.demdex.net
2    63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net
b.law.com
1    52.30.226.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-226-31.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com
pi.pardot.com
1    2600:9000:2057:b400:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2606:4700:10::6816:38ae (United States)

ASN13335 (CLOUDFLARENET, US)
telemetries.jeeng.com
1    3.212.152.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-152-189.compute-1.amazonaws.com
ping.chartbeat.net
1    2600:9000:20eb:4a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
6    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
9    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
12    18.197.249.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
7    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
12    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
12    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
7    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
6    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
119c8f089197188bfdd2e232601e0e6b.safeframe.googlesyndication.com
9    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
11    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
1    18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com
go.alm.com
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com
ad2.adfarm1.adition.com
1    217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
2    18.66.112.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-11.fra56.r.cloudfront.net
cdn1.opstag.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.218.208.23 (None, )

ASN- ()
contextual.media.net
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
yourbow-d.openx.net
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2a05:d018:d29:3601:f60d:7f4e:ab14:8158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    34.246.113.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-113-219.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.174.89.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-89-161.compute-1.amazonaws.com
a.audrte.com
4    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (None, )

ASN- ()
cms.quantserve.com
1    2606:4700:10::ac43:db6 (None, )

ASN- ()
mwzeom.zeotap.com
2    77.243.51.122 (None, )

ASN- ()
uipglob.semasio.net
1    51.222.80.231 (None, )

ASN- ()
pixel.onaudience.com
1    3.75.62.37 (None, )

ASN- ()
ups.analytics.yahoo.com
3    35.157.107.99 (None, )

ASN- ()
x.bidswitch.net
1    3.126.44.120 (None, )

ASN- ()
sonata-notifications.taptapnetworks.com
Apex Domain
Subdomains		 Transfer
47 cutimes.com
linkmktg.cutimes.com
www.cutimes.com — Cisco Umbrella Rank: 462367
store.cutimes.com — Cisco Umbrella Rank: 759257
images.cutimes.com — Cisco Umbrella Rank: 361602
299 KB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
ad.doubleclick.net — Cisco Umbrella Rank: 173
197 KB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 510
eus.rubiconproject.com — Cisco Umbrella Rank: 593
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
token.rubiconproject.com — Cisco Umbrella Rank: 597
30 KB
20 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 512
ads.pubmatic.com — Cisco Umbrella Rank: 513
image6.pubmatic.com — Cisco Umbrella Rank: 752
simage2.pubmatic.com — Cisco Umbrella Rank: 794
image2.pubmatic.com — Cisco Umbrella Rank: 895
simage4.pubmatic.com
28 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
acdn.adnxs.com — Cisco Umbrella Rank: 578
33 KB
19 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 9341
data.dianomi.com — Cisco Umbrella Rank: 10597
121 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 327
aax.amazon-adsystem.com — Cisco Umbrella Rank: 404
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076
73 KB
16 moatads.com
z.moatads.com — Cisco Umbrella Rank: 613
mb.moatads.com — Cisco Umbrella Rank: 691
px.moatads.com — Cisco Umbrella Rank: 580
193 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
119c8f089197188bfdd2e232601e0e6b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
119 KB
13 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1208
92 KB
12 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1594
7 KB
12 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1105
2 KB
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 477
p.typekit.net — Cisco Umbrella Rank: 588
189 KB
9 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6398
6 KB
8 sail-track.com
api.sail-track.com — Cisco Umbrella Rank: 8413
1 KB
7 openx.net
rtb.openx.net — Cisco Umbrella Rank: 751
yourbow-d.openx.net — Cisco Umbrella Rank: 15639
992 B
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
2 KB
7 media.net
prebid.media.net — Cisco Umbrella Rank: 1307
contextual.media.net
13 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 659
3 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 880
938 B
7 omeda.com
olytics.omeda.com — Cisco Umbrella Rank: 22496
oqs.omeda.com — Cisco Umbrella Rank: 22986
cdp.omeda.com — Cisco Umbrella Rank: 22484
70 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
www.linkedin.com — Cisco Umbrella Rank: 625
px4.ads.linkedin.com — Cisco Umbrella Rank: 6371
5 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 405
110 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3237
c1.adform.net — Cisco Umbrella Rank: 591
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2537
3 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
mug.criteo.com — Cisco Umbrella Rank: 2631
dis.criteo.com — Cisco Umbrella Rank: 596
8 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3302
664 B
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 223
alm.demdex.net — Cisco Umbrella Rank: 87986
6 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1190
104 KB
4 dpmsrv.com
s.dpmsrv.com — Cisco Umbrella Rank: 24014
a.dpmsrv.com — Cisco Umbrella Rank: 20766
32 KB
4 gstatic.com
fonts.gstatic.com
161 KB
4 ml314.com
vi.ml314.com — Cisco Umbrella Rank: 6811
ml314.com — Cisco Umbrella Rank: 1767
22 KB
4 law.com
store.law.com — Cisco Umbrella Rank: 74255
b.law.com — Cisco Umbrella Rank: 79183
6 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25640
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 29011
898 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
793 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
ups.analytics.yahoo.com
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
722 B
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 368
fonts.googleapis.com — Cisco Umbrella Rank: 41
8 KB
3 jeeng.com
users.api.jeeng.com — Cisco Umbrella Rank: 33177 Failed
telemetries.jeeng.com — Cisco Umbrella Rank: 23063
158 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
38 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
114 KB
2 opstag.com
cdn1.opstag.com — Cisco Umbrella Rank: 26351
2 adition.com
ad2.adfarm1.adition.com — Cisco Umbrella Rank: 76128
imagesrv.adition.com — Cisco Umbrella Rank: 18530
697 B
2 alm.com
geoip.alm.com — Cisco Umbrella Rank: 84314
go.alm.com — Cisco Umbrella Rank: 86335
1 KB
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4503
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
87 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 760
6 KB
2 amlaw.com
imageserver.amlaw.com — Cisco Umbrella Rank: 40201
69 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
346 B
1 onaudience.com
pixel.onaudience.com
418 B
1 zeotap.com
mwzeom.zeotap.com
439 B
1 quantserve.com
cms.quantserve.com
588 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 791
611 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
265 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 395
98 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
14 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6457
455 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 881
376 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1354
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1548
15 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1197
517 B
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2835
397 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 742
394 B
1 t.co
t.co — Cisco Umbrella Rank: 577
378 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 758
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
68 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3401
33 KB
1 yourbow.com
cdn.yourbow.com — Cisco Umbrella Rank: 66308
373 KB
371 71
Domain Requested by
44 www.cutimes.com 2 redirects www.cutimes.com
19 securepubads.g.doubleclick.net tags.tiqcdn.com
olytics.omeda.com
securepubads.g.doubleclick.net
www.cutimes.com
www.googletagservices.com
18 ib.adnxs.com 3 redirects cdn.yourbow.com
acdn.adnxs.com
17 www.dianomi.com www.cutimes.com
www.dianomi.com
13 tags.tiqcdn.com www.cutimes.com
tags.tiqcdn.com
12 prg.smartadserver.com cdn.yourbow.com
12 fastlane.rubiconproject.com cdn.yourbow.com
12 btlr.sharethrough.com cdn.yourbow.com
9 px.moatads.com
9 cm.g.doubleclick.net 7 redirects
9 pbjs.e-planning.net 3 redirects cdn.yourbow.com
9 use.typekit.net www.cutimes.com
use.typekit.net
8 api.sail-track.com ak.sail-horizon.com
7 onetag-sys.com cdn.yourbow.com
7 ap.lijit.com cdn.yourbow.com
7 prebid.a-mo.net cdn.yourbow.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.cutimes.com
6 rtb.openx.net cdn.yourbow.com
6 prebid.media.net cdn.yourbow.com
6 hbopenbid.pubmatic.com cdn.yourbow.com
6 aax.amazon-adsystem.com c.amazon-adsystem.com
6 pagead2.googlesyndication.com olytics.omeda.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pixel.rubiconproject.com 3 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 z.moatads.com www.cutimes.com
z.moatads.com
securepubads.g.doubleclick.net
4 a.audrte.com 3 redirects ads.pubmatic.com
4 simage2.pubmatic.com ads.pubmatic.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 www.google.com 1 redirects tpc.googlesyndication.com
www.cutimes.com
4 px.ads.linkedin.com 3 redirects
4 api.sail-personalize.com ak.sail-horizon.com
4 secure.cdn.fastclick.net www.cutimes.com
secure.cdn.fastclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 x.bidswitch.net 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 s.amazon-adsystem.com 2 redirects
3 match.adsrvr.org ads.pubmatic.com
3 www.facebook.com 1 redirects
3 ml314.com tags.tiqcdn.com
ml314.com
z.moatads.com
3 a.dpmsrv.com s.dpmsrv.com
3 dpm.demdex.net 1 redirects
3 cdp.omeda.com olytics.omeda.com
3 c.amazon-adsystem.com cdn.yourbow.com
c.amazon-adsystem.com
3 cdnjs.cloudflare.com www.cutimes.com
2 uipglob.semasio.net 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects
2 eus.rubiconproject.com cdn.yourbow.com
eus.rubiconproject.com
2 ads.pubmatic.com cdn.yourbow.com
ads.pubmatic.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 cdn1.opstag.com securepubads.g.doubleclick.net
2 data.dianomi.com www.dianomi.com
2 ad.doubleclick.net 1 redirects www.dianomi.com
2 gum.criteo.com 1 redirects static.criteo.net
2 telemetries.jeeng.com users.api.jeeng.com
2 pi.pardot.com tags.tiqcdn.com
pi.pardot.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 googleads.g.doubleclick.net www.googletagmanager.com
www.cutimes.com
2 b.law.com tags.tiqcdn.com
2 snap.licdn.com tags.tiqcdn.com
snap.licdn.com
2 oqs.omeda.com olytics.omeda.com
2 mb.moatads.com z.moatads.com
2 olytics.omeda.com www.cutimes.com
tags.tiqcdn.com
2 fonts.googleapis.com www.cutimes.com
ajax.googleapis.com
2 imageserver.amlaw.com www.cutimes.com
2 store.law.com 1 redirects www.cutimes.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 ups.analytics.yahoo.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 cms.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 yourbow-d.openx.net cdn.yourbow.com
1 acdn.adnxs.com cdn.yourbow.com
1 contextual.media.net cdn.yourbow.com
1 imagesrv.adition.com www.dianomi.com
1 ad2.adfarm1.adition.com 1 redirects
1 mug.criteo.com
1 go.alm.com pi.pardot.com
1 idsync.rlcdn.com
1 119c8f089197188bfdd2e232601e0e6b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 www.google.de
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 ping.chartbeat.net
1 geoip.alm.com cdnjs.cloudflare.com
1 static.chartbeat.com tags.tiqcdn.com
1 cm.everesttech.net 1 redirects
1 alm.demdex.net tags.tiqcdn.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 analytics.twitter.com
1 t.co
1 static.ads-twitter.com tags.tiqcdn.com
1 www.googletagmanager.com tags.tiqcdn.com
1 ak.sail-horizon.com tags.tiqcdn.com
1 s.dpmsrv.com www.cutimes.com
1 vi.ml314.com www.cutimes.com
1 ajax.googleapis.com www.cutimes.com
1 users.api.jeeng.com www.cutimes.com
1 cdn.yourbow.com www.cutimes.com
1 p.typekit.net use.typekit.net
1 images.cutimes.com www.cutimes.com
1 store.cutimes.com 1 redirects
1 linkmktg.cutimes.com 1 redirects
371 114
Subject Issuer Validity Valid
cutimes.com
Cloudflare Inc ECC CA-3		 2023-04-21 -
2024-04-20		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-18 -
2023-11-18		 a year crt.sh
*.law.com
Go Daddy Secure Certificate Authority - G2		 2023-03-09 -
2024-04-09		 a year crt.sh
cdn.yourbow.com
GTS CA 1D4		 2023-08-22 -
2023-11-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
vi.ml314.com
GTS CA 1D4		 2023-08-09 -
2023-11-07		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.omeda.com
SSL.com RSA SSL subCA		 2023-06-18 -
2024-06-23		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
*.dpmsrv.com
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2023-07-14 -
2024-07-13		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
ml314.com
GTS CA 1D4		 2023-08-05 -
2023-11-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-14 -
2023-11-14		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-01 -
2023-10-01		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
api.sail-track.com
Amazon RSA 2048 M02		 2023-04-24 -
2024-05-22		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
b.law.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-10 -
2023-10-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-09 -
2023-09-07		 3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-07-23		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.alm.com
Go Daddy Secure Certificate Authority - G2		 2022-12-25 -
2023-12-23		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
go.alm.com
R3		 2023-07-19 -
2023-10-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.opstag.com
Amazon RSA 2048 M01		 2023-08-29 -
2024-09-25		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh

This page contains 26 frames:

Primary Page: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Frame ID: 0CC19B8B0026469B60B41EE46DFC82FB
Requests: 265 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: E781B4AE5ADFE4EDD11D4B73C4743187
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Frame ID: 64FF025C389DCD806E2B232481E0538F
Requests: 7 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Frame ID: 1A10F9E6631F034199CFF2C0D0705626
Requests: 14 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: 16F2C778216BE86FE230E509ECE91220
Requests: 1 HTTP requests in this frame

Frame: https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Frame ID: 54266C02587E948204EC9A6303F0B3D0
Requests: 2 HTTP requests in this frame

Frame: https://119c8f089197188bfdd2e232601e0e6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 25F36D5ABAC659C2E5DAE09304746B71
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.cutimes.com
Frame ID: 06AD7DF14C5D0F211E7965F9B158A59D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 998E5D226948FCEB12EB53BA8119E304
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D694249816287AC330690641B36F0DB
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjOG_YUsF-urJF2qbNJZ5YJPnVyPTQ8ON9mqq4bRuDDl7YykmNiaEKve92df6-GeSiXNEOfOBe6dtfNqWKgJkHdTU-soXNBOiex-LEfu2vpM1_mhUzWxdwop1mhVK3Of7LZE4AQCX_7K1JK4qYOiYGkmRn3qYpyElAGpH_YvuY7fNSPppdH1biiPqTi5Dh4T4j4GjqPtA6wxnPVYgDcmASxzfRE1jjw3SgzJwnoj9V817DHS2t7fNneDoXGuOZ6eSfwvfhTTiQLKqm2NTbtJWpgv5f2IjQQu7bnFKhVHfUzjUXtichXHyfVEZGHCYmyC2FjkHqr79nQx58tgFF6dUH4fui_9o&sai=AMfl-YSpyFGHSm2tfYMQ7BCAJxK7VG0SRuNQPdHzwHYtFqlaTIg4bVIPxMGXVdrdnnALDRojnglR6ZQQV-MXV8nDAOrtbvldbeu7AidfVcfyJ62Ld_0dw3BvbY10EEIOw-Y&sig=Cg0ArKJSzBecTYofudt5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D471AF492BE951D0E1D2BD9AFB62840E
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxxPLkYVZPpkqdalz5U8EXtbt8dbsGwO7_lLfDtrW_xNFSl6aoCIJi18fBCsw-5q4YIjPg6gKm-CbH4Hp59xoWVEu-CuylSvbJkSp0S_8YMPdKdijJsqNNDjoM53Qh-qX8u9IrDLDMMUVh_vq3fRBMPciI_BQgy2IvPJvUU4t3wc57sw_aYIqYysFua1-dqGri6rM1BNt2xzgAo_FR4UDgiu_xNSPbrALXOgigPkekHcuSS9OvTQi04SQGjKbYCd1D5CjEBDtFzjAq-ARgpc-65IGLxiEUq8AXPvoyqHvAOUZ1TLHuJK6b1gdRr2WpJG3IwsNeBdTQs3emTJB3SrpHBk98pJQ&sai=AMfl-YQ0_Iw8DGLKiSPJSx2IGvvAm6MMO68HfAR09SrLappWlnxZbavE1VGKrU2TPtR0igyaBImWsTxwb_fwbuSCbJZQKxpbgEHwL0cz3nj0ZfpkYSv3yw8iMJUyQdsXuFo&sig=Cg0ArKJSzE8TPLgolHwAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0BD34E3E8D75A572B23BCFF7A05194D0
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 5C048A8264FCD599468DC080587537FB
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1693494667037
Frame ID: 68E250018EE4AA56CCDD7FD0741DBABB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Frame ID: 1E6DE8DB6F3CE539B919AE2460D70BC6
Requests: 20 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13400772
Frame ID: 293BC072F03F0CD7D70FA604B3B78692
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUN4B97C&prvid=2034%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C3012%2C2087%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: DC02A81FCCEC12CE13230D6813962A4C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 49B4F2846BFE652927B683A1C3BE6851
Requests: 10 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 58AAAAFDDB2DB2C52DECD67AAEA576D7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3A66D3E16F8F686B99C0CB81456E713D
Requests: 3 HTTP requests in this frame

Frame: https://yourbow-d.openx.net/w/1.0/pd
Frame ID: 56A5744503B00018D39CD79FA4F2ED3F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 4A796A4A4BFA4D7716818D610D8F0629
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&gdpr=0&gdpr_consent=
Frame ID: C5B41139FCA346ED7A5C5F0920788901
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&redir=true&gdpr=0&gdpr_consent=
Frame ID: 0F1F8FE0120661151A28B3CEDD9B66C5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4TGZ5rZhxuf6ZsjitmfS4LE9y7P6Msqz7jfy1Vka
Frame ID: DDEF00014EA18BADA07B964200AAEA90
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8978697940937170856&gdpr=0&gdpr_consent=
Frame ID: 7C463C1062773E0FCB874143829BB8EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Phishing Attack Exposes Personal Info for 14,754 NIHFCU Members | Credit Union Times

Page URL History Show full URLs

  1. https://linkmktg.cutimes.com/click/32120067.20312/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGl... HTTP 302
    https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?u... HTTP 302
    https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https... HTTP 302
    https://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=49214b34-b62a-493b-abef-6453c868365f... HTTP 302
    https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

371
Requests

92 %
HTTPS

32 %
IPv6

71
Domains

114
Subdomains

96
IPs

9
Countries

2924 kB
Transfer

6895 kB
Size

92
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://linkmktg.cutimes.com/click/32120067.20312/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGluZy1hdHRhY2stZXhwb3Nlcy1wZXJzb25hbC1pbmZvLWZvci0xNDc1NC1uaWhmY3UtbWVtYmVycy8_dXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPXByb21vJnV0bV9jYW1wYWlnbj10ZWNoX2h1YiZ1dG1fY29udGVudD0wNzIwMjMmdXRtX3Rlcm09Y3V0/5ef20c09c907c3413055c95dE670b60b6 HTTP 302
    https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut HTTP 302
    https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102 HTTP 302
    https://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=49214b34-b62a-493b-abef-6453c868365f&source=https%3a%2f%2fwww.cutimes.com%2f2023%2f07%2f11%2fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2f%3futm_source%3demail%26utm_medium%3dpromo%26utm_campaign%3dtech_hub%26utm_content%3d072023%26utm_term%3dcut%26slreturn%3d20230731111102&debug=lawDomainIPWithRefRedirectAnon HTTP 302
    https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1693494665187 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1693494665187
Request Chain 93
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D14975%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F2023%252F07%252F11%252Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%252F%253Futm_source%253Demail%2526utm_medium%253Dpromo%2526utm_campaign%253Dtech_hub%2526utm_content%253D072023%2526utm_term%253Dcut%2526slreturn%253D20230731111102 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D14975%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F2023%25252F07%25252F11%25252Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%25252F%25253Futm_source%25253Demail%252526utm_medium%25253Dpromo%252526utm_campaign%25253Dtech_hub%252526utm_content%25253D072023%252526utm_term%25253Dcut%252526slreturn%25253D20230731111102 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?id=8978697940937170856&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=14975&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Request Chain 115
  • https://cm.everesttech.net/cm/dd?d_uuid=05301471796765840032654550420658920416 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPCtigAAAL4cuQNx
Request Chain 124
  • https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Request Chain 143
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1693494666301%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F2023%252F07%252F11%252Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%252F%253Futm_source%253Demail%2526utm_medium%253Dpromo%2526utm_campaign%253Dtech_hub%2526utm_content%253D072023%2526utm_term%253Dcut%2526slreturn%253D20230731111102%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&cookiesTest=true&liSync=true&e_ipv6=AQJWeY7KQS3BYwAAAYpMJeeNSqiUrn-SyPFg2mHbHLhIJILbQMRpmsFWjjH2oqK46e25bis
Request Chain 153
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6386816772688175&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102 HTTP 302
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Request Chain 173
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6386816772688175&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102 HTTP 302
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8978697940937170856&pixelIndex=0 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8978697940937170856&pixelIndex=0&google_gid=CAESEEntjuZy_6yZKZHwiCRTua0&google_cver=1
Request Chain 196
  • https://www.facebook.com/tr/?id=2429680573784973&ev=PageView&dl=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&rl=&if=false&ts=1693494666983&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1693494666981.215682927&it=1693494666296&coo=false&tm=1&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?a=tmtealium&coo=false&dl=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&ec=0&ev=PageView&fbp=fb.1.1693494666981.215682927&id=2429680573784973&if=false&it=1693494666296&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1693494666983&v=2.9.125
Request Chain 199
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6386816772688175&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102 HTTP 302
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Request Chain 265
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=VBzHgHxUNWZXck5jMWV0R3QwZko2WXBVbWFLUlJIM01lem84blVKVStWU3d1SEJiZlB3bmdpYUZKb00zUi8xYjdDUmllVyszZ3VyM1VwdGk4anNQK0x4R3NPem5aNmtVem5ac25idVd3ek1PVnNvUWhvdlQrNmtveGswL1FQSnVvVjJhd0kwM3pZRWxSbnJQZmkvK0ZZSEp4Ti9GNWIvWHNabFdKTW9XdUNVRzRLd1ZUUFlmVmMrOHVBdlh6WkJKRWxJYkJVeDFFbWM0OUIvVlN6MW1vdzhVU3F4cjQvMklwTGlDYXVVWGdyNlpLSDFJYktDVFhlR3hUZXhTK1JMeVFyK0VFZ0JKelQvaWpWU2U2OEZiU2lTWHFQQT09fA&cppv=2
Request Chain 276
  • https://ad2.adfarm1.adition.com/banner?sid=4478129&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&kid=6008945&bid=18238357&wpt=C&ts=1693494667 HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 277
  • https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B30263000.372058203;dc_trk_aid=562736341;dc_trk_cid=195710793;ord=1693494667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B30263000.372058203;dc_pre=CNX13aCXh4EDFXPKuwgdwgED3w;dc_trk_aid=562736341;dc_trk_cid=195710793;ord=1693494667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 310
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH9fUudGKGxiySGWpfz-S0I&google_cver=1
Request Chain 334
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jUlpGtOoUFN09j3u_KXKUA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lL19NEhE2oJtFPd_p3o3UHr46o1GZCu6bcvEVw--~A
Request Chain 335
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLZAZZSP-2-AN7T
Request Chain 337
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDBhY2VmNzYwNTJkNmEwN2I0OTdmYjllMjUzNDk3YTViN2Y2NTgyNw
Request Chain 338
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=X-SCrVhuTYq4CQEp4cNcPQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=X-SCrVhuTYq4CQEp4cNcPQ
Request Chain 339
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExaQVpaU1AtMi1BTjdU HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMJS7R8yDNspvwts8AxqrFw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExaQVpaU1AtMi1BTjdU&google_push=
Request Chain 340
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9pKcRTlzQFyXdaoPAs_BWg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9pKcRTlzQFyXdaoPAs_BWg
Request Chain 342
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uLrcxsN5THKnfCi-0ewaww%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 345
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1867899606 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3
Request Chain 346
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Yzg3b1h1NC1lbDdSbTJYcE1ZaVA1ZkZxQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8594109174659939537&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjhCQURDQzYtQzM3OS00QzcyLUE3N0MtMjhCRUQxRUMxQUMz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI5CSUQeCleXM-UjgLYOgXA&google_cver=1
Request Chain 351
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8594109174659939537
Request Chain 359
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4TGZ5rZhxuf6ZsjitmfS4LE9y7P6Msqz7jfy1Vka
Request Chain 360
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8978697940937170856&gdpr=0&gdpr_consent=
Request Chain 362
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 363
  • https://pixel.onaudience.com/?partner=214&mapped=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 366
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=6f835b9c-ad0d-45dd-ac2a-59667a727748&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_e06aaa3c-4709-4eb8-9d7b-8bc4dc35e03a&bsw_param=6f835b9c-ad0d-45dd-ac2a-59667a727748&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6f835b9c-ad0d-45dd-ac2a-59667a727748&gdpr=0&gdpr_consent=&gdpr_pd=

371 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/
Redirect Chain
  • https://linkmktg.cutimes.com/click/32120067.20312/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGluZy1hdHRhY2stZXhwb3Nlcy1wZXJzb25hbC1pbmZvLWZvci0xNDc1NC1uaWhmY3UtbWVtYmVycy8_dXRtX3NvdXJjZT1...
  • https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut
  • https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-...
  • https://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=49214b34-b62a-493b-abef-6453c868365f&source=https%3a%2f%2fwww.cutimes.com%2f2023%2f07%2f11%2fphishing-attack-exposes-personal-info-...
  • https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=2...
68 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f47f64f29a549fb0d86348a2a93a0e1b037120486156eb73b28ebb3d77b3631
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
backend
templates_newlaw_director
cf-cache-status
DYNAMIC
cf-ray
7ff6342c2a8b8ff8-FRA
content-encoding
br
content-language
de-DE
content-type
text/html;charset=utf-8
date
Thu, 31 Aug 2023 15:11:03 GMT
server
cloudflare
vary
accept-encoding
x-cache
MISS
x-frame-options
SAMEORIGIN
x-vnode
27

Redirect headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7ff634298f5a8ff8-FRA
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=utf-8
date
Thu, 31 Aug 2023 15:11:03 GMT
location
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
referrer-policy
origin-when-cross-origin
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
Server #1
x-robots-tag
noindex, nofollow
rocket-loader.min.js
www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Aug 2023 13:09:20 GMT
server
cloudflare
etag
W/"64e60500-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7ff63430b8108ff8-FRA
expires
Sat, 02 Sep 2023 15:11:03 GMT
fa-icons-lib.min.css
www.cutimes.com/assets/build/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:03 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
HIT
age
11077
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"4085-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63430b8128ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:03 GMT
markets-lite.min.css
www.cutimes.com/assets/master-template/css/release/ 		221 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/markets-lite.min.css?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60670bfa41fd1644a433674a62c5aff53afa2ae138dc05071b9dd4ab89bc21b4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"226291-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63430b8138ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:04 GMT
bootstrap-master-template.min.css
www.cutimes.com/assets/master-template/css/release/ 		105 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:03 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
HIT
age
11077
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"107730-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63430b8148ff8-FRA
x-vnode
21
expires
Thu, 31 Aug 2023 19:11:03 GMT
article.min.css
www.cutimes.com/assets/master-template/css/release/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/article.min.css?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dcc8a784d16b88354e3afdaca4f6726207280da9bc8e68516ba755b4ae87421
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"30138-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63430b8158ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
falcon-ui.css
www.cutimes.com/assets/css/ 		771 B
408 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/css/falcon-ui.css?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
ntcoent-length
771
x-cache
HIT 2
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"771-1693417032000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63430b8168ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
qkq4rhw.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3d21bcee8e4e8f2c909c58ca56aaef23cec66be18425e0aec59ca80dceed4055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 31 Aug 2023 15:11:03 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
906
pagination.css
www.cutimes.com/assets/master-template/css/plc/ 		4 KB
999 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/plc/pagination.css?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff14e7090beb60dd4d22391b76fc95426ee3a6946e5197b2a9131310315f833
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"4295-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63430b8178ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:04 GMT
omeda.css
www.cutimes.com/assets/master-template/css/market-css/ 		2 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/market-css/omeda.css?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7625b0eda49a7554cccfe266fbf8476055ac4bcfd1dcadfaeab461b0249e4238
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"2282-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63430b8188ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:04 GMT
luminaries.css
www.cutimes.com/assets/master-template/css/market-css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/market-css/luminaries.css?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77d7fbabd50ebc363306dd1c68bf685b831ac5cd7c189ed2a0b29f3d0b5a5c36
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"7047-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63430b8198ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:04 GMT
nav-icon-mini-burger-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		58 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:03 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=2855
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-mini-burger-white.webp"
content-length
58
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"2855-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff6343108728ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:03 GMT
nav-icon-search-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		362 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=3368
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-search-white.webp"
content-length
362
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"3368-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff6343108738ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
social-fb-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		166 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=1222
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="social-fb-white.webp"
content-length
166
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1222-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff6343108778ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
social-tw-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		354 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=1583
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="social-tw-white.webp"
content-length
354
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1583-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff6343108788ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
social-li-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		256 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=1413
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="social-li-white.webp"
content-length
256
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1413-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff63431087a8ff8-FRA
x-vnode
21
expires
Thu, 31 Aug 2023 19:11:04 GMT
nav-icon-sign-in.png
www.cutimes.com/assets/master-template/images/ 		236 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=1322
x-cache
HIT 2
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-sign-in.webp"
content-length
236
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1322-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff63431087c8ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:04 GMT
ALM_Credit_Union_Times_white.png
www.cutimes.com/assets/master-template/images/market-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/ALM_Credit_Union_Times_white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=4365
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="ALM_Credit_Union_Times_white.webp"
content-length
2078
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"4365-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff63431087d8ff8-FRA
x-vnode
27
expires
Thu, 31 Aug 2023 19:11:04 GMT
mini-home-white.png
www.cutimes.com/assets/master-template/images/ 		132 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/mini-home-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f31d2dfc1978d5fe95f0e110bcd134a79a05c8d420e4df70165fe377b3d691c5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=2927
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="mini-home-white.webp"
content-length
132
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"2927-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff63431087f8ff8-FRA
x-vnode
21
expires
Thu, 31 Aug 2023 19:11:04 GMT
reprints-permission.png
www.cutimes.com/assets/master-template/images/ 		378 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/reprints-permission.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04bcbf22aed03a8ea72525562e6a2c181a6781c856bf5208f4399a98cf54f02f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=2435
x-cache
HIT 2
backend
templates_newlaw_director
content-disposition
inline; filename="reprints-permission.webp"
content-length
378
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"2435-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff6343108828ff8-FRA
x-vnode
21
expires
Thu, 31 Aug 2023 19:11:04 GMT
account-hacked-e1556042539566.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/04/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2019/04/account-hacked-e1556042539566.jpg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa8211790c5e7d1d331736c393cce99a527b011528c8c584bef0bc564b7a80f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
MISS
x-cache
MISS
backend
contribsreimg_prod_director
content-length
39757
last-modified
Tue, 23 Apr 2019 18:02:19 GMT
server
cloudflare
etag
"611c2b-9b4d-5873662cf8b4c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7ff63431289d8ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
styles.css
www.cutimes.com/assets/multishared/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/multishared/css/styles.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49d90c0bc600472597b63efba08cf2f84214cb16b7f3df6487fe4a4b32c4bb3c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:03 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
HIT
age
11077
cf-polished
origSize=18019
x-cache
HIT 2
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
minify
server
cloudflare
etag
W/"18019-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63431086b8ff8-FRA
x-vnode
27
expires
Thu, 31 Aug 2023 19:11:03 GMT
email-decode.min.js
www.cutimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Aug 2023 13:09:20 GMT
server
cloudflare
etag
W/"64e60500-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7ff6343108708ff8-FRA
expires
Sat, 02 Sep 2023 15:11:03 GMT
moatheader.js
z.moatads.com/almheader466656885399/ 		0
90 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almheader466656885399/moatheader.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 10:30:36 GMT
server
AmazonS3
x-amz-request-id
GV0F986D03J7MQ2Y
etag
"e5c5104e700709844231061c085b6b5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=32183
accept-ranges
bytes
content-length
92163
x-amz-id-2
50h8SQgTDLPUJJC91UBJBOHDnwBH3nU91ORWr3RetE8CnLtCBbdDaTCnOX79v9O3kMgk2AVkNISwoBrTNisKRmJp79hZqpZb
qkq4rhw.css
use.typekit.net/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qkq4rhw.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 31 Aug 2023 15:11:03 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
906
bootstrap-master-template.min.css
www.cutimes.com/assets/master-template/css/release/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:03 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
HIT
age
11077
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"107730-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff6343108838ff8-FRA
x-vnode
21
expires
Thu, 31 Aug 2023 19:11:03 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qkq4rhw&ht=tk&f=139.169.175.5474.25136.14541.14546.14548&a=702529&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
last-modified
Fri, 14 Jul 2023 12:44:32 GMT
server
nginx
etag
"64b14330-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
hash-0.png
www.cutimes.com/assets/master-template/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/hash-0.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9deee22321901c58c6baa27ad470951c2eff83eb98baa4e7f4d681e4d2905c54
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=22074
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="hash-0.webp"
content-length
6550
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"22074-1693417032000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff634341c458ff8-FRA
x-vnode
21
expires
Thu, 31 Aug 2023 19:11:04 GMT
CU_Times_Career_Center_Banner_ad_300x250.jpg
imageserver.amlaw.com/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageserver.amlaw.com/images/CU_Times_Career_Center_Banner_ad_300x250.jpg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ffd206df712f0040df33bbe4b7370847881beaaf156dbf7a67a422152c9224ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Wed, 17 May 2023 13:09:42 GMT
server
cloudflare
etag
"1b4547d8c088d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7ff634345a3a362a-FRA
content-length
34323
expires
Thu, 31 Aug 2023 19:11:04 GMT
CUTimes-300x250px.jpg
imageserver.amlaw.com/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageserver.amlaw.com/images/CUTimes-300x250px.jpg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
88270e4eb75a854c6d013630f78952e5662a30fdf804fe44241ecd9dcdb243a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Tue, 28 Feb 2023 14:55:34 GMT
server
cloudflare
etag
"bc7222b6844bd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7ff634345a3c362a-FRA
content-length
36042
expires
Thu, 31 Aug 2023 19:11:04 GMT
l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
server
nginx
etag
"fa20d38ca87af1153085d9146b698f2bb93b7223"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18468
l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
server
nginx
etag
"0373618e2db17cca6330e4b11556968310f08eb7"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33856
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32688
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
server
nginx
etag
"a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33660
l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
server
nginx
etag
"474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32384
l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
server
nginx
etag
"5cf72d8979177145b3e27e04c6afd6f60bee7a35"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19288
l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-08-31-11
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
server
nginx
etag
"70dc2d1e85f8b46c0851a31b57494c0bdb743209"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19412
fontawesome-webfont.woff2
www.cutimes.com/assets/master-template/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
HIT
age
131901
x-cache
MISS
backend
templates_newlaw_director
content-length
77160
last-modified
Thu, 24 Aug 2023 15:16:16 GMT
server
cloudflare
etag
W/"77160-1692890176000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff634341c648ff8-FRA
x-vnode
28
expires
Thu, 07 Sep 2023 15:11:04 GMT
bootstrap-master.min.js
www.cutimes.com/assets/master-template/js/release/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/bootstrap-master.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c25aad21e410b837b04e08e1bb2f54ef9887585cd46a894c8fc00e8e2dcb45a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
HIT
age
11077
x-cache
HIT 2
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"25286-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434dd408ff8-FRA
x-vnode
21
expires
Thu, 31 Aug 2023 19:11:04 GMT
sponsorships.js
www.cutimes.com/assets/multishared/js/ 		1 KB
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/multishared/js/sponsorships.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"1454-1693417032000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434dd458ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
jquery.history.js
www.cutimes.com/assets/js/core/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/js/core/jquery.history.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"21571-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434dd468ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3594982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6464
last-modified
Thu, 22 Jun 2023 11:21:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942ebd-1940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAIRYxsj7Ie34SP2%2BPA2af76KSoeC46LsxB54BH1nv5DmNLP2t8F9hy57k4iE%2B3PlGIeiPQOqKI6gxhGSl1WYsN9CXGda4N19B7EmJFOmXy3izcJcWSy6BxBUchONr4h5V2J6o6snYh7LsiU%2Bt8UawyY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ff634352b9030cf-FRA
expires
Tue, 20 Aug 2024 15:11:04 GMT
jquery.touchSwipe.js
www.cutimes.com/assets/js/core/ 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/js/core/jquery.touchSwipe.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"67916-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434dd478ff8-FRA
x-vnode
27
expires
Thu, 31 Aug 2023 19:11:04 GMT
tealium.js
www.cutimes.com/assets/master-template/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/tealium.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cc1ae951839c9630aad94142f6632c437aff325b6581fb0da2e32a1abd1db1e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"4833-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434ed4a8ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:04 GMT
overlayForm.js
store.law.com/Registration/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.law.com/Registration/js/overlayForm.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.226.84.37 Manchester, United States, ASN16524 (METTEL, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / Server #1
Resource Hash
30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 14:59:45 GMT
Via
NS-CACHE-10.0: 56
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 30 Aug 2023 21:15:35 GMT
Server
Microsoft-IIS/8.5
Age
762
ETag
"80f5ba1d87dbd91:0"
X-Powered-By
Server #1
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900,public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3647
common.min.js
www.cutimes.com/assets/master-template/js/release/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/common.min.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"54571-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434ed4b8ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:04 GMT
luminaries-rmr-tab.js
www.cutimes.com/assets/master-template/js/sbm/ 		3 KB
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/sbm/luminaries-rmr-tab.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1464e33b6ab1590344b0611e1cceb0b144a2f53333b81b3000dc019c69f0c8c8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"2698-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434ed4c8ff8-FRA
x-vnode
27
expires
Thu, 31 Aug 2023 19:11:04 GMT
omeda.js
www.cutimes.com/assets/master-template/js/ 		504 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/omeda.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ff2d68ce2d644201644869d71b53fece002f8e4e8b0c85a18a177ec53d1498
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"504-1693417032000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434ed528ff8-FRA
x-vnode
27
expires
Thu, 31 Aug 2023 19:11:04 GMT
olytics_dfp.js
www.cutimes.com/assets/master-template/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/olytics_dfp.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242f7a4cf3f1ca8be2a2fc2f5c2bdc24c51ac07076718f07763b20a1f7d0931c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"5676-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434ed538ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:04 GMT
hide-article-image.js
www.cutimes.com/assets/sites/sbm/js/ 		731 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/sites/sbm/js/hide-article-image.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4fb2954bc2129533ffd10d39909549ad56a10907252158460e91642a8066221
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"731-1693417032000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434ed568ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
jquery.stickit.min.js
www.cutimes.com/assets/master-template/js/release/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/jquery.stickit.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aff5614a231508d127ef71ee9cfeb2a3d24a42ae8aff6dd09305a822b480f1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
HIT
age
11077
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"9949-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434fd638ff8-FRA
x-vnode
27
expires
Thu, 31 Aug 2023 19:11:04 GMT
article-share-tools.js
www.cutimes.com/assets/master-template/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/article-share-tools.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e018091a55ef9c6468213d7ce4d295a1dad2c1454cf6986e226b79ba1db6d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"11798-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434fd668ff8-FRA
x-vnode
28
expires
Thu, 31 Aug 2023 19:11:04 GMT
master-article-functions.js
www.cutimes.com/assets/master-template/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/master-article-functions.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34377483ff3aa917edd6efc5adef60b169de3b576b2dce9627b22f0392059b7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"14150-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434fd688ff8-FRA
x-vnode
27
expires
Thu, 31 Aug 2023 19:11:04 GMT
lazyloadXT.min.js
www.cutimes.com/assets/master-template/js/release/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
HIT
age
11077
x-cache
HIT 1
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"2937-1693417032000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434fd698ff8-FRA
x-vnode
145
expires
Thu, 31 Aug 2023 19:11:04 GMT
moatheader.js
z.moatads.com/almheader466656885399/ 		259 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almheader466656885399/moatheader.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
628d06478f26d9090233c553a254ecc0b11b868ce0aea5ed61e3fc687db037b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 10:30:36 GMT
server
AmazonS3
x-amz-request-id
GV0F986D03J7MQ2Y
etag
"e5c5104e700709844231061c085b6b5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=32183
accept-ranges
bytes
content-length
92163
x-amz-id-2
50h8SQgTDLPUJJC91UBJBOHDnwBH3nU91ORWr3RetE8CnLtCBbdDaTCnOX79v9O3kMgk2AVkNISwoBrTNisKRmJp79hZqpZb
hbyb.js
cdn.yourbow.com/alm/cutimes/ 		372 KB
373 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.141.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
151.141.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
94bd8b828002f39cf37f40e1e740b4b6ce321465ba9f01c1cbb0100ce9a6736f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
age
0
x-guploader-uploadid
ADPycdvHosgNBHnWmoj0L6ZT0PPmOtEa00LCsArD_jNJLPO9VbEC0e-6WGMxRDvAvxS3zwrkDvwjAj-zoFYBBAWomaYVig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
381396
last-modified
Fri, 30 Jun 2023 21:42:05 GMT
server
UploadServer
etag
"f600533caf983ce4d076a838d4762e10"
x-goog-generation
1688161325754108
x-goog-hash
crc32c=ciPV9g==, md5=9gBTPK+YPOTQdqg41HYuEA==
content-type
text/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
381396
accept-ranges
bytes
bombora-rtvi.js
www.cutimes.com/assets/master-template/js/ 		1001 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2023-08-31-11
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
via
NS-CACHE-10.0: 56
content-encoding
br
cf-cache-status
MISS
x-cache
MISS
backend
templates_newlaw_director
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"1001-1693417032000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7ff63434fd6b8ff8-FRA
x-vnode
27
expires
Thu, 31 Aug 2023 19:11:04 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8710081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3592
last-modified
Thu, 25 Jun 2020 01:22:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ef3fc71-2b0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0h3ibq2ytNd3b9pgWxsT5JUI2phkgDu3B3B%2B5PYNQ3E63X64%2BVI0oymkieU%2FNYD8nNPC0qG219uBO3wd3rY4pl90zIztRIIqhz0xFP8JMTmyP3LPC%2Fz2bTwimy0WAA%2B7zW7FhGHlesfE%2BOKNTzaIzS8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ff634352b9230cf-FRA
expires
Tue, 20 Aug 2024 15:11:04 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6271452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xU6O2Gd95enSy16A5devQCXBv6Q1RxHzi%2BFJ7PIL5bxyDw8biXweE2Pn89AjYM4dbMQxmEVivOUANkSIhX2UwgSWd%2FTgsNXKD%2F0MTlSTBrav43gqfQ3aQ2H%2FQVZSkbbeBYvFIaNLMoIeSMMCRROjh9MP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ff634352b9430cf-FRA
expires
Tue, 20 Aug 2024 15:11:04 GMT
/
users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/ 		0
0
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Aug 2024 14:18:58 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 31 Aug 2023 15:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 13:48:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Aug 2023 15:11:04 GMT
get
vi.ml314.com/ 		1 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vi.ml314.com/get?eid=80951&tk=GfRuA1kFT83xUQHkDF2f342bL3qo62byam2QEUWYmUPbh03d&fp=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
135.104.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
6e39ce1bfee0dce0a9fe34948f2d048f7dce1c03eea8ee4fd23e612769f16f48
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
via
1.1 google
date
Thu, 31 Aug 2023 15:11:04 GMT
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript
cache-control
private,max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apstag.js
c.amazon-adsystem.com/aax2/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:45:46 GMT
content-encoding
gzip
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 18:15:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
1518
x-amz-server-side-encryption
AES256
etag
W/"bfd42dc650471371e7b049251fcaca58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
hWQDNBm-5TXAyU-BdN0OQOi-gvhFfvqn09fQIO8vkmrdXzwRH2ygYg==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 06:04:28 GMT
x-content-type-options
nosniff
age
464796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 06:04:28 GMT
olytics.min.js
olytics.omeda.com/olytics/js/v3/p/ 		250 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/olytics_dfp.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
592cc96e00ffc2fbc2c57982576d5cfe2fab672ba23e21d9a7859726c32af87b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 12:55:03 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
8162
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 09 Aug 2023 16:01:30 GMT
server
Apache
etag
W/"256392-1691596890000"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-id
YhUCMpoNpIrDQgSbg-9_1XY9fK4yJkL72refY-t_kTRJOK56vhFbiA==
expires
Sat, 26 Aug 2023 00:54:43 GMT
v2
mb.moatads.com/yi/ 		216 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3MGfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-2krPtvcVxBSdPA%3D%3D&sc=1&os=1-pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pcode=almheader466656885399&rx=878891491751&callback=MoatNadoAllJsonpRequest_21805362
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
f841af768419ab81c56c7c92c43c96325b61bb104226e84279ebdad7088fcb67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
server
istio-envoy
etag
"a7ef2ae9ff03e61134ac6365c0dceb8d9b20081e"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
19
timing-allow-origin
*
content-length
216
n.js
mb.moatads.com/ 		86 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3MGfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-2krPtvcVxBSdPA%3D%3D&sc=1&os=1-pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=ALM_HEADER1&hp=1&wf=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1693494664934&de=700872003922&rx=878891491751&m=0&ar=45436f5f584-clean&iw=3dabe82&q=1&cb=0&cu=1693494664934&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=true&la=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2872%3A2872%3A3183%3A2889&fs=205170&na=1454398258&cs=0&callback=MoatDataJsonpRequest_21805362
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9fd0c51d2ad92a8cba6bc510ad389f76a05256fa478137276706fcee7acfc83d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
server
istio-envoy
etag
"47a4a7976e082a997a50508130b7d0bed33ef0ac"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
6
timing-allow-origin
*
content-length
86
iframe.html
z.moatads.com/hd09824092/ Frame E781 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=1113
content-length
1374
content-type
text/html
date
Thu, 31 Aug 2023 15:11:05 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id
7Y2H1YDSCY2G4ZCG
utag.js
tags.tiqcdn.com/utag/alm/main/prod/ 		126 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca5754e3e16907d01b9ca80435910a12f9a2ad4476a12666736ef174f7b94ec1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
a6553JviDJ7UzqnCtki32l4NLwtQ4.vY
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:09:42 GMT
last-modified
Fri, 04 Aug 2023 17:08:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
85
x-amz-server-side-encryption
AES256
etag
W/"a75bb47acdc444f91cd627f4a4a3bb0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
3vy4uXEIEdzO6ocBvuy3RWAQa29__k4T8B9IrG50QCKhOGqzSL4c8w==
smart_cutimes.epl
www.dianomi.com/ Frame 64FF 		812 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02de0aa119a272fecb441428c9e732cdd9dd9645af36686e301da7359bb15a4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7ff63438cd659b2b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Aug 2023 15:11:05 GMT
expires
now
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
smart_cutimes.epl
www.dianomi.com/ Frame 1A10 		812 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ca573db02e2bf8f6c42f62eb321e2337634944d4f369fbbd53ee2d7e8ff471
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7ff63438cd679b2b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Aug 2023 15:11:05 GMT
expires
now
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
s.dpmsrv.com/ 		354 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-16.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12c2459d1782f58fd53e51f6e0b8e14851581867b93a11a4553bff90aa58d801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 19:10:39 GMT
Content-Encoding
gzip
Via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Aug 2023 19:10:13 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
Age
72031
x-amz-server-side-encryption
AES256
ETag
"9724f3b1e6e67c92ae531751a6be5c42"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29437
X-Amz-Cf-Id
ACO0CawfvqrCbH87H2PaFF5nLR59awrZb1FpPTSssyMgkYzyBCXlYA==
/
users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/ 		539 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c30f14538e5a210d3eac3c0af05e64f2bf49d109bbdf9136c7cc40a80da6b49c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
x-powered-by
Express
etag
W/"86c89-bghYSMUFf72m+P+MT2AtwIn+w70"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7ff634388e011c3c-FRA
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.cutimes.com&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d9185c606398d40a48d24ef32c1c7ab20c472390b5ed9daa2e190c9b2eaba492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 10:07:40 GMT
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
18205
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1112
x-amz-cf-id
OnGQL6Sch8Q1B61ws9ZGwzqX_2nUADa7mpBQZU9VatqYmpnVwkYpfA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 10:46:09 GMT
x-amz-cf-pop
FRA56-P3
age
15897
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
1uBbobwVj-fmGk0V3ZfHdbxN9kKK06MbFyjJrPOVhCH7s8oOXw9uOg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.48.210 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-48-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 31 Aug 2023 15:26:05 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.48.210 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-48-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Thu, 31 Aug 2023 15:26:05 GMT
olytics
oqs.omeda.com/oqs/rest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Headers
Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Thu, 31 Aug 2023 15:11:05 GMT
Keep-Alive
timeout=5
Server
Apache
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51004
x-xss-protection
0
server
cafe
etag
7216767281800698236
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 15:11:05 GMT
olytics
oqs.omeda.com/oqs/rest/ 		15 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 31 Aug 2023 15:11:06 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
15
X-XSS-Protection
1; mode=block
552e3030-5965-465d-8b9b-c0a67e51339c
cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/ 		25 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/552e3030-5965-465d-8b9b-c0a67e51339c
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 15:11:05 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
25
X-XSS-Protection
1; mode=block
utag.119.js
tags.tiqcdn.com/utag/alm/main/prod/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202305251732
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a301f751b675efdaabc1e9b3b1bd9b29b9a36fdbdb0c49cdcffd0119642f4f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
Xrjz4ub5l9HuBjGn2PlcUigIsC.lfrDI
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:10:49 GMT
last-modified
Fri, 04 Aug 2023 17:08:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
17
x-amz-server-side-encryption
AES256
etag
W/"ca84cb2a9e08bf0f5b243231891612ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
lM37ZVgbpz45nzwCgZ_KsUdj8a8SeZTCc-eJfAF3dyWp02Z2lc_zLA==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1693494665187
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1693494665187
362 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1693494665187
Protocol
HTTP/1.1
Server
52.211.144.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-144-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
32bded0620995eb1ddf9381739007b25a49a026189d4df94380fb8ca9414c479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-08f12a28d.edge-irl1.demdex.com 11 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
kVW6aRl4Tko=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.cutimes.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
304
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v050-09fd9db29.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
nxLx2LMuS9U=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.cutimes.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1693494665187
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.26.js
tags.tiqcdn.com/utag/alm/main/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202103192340
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a9409188917e000413cd20b03fe2d04dc6669c1292510aaf40f6910d2258689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
Eb5wCYsilW1kJHabn_VA0YX96TeBJxew
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:11:06 GMT
last-modified
Fri, 04 Aug 2023 17:08:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"75bc0669772a2117b758a473ac6d21df"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
IyMC-OzZPzfG-R6vQ_NqhEfdpHzkivtuKjQBJ56yvhjPeF126wL_cA==
utag.131.js
tags.tiqcdn.com/utag/alm/main/prod/ 		84 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.131.js?utv=ut4.49.202308022148
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd03155fe2d248a395afcf266f3d92f447f75d38c5b842d921ef5fd9bfcb38c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
Udu0_vjLVuU6oSYHtKgge7XWeXZ7v7sB
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:09:42 GMT
last-modified
Fri, 04 Aug 2023 17:08:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
134
x-amz-server-side-encryption
AES256
etag
W/"8c12d9903dd545cc8ba2a28e2e96db68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
XKOOnBkLLdahRGDmPZ-j59oyVcrHh_jSveIt4ExQ5psILe4wAKiLNQ==
utag.115.js
tags.tiqcdn.com/utag/alm/main/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.115.js?utv=ut4.49.202006181642
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf67ca53d5fad1f739194df54982a7dbaf4d098633bf7958f6b3398d88234345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
vICaWAYjk7i89f864dGwBTsVv8WwV9yM
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:07:49 GMT
last-modified
Fri, 04 Aug 2023 17:08:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
197
x-amz-server-side-encryption
AES256
etag
W/"3783efb5ef5361cb5f233c195388bb1d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ii6tMs0g8an0SFHnAgm7rd8TGje3mssCeAbkcQup7zHM8Q6Db4eTtA==
utag.116.js
tags.tiqcdn.com/utag/alm/main/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.116.js?utv=ut4.49.202006181642
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d70ea618644c1a799fbec5d8749ab5f96d3eac585a4647a0bc3147fc9e7f846c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
UDFkDrH1H8HfM2OPTRs4YJuX9mc7MVG_
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:08:44 GMT
last-modified
Fri, 04 Aug 2023 17:08:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
142
x-amz-server-side-encryption
AES256
etag
W/"180d1ac5b21e3afcade17c2eaa0458aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
KyPDgRBU3nXqc-TjOsTL1u9IYuN2DO5TrSPpKTBBh7zm8TASv29BRA==
utag.91.js
tags.tiqcdn.com/utag/alm/main/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.91.js?utv=ut4.49.202208181401
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f8af11be9101582f8a3f124d89a76aff790297722ae9612baa333cbc974c065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
7qewUdIC7RkTM.i_ynVvBKzGsKaEEqoT
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:11:06 GMT
last-modified
Fri, 04 Aug 2023 17:08:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"61eb48d5ba8ee06b5dba629841e2e69d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
V6jjTjLiZmRgt0TbLFXBzYCFG65w3uduj_B4qwsA2Fweg7SS6WEe1Q==
utag.110.js
tags.tiqcdn.com/utag/alm/main/prod/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.49.202212130031
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2399391e7c44209c0212e6590bcc642783307226dae98884c32d7f50d9b849ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
e30JiUmazQTCtWMFEQmMpc8MxQjPC96B
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:10:25 GMT
last-modified
Fri, 04 Aug 2023 17:08:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
41
x-amz-server-side-encryption
AES256
etag
W/"a45a19ac3453fe0ad7eb32cf7b52c543"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
hJ26sxg7GXNDtvWsT7bHgGgOUvLRuk5ICg1LKzg_SL8Uzmi3Ro1yRQ==
utag.112.js
tags.tiqcdn.com/utag/alm/main/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.49.202208041434
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e5ab9401078ea871e58750237e868bef4999b7d0271e9510ef15761aea2f71f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
USxyA.uWUsG1kIjEA5wyOyMC8R.clgXt
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:10:25 GMT
last-modified
Fri, 04 Aug 2023 17:08:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
41
x-amz-server-side-encryption
AES256
etag
W/"f6aa5d4761ed201ab65a8c6765c87e4c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
NLAsrwQ-MUC03Xgp1bNiGpUm6y4VRTXyMEu-gqomh9DoMC1OtHl0yg==
utag.133.js
tags.tiqcdn.com/utag/alm/main/prod/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.133.js?utv=ut4.49.202306261948
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33d0f3acffdcb58f31ac161da1a4b22762c67da71f8d832a1259d1d6347e42d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
.5JxR2wBeLGRfL3wbJjSgHEc3pfRF0b0
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:11:06 GMT
last-modified
Fri, 04 Aug 2023 17:08:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"e43fd9145fc03dc2bfe9b13b522666a3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
d9Zrct68ffJOcrhxRy8-LCIwI80e0k86Viqq_p40Nfk0rFbTYk3WGg==
utag.97.js
tags.tiqcdn.com/utag/alm/main/prod/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e7193fe2e8990e8696dfd5f5180bff5907e515004d9efaec52e78dc39d35b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
jiU4BTwQ8ZktKQyUswjJ5VSU2LocQVmM
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:09:42 GMT
last-modified
Fri, 04 Aug 2023 17:08:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
84
x-amz-server-side-encryption
AES256
etag
W/"a78a454d58c5b69c1a0b3a4a2122ec9f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
SEUeWRlhugTXojnfiz4ufUEGMokQfY4gEHYv14uQ-RCgsuiZPVnSZw==
utag.127.js
tags.tiqcdn.com/utag/alm/main/prod/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.127.js?utv=ut4.49.202302070009
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8194cc3d62b0028d3d0c73c9d0863895fa17a50583ab6c7e39e6b8cc4f35a26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
iIYv.WXM.7xIWe3D0qZdOTZ7xwx3Dimf
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 15:11:06 GMT
last-modified
Fri, 04 Aug 2023 17:08:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"a081406872495a95b94c6d8890b71155"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
RxaGmrbUW7TwZweBBSaaUdPQ6ZyNbGxE3LaHqSuDNf1BZlADdX24vA==
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D14975%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fw...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%2...
  • https://a.dpmsrv.com/dpmpxl/index.php?id=8978697940937170856&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=14975&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exp...
248 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?id=8978697940937170856&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=14975&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Protocol
HTTP/1.1
Server
54.166.243.20 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-243-20.compute-1.amazonaws.com
Software
/
Resource Hash
d005cf5ee225361ff1c1eeba6e356f260381602e2b21f48e5d5864952bad535a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
220
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:05 GMT
an-x-request-uuid
539609e4-deb1-426b-b3eb-ce05a6816885
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://a.dpmsrv.com/dpmpxl/index.php?id=8978697940937170856&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=14975&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tcfredirector.js
www.dianomi.com/js/contextfeed/ Frame 64FF 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/tcfredirector.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846329f1d649d53f198402f1cff564c37202641788a49726cfca2db3f4a6970a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
58
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Wed, 23 Aug 2023 14:42:52 GMT
server
cloudflare
etag
W/"c42a-60398204efe00"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ff63439ce909b2b-FRA
expires
Thu, 31 Aug 2023 15:13:05 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.48.210 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-48-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Thu, 31 Aug 2023 15:26:05 GMT
tcfredirector.js
www.dianomi.com/js/contextfeed/ Frame 1A10 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/tcfredirector.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846329f1d649d53f198402f1cff564c37202641788a49726cfca2db3f4a6970a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
58
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Wed, 23 Aug 2023 14:42:52 GMT
server
cloudflare
etag
W/"c42a-60398204efe00"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ff63439ce919b2b-FRA
expires
Thu, 31 Aug 2023 15:13:05 GMT
olytics.css
olytics.omeda.com/olytics/css/v3/p/ 		28 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/css/v3/p/olytics.css
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202305251732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 10:19:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
17507
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 27 Aug 2021 04:05:28 GMT
server
Apache
etag
W/"28820-1630037128000"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-id
vllChOObaqepk_fkbk0d1rJ8eNE52l8Uv5ryytkNGmBt2zY_OB5bxw==
expires
Sat, 12 Aug 2023 10:18:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202305251732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6252f5806c6e77681f600fe3a70d56824556525956c5192908adc4b708225fdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
cafe
etag
803 / 19600 / m202308240101 / config-hash: 511729982952978637
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 15:11:05 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28936
x-xss-protection
0
server
cafe
etag
851 / 19600 / m202308240101 / config-hash: 511729982952978637
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 15:11:05 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:05:57 GMT
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
309
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
qyx-Ejz1XB5JSx0p_4U49h3Sr0JCd5BjJ9Yww9o1Ckd9FiB5AVyCoQ==
tag.aspx
ml314.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?317
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:52:29 GMT
content-encoding
br
age
1116
x-guploader-uploadid
ADPycdvLspM60O93CGkmj12DaRa2WSYkW6Md3yjM71B6zjxNNCdONFAAljtXJF2kCkqgLNnGFO-mNqCZwmw0Faao62rP-2rYGlDj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10518
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
FRA-1209ea83
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-826604080
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06794b9794373c30562d99b864881567f23987ab2ac3754bad3e08a128852b95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69578
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 31 Aug 2023 15:11:05 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230031-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
292f853f9ef0e448c5536987fe87197f401bafcde3e0857e17de1f0676f5b2eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Aug 2023 18:41:20 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
content-type
application/javascript;charset=utf-8
cache-control
max-age=12637
accept-ranges
bytes
content-length
1046
utsync.ashx
ml314.com/ 		62 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pv=1693494665343_ion402evg&bl=en-us&cb=6224647&return=&ht=&d=&dc=&si=1693494665343_ion402evg&cid=News%7CCybersecurity%20and%20Privacy&s=1600x1200&rp=&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:04 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
expires
0
adsct
t.co/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=f99a0058-a9cd-4fd7-a9b3-1affb1c5ff95&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=86c91024-74f8-4210-9ccb-d46ade47f00d&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time
145
date
Thu, 31 Aug 2023 15:11:05 GMT
strict-transport-security
max-age=0
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
52c1fda7e7e9fbed
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
003e14345d89700d5c685d111ccbd9e73d971843f3fc6fe38161d21ab7c553c1
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f99a0058-a9cd-4fd7-a9b3-1affb1c5ff95&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=86c91024-74f8-4210-9ccb-d46ade47f00d&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time
96
date
Thu, 31 Aug 2023 15:11:05 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
187ac2198c098f96
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
93edc38dc60613cd7bbf04eda6b4c0f23df5a11bd25fb2a85e24ace1c7b2e237
content-length
43
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Thu, 31 Aug 2023 15:41:06 GMT
pageview
api.sail-track.com/v1/track/event/ 		120 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.218.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash
6cddf74bf3385131e4c86560dc82a9805b1feff23ff72b1b4ba374c4638db07c

Request headers

Accept
application/json
Referer
https://www.cutimes.com/
X-Lib-Version
v1.0.1
accept-language
de-DE,de;q=0.9
Authorization
Bearer 2ade0f4fc48d975844a60d5bcb4e9650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
allowedorigins
*
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
120
initialize
api.sail-personalize.com/v1/personalize/ 		91 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Dpromo&page=utm_campaign%3Dtech_hub&page=utm_content%3D072023&page=utm_term%3Dcut&page=slreturn%3D20230731111102&userIdKey=hid&userIdValue=0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
3ab137553e67ba2075dcfe54d3f10cfa9606873f55190f85b41227dfa34657fd

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer 2ade0f4fc48d975844a60d5bcb4e9650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.cutimes.com/
x-referring-url
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
91
pageview
api.sail-track.com/v1/track/event/ 		120 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.218.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash
729189f79c7f0978b3f376ee4b58cbfd6fae04b3b9eb9779105d3eceeeddecd8

Request headers

Accept
application/json
Referer
https://www.cutimes.com/
X-Lib-Version
v1.0.1
accept-language
de-DE,de;q=0.9
Authorization
Bearer bbe35466469593b785eef4ab32700018
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
allowedorigins
*
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
120
initialize
api.sail-personalize.com/v1/personalize/ 		91 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=2&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Dpromo&page=utm_campaign%3Dtech_hub&page=utm_content%3D072023&page=utm_term%3Dcut&page=slreturn%3D20230731111102&userIdKey=hid&userIdValue=0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
8c9a66917c90d7bc4fa572a79659bf85ac4a9a4a7063f99e694b2ae9a6d38b02

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer bbe35466469593b785eef4ab32700018
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.cutimes.com/
x-referring-url
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
91
dest5.html
alm.demdex.net/ Frame 16F2 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alm.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.109.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-109-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v050-08fbac455.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
xCsqT/1JQcs=
content-encoding
gzip
date
Thu, 31 Aug 2023 15:11:06 GMT
last-modified
Wed, 28 Jun 2023 13:20:50 GMT
vary
accept-encoding
id
b.law.com/ 		48 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.law.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=06562787136986332193068710037860455840&ts=1693494665496
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
a0a2301e6507a54260374c1bb20691065a2282b213937e42db2f0cd574cf828f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZPCtigAAAL4cuQNx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=05301471796765840032654550420658920416
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPCtigAAAL4cuQNx
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPCtigAAAL4cuQNx
Protocol
HTTP/1.1
Server
52.211.144.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-144-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-02e2ff31f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
aYTTNY9XQi4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPCtigAAAL4cuQNx
Date
Thu, 31 Aug 2023 15:11:06 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/?random=1693494665513&cv=11&fst=1693494665513&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&hn=www.googleadservices.com&frm=0&tiba=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&did=dYmQxMT&gdid=dYmQxMT&auid=116331800.1693494666&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-826604080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19804186238957ecfca8efddcee6598e15bbc1eebd9bc4a48228524be1ed68b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1502
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 12:14:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=50156
accept-ranges
bytes
content-length
4862
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:18:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
3167
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 30 Aug 2024 14:18:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 31 Aug 2023 15:11:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
GrSvczVjio8YOGDhp6xosrirErcth+au7km/6o4vsF6cGcn0B3g2P0HwUHvbfvWPkLxArArDAQLZ8XZcS4k3Nw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Thu, 31 Aug 2023 05:31:58 GMT
Server
PardotServer
etag
"15f4-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1988
expires
Sat, 30 Aug 2025 15:11:06 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202103192340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 17:21:17 GMT
content-encoding
gzip
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
78589
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
wPysFzh37T8BJ7CMCodsy7-FEEclA39uiplDm8zBwfssTwAIefdJGg==
expires
Thu, 31 Aug 2023 17:21:17 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202308041707&cb=1693494665629
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Thu, 31 Aug 2023 15:04:24 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
401
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
aQ_-KKc1uov-C0QFIIQIeqtdXeqaCPFlyKAhS0ovq6PROACLYYY_7Q==
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 31 Aug 2023 15:11:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7ff634556c899a1d-FRA
content-length
15
main.js
www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/ Frame 5426
Redirect Chain
  • https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Protocol
H2
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a083f86d26e7af8b8bfddeef33186ef6bb315950f0e5f70daf75097d1ec7ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7ff6343faa0f8ff8-FRA

Redirect headers

access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
max-age=300, public
server
cloudflare
cf-ray
7ff6343ed86c8ff8-FRA
vary
accept-encoding
css
fonts.googleapis.com/ 		8 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:09:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Aug 2023 15:11:06 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
/
geoip.alm.com/json/ 		183 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.alm.com/json/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.226.84.37 Manchester, United States, ASN16524 (METTEL, US),
Reverse DNS
Software
/
Resource Hash
ee80cf2fb181d3826ad6b96990477b5f3898ddc06c438eaa0d0f63641f73a3f6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.cutimes.com
Date
Thu, 31 Aug 2023 15:11:06 GMT
Access-Control-Allow-Credentials
true
X-Database-Date
Sat, 26 Aug 2023 08:05:02 GMT
Content-Length
183
Vary
Origin
Content-Type
application/json
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
486363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 00:05:03 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
486363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 00:05:03 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
486363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 00:05:03 GMT
pageview
api.sail-track.com/v1/track/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.218.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 31 Aug 2023 15:11:06 GMT
initialize
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Dpromo&page=utm_campaign%3Dtech_hub&page=utm_content%3D072023&page=utm_term%3Dcut&page=slreturn%3D20230731111102&userIdKey=hid&userIdValue=0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 31 Aug 2023 15:11:06 GMT
pageview
api.sail-track.com/v1/track/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.218.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 31 Aug 2023 15:11:06 GMT
initialize
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=2&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Dpromo&page=utm_campaign%3Dtech_hub&page=utm_content%3D072023&page=utm_term%3Dcut&page=slreturn%3D20230731111102&userIdKey=hid&userIdValue=0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 31 Aug 2023 15:11:06 GMT
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7ff6343f69b59a1d-FRA
date
Thu, 31 Aug 2023 15:11:09 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Access-Control-Request-Headers
x-powered-by
Express
p
cdp.omeda.com/olytics/segments/ 		20 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdp.omeda.com/olytics/segments/p
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 31 Aug 2023 15:11:05 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
20
X-XSS-Protection
1; mode=block
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.48.210 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-48-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Thu, 31 Aug 2023 15:26:06 GMT
p
cdp.omeda.com/olytics/segments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdp.omeda.com/olytics/segments/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Connection
keep-alive
Content-Length
0
Date
Thu, 31 Aug 2023 15:11:06 GMT
Keep-Alive
timeout=5
Server
Apache
vary
access-control-request-method,Access-Control-Request-Headers
s56947423239327
b.law.com/b/ss/almcut,almglobal/1/JS-2.23.0/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.law.com/b/ss/almcut,almglobal/1/JS-2.23.0/s56947423239327?AQB=1&ndh=1&pf=1&t=31%2F7%2F2023%2017%3A11%3A6%204%20-120&sdid=668DD689967EB3F0-1F9943B8FA4F8E54&mid=06562787136986332193068710037860455840&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&cdp=2&pageName=cut%3Ajump%3Aheg45emjfhi&g=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&c.&apl=4.0&getTimeParting=6.3&getPercentPageViewed=5.1&.c&cc=USD&server=cut&v0=promo%3Aemail%3Atech_hub%3A072023%3Acut&events=event4%2Cevent1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=WelcomeWall&v1=D%3Dc1&l1=D%3Dc73&c11=heg45emjfhi&v11=D%3Dc11&c12=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members&v12=D%3Dc12&c14=Natasha%20Chilingerian&v14=D%3Dc14&c15=CUT&v15=D%3Dc15&c16=registered&v16=D%3Dc16&v24=cut&c30=article&v30=D%3Dc30&c31=false&v31=false&c33=jump%3Aregistered&v33=D%3Dc33&v42=year%3D2023%20%7C%20month%3DAugust%20%7C%20date%3D31%20%7C%20day%3DThursday%20%7C%20time%3D11%3A11%20AM&c50=413-196245&v50=413-196245&c51=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members&v51=D%3Dc51&c60=false&v60=false&c61=2023-07-11&v61=D%3Dc61&c62=33&v62=33&c67=DENYFREEWREGNOTLOGGEDIN&v67=D%3Dc67&c70=D%3Dv0&v70=D%3Dv0&c73=News%7CCybersecurity%20and%20Privacy&v73=D%3Dc73&c75=news&v75=news&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 01 Sep 2023 15:11:06 GMT
server
jag
etag
3636752103553728512-4617798290048106095
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 30 Aug 2023 15:11:06 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=cutimes.com&p=%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F&u=Dc2iq4CSddPsmbK5r&d=cutimes.com&g=46802&g0=%7C%7C&g1=Natasha%20Chilingerian&n=1&f=00001&c=0&x=0&m=0&y=4914&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&b=3181&_c=tech_hub&_m=promo&_x=email&_y=072023&_z=cut&t=KpyrvfRANei3i6OFzKpQCbh-kR&V=141&i=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&tz=-120&sn=1&sv=C3YL97Bk_K5cBqCXzb5S49OQyJ9E&sd=1&im=066b2e73&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.152.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-152-189.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
2429680573784973
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2429680573784973?v=2.9.125&r=stable&domain=www.cutimes.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2834b68f83bfbe7ba8d5b8c4c1b5dc0125083a8a0876e56c2534fb86d4aed4be
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 31 Aug 2023 15:11:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ZITekdPOPwsnA2a1deai1iNShqATR5u52gS+fYxKtZrFUUYAorIzKyUszvnXEEcem7TGWDWQh3tvJKdrO5B5bw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/ 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:20:57 GMT
content-encoding
gzip
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
3009
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
QnaXx0w4tt-J4qvmMXHM73NRQnEogSBxjOCjmL-PhVyJR6-hQ2EJ-Q==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1693494666301%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F202...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&cookiesTest=true&liSync=true&e_ipv6=AQJWeY7KQS3BYwAAAYpMJeeNSqiUrn-SyPFg2mHbHLhIJILbQMRpmsFWjjH2oqK46e25bis
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 179D251145B34535836A7387A93B090D Ref B: FRAEDGE1318 Ref C: 2023-08-31T15:11:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEOXQU4tuiQy21svDMxw==

Redirect headers

date
Thu, 31 Aug 2023 15:11:07 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4B0E3E55866D430F9C748E6598645856 Ref B: FRAEDGE1211 Ref C: 2023-08-31T15:11:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1693494666301&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&cookiesTest=true&liSync=true&e_ipv6=AQJWeY7KQS3BYwAAAYpMJeeNSqiUrn-SyPFg2mHbHLhIJILbQMRpmsFWjjH2oqK46e25bis
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEOXQQXzBies5Jg+GZWA==
7ff6342c2a8b8ff8
www.cutimes.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5426 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/jsd/r/7ff6342c2a8b8ff8
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
server
cloudflare
cf-ray
7ff634419c6b8ff8-FRA
content-type
text/plain; charset=UTF-8
/
www.google.com/pagead/1p-user-list/826604080/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/826604080/?random=1693494665513&cv=11&fst=1693494000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&frm=0&tiba=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2460082904&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/826604080/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/826604080/?random=1693494665513&cv=11&fst=1693494000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&frm=0&tiba=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2460082904&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=70855&account_id=998701&title=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&referrer=&utm_campaign=tech_hub&utm_medium=promo&utm_source=email&utm_content=072023&utm_term=cut
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
fcb97f7551038f7d502061b27f07bdc5725d7f7fc86f89614714110d07435aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
531
expires
Thu, 19 Nov 1981 08:52:00 GMT
menu-close-btn.png
www.cutimes.com/assets/master-template/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/menu-close-btn.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b311e412a9c417d2f590bb6df0767d4027bb82246ab38be83639e1cde87ac0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
via
NS-CACHE-10.0: 56
cf-cache-status
EXPIRED
x-cache
MISS
backend
templates_newlaw_director
content-length
3321
last-modified
Wed, 30 Aug 2023 17:37:12 GMT
server
cloudflare
etag
W/"3321-1693417032000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff63441ecbd8ff8-FRA
x-vnode
27
expires
Thu, 31 Aug 2023 19:11:06 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pid=PbcjfXUaBo51z&cb=0&ws=1600x1200&v=23.821.1806&t=900&slots=%5B%7B%22sd%22%3A%22gpt-top%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
2C9EAXXXDC7M88AJQ1ST
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
_QxoxqNhDk5G3NsSlYqCNeDI6w410HvuyiBIS8rKC82OayJ_QX7DFA==
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		360 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5a5ebe3f7b84fbf0530acf79443b9022980ec6ae2cfa29cbb844676cb043c6d3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
an-x-request-uuid
147b3f30-c8c9-48f0-b8ad-c259f6affda7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
360
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6386816772688175&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%...
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250...
232 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
79d6921d497fe84166b05cc6cda52967e6d6e9ae08605208048dd5e1c016d5fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Thu, 31 Aug 2023 15:11:07 GMT
date
Thu, 31 Aug 2023 15:11:07 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
232
x-sid
AMS-937

Redirect headers

date
Thu, 31 Aug 2023 15:11:06 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
access-control-allow-origin
https://www.cutimes.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-937
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		94 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b218592179f2d85c0572dfc823915f0d460fa4aa4fb79e3af57c839c6af22d7b

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 31 Aug 2023 15:11:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=26abaec954b8f9d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.10793904975216062
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5ca43f1ee8aecd5c06a14b8837dbd65004478a1aae8b2d277e5117f9ce8be3b1

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		567 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=273d473d3c2f24a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.731057669291248
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d494c22b41480f3e783389dc371319a94ac25bcc5ab8dc08472ef5b5bfeda7de

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
567
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		567 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=28f09372ccf59bb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.537365098061731
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9b17b0fb29b28acb9c628a8f363ef5a57b47b4818c70b9932fa388ec5e9d65b4

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
567
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
19cd34075de9465d3287b99d7a4161dd5163da3f2b522d668a01cd2718069815

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 31 Aug 2023 15:11:06 GMT
prebid
ib.adnxs.com/ut/v3/ 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e94a5940e9270fc51c2f14984eab62e37bb9a6886e83406913109ec5a8d517d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
an-x-request-uuid
5cdb4cef-2f56-4bd7-830b-37456374cf7e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
361
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3cbc5d690e4bed374489983d5014b45abb2b7ca23996cde29b1acbea65deedd4

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pid=PbcjfXUaBo51z&cb=1&ws=1600x1200&v=23.821.1806&t=900&slots=%5B%7B%22sd%22%3A%22gpt-top1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
CCGYDC8GPH98X6KA3JR7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
sn7xTcsOUidOxdbkPyzUp13KtUrHUQX1loyEUl4yUhgN11BYUT7oJQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pid=PbcjfXUaBo51z&cb=2&ws=1600x1200&v=23.821.1806&t=900&slots=%5B%7B%22sd%22%3A%22gpt-middle%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
QG1PCN6E1K0J7DCFEXYC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Pd3DPBwrrRDhv3LGAgywKdEGOGqlpRzcdFN-iS5kCV0lRpASQ7nXxg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pid=PbcjfXUaBo51z&cb=3&ws=1600x1200&v=23.821.1806&t=900&slots=%5B%7B%22sd%22%3A%22gpt-middle1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
2RC0MFKCCN9N1PSYJDJ6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
8SQYRHSPChWEKKBWdLC9ex2to_cqB_ULCWOIqigOsz4VWmFtZ6xfYw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pid=PbcjfXUaBo51z&cb=4&ws=1600x1200&v=23.821.1806&t=900&slots=%5B%7B%22sd%22%3A%22gpt-footer%22%2C%22s%22%3A%5B%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
G3R6Y1YC1YV26R6MD9R8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
n8FrDBkR9SdG8P2miIr7NfKOU-fA9daogIFYZarmnigHttQuVpDyMQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pid=PbcjfXUaBo51z&cb=5&ws=1600x1200&v=23.821.1806&t=900&slots=%5B%7B%22sd%22%3A%22gpt-super_hero%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
FXTY6W3ZNTB11ZPX013W
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wnOOcU4UXqSkbEok-wngfARle747huxT1SHqvJch0YnC6DjcdfQeEA==
ROS
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6386816772688175&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info...
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-per...
208 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
5d6b69ca2b9754898cc86517363aeac55b52e8712ab9cbf2807aa5cb6f6b847d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Thu, 31 Aug 2023 15:11:07 GMT
date
Thu, 31 Aug 2023 15:11:07 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
208
x-sid
AMS-937

Redirect headers

date
Thu, 31 Aug 2023 15:11:06 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
access-control-allow-origin
https://www.cutimes.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-937
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
5a6820b2676b11f2b87fc4a4558ddf87530ef5e8f483fb9e533f6ea1d7942260

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		140 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3f5be67f95c28cdef0ff1898f436c86e6f0ae8c531bd3dce6796491e869c1010
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
an-x-request-uuid
898a6723-86f1-43c9-b7a8-a3a4767dfa23
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		545 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=205370323a369ff2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.7507316483366766
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d2db91fcbb373af9d2ad04318eba6a4235ac07eb0b16a4dff38c7c67a73abfb8

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
545
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9e373ead22e054ea4f318e38634ebfd5a1854ca4433d289eb84c6419b393d7cc

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 31 Aug 2023 15:11:06 GMT
bid
ap.lijit.com/rtb/ 		95 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e375ba39035f084b90e5774c92f03b30625c016765624842874269d1fcc5d4eb

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 31 Aug 2023 15:11:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
c
prebid.a-mo.net/a/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		140 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a912d4c7fd6c04be8884c4f1b4aae12a43f7fcf61db61c4bf47cbd3b9a6977ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
an-x-request-uuid
7df8fcd8-7f37-4e66-9191-c0d14b0d68ac
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 02 Jan 1970 00:00:00 GMT
server
nginx
etag
W/"15180-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 15:11:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		942 B
577 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=1092228360898866&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1090x95&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693494666871&lmt=1693487466&adxs=255&adys=190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=1600x4914&msz=1600x0&fws=0&ohw=0&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Des_pushdown&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=2255433210&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d009e1f983a447ff23bcac73cf1ef22283e42639ec1dddb639957c8e4eca841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
546
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f16adc3ce5a57a50761d90fb09e1674c343ddeecfba9c78c816fbdd06fce9646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11692
x-xss-protection
0
container.html
119c8f089197188bfdd2e232601e0e6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 25F3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://119c8f089197188bfdd2e232601e0e6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 15:11:07 GMT
expires
Fri, 30 Aug 2024 15:11:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		551 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=1689853244655393&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693494666891&lmt=1693487466&adxs=260&adys=190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=1600x4914&msz=1080x0&fws=0&ohw=0&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Des_logo_pushdown&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=3915647274&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0403725b1c8bcae9c8693bd83536607fd927b02463b2767524d07bbfe48280d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		551 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=2613360899516307&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693494666899&lmt=1693487466&adxs=1069&adys=1017&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=315x0&msz=315x0&fws=0&ohw=0&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Des_logo_rr&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=3886971663&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5143bde4188169250e768b40aa598feaf47311819ff78cb6bc542f02e4709f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
268
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		555 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=4295553379108418&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x400&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693494666907&lmt=1693487466&adxs=1069&adys=1017&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=315x0&msz=315x0&fws=0&ohw=0&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Des_rr_module&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=2057679260&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2210d3cf8bca2ba613f9d4dca8f4a86b0bb59b8aca2679bc6a0fc4858340dd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		551 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=716397474948470&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693494666915&lmt=1693487466&adxs=215&adys=280&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=1170x277&msz=1170x0&fws=0&ohw=0&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Des_sponsorship_logo&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=577681522&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d868f87482b6ac0aaa3cbf3b1a9410c07fd22e13fc20ee7ec2bc687117804ca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		551 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=4009389281857178&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693494666921&lmt=1693487466&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=1600x4904&msz=1600x0&fws=0&ohw=0&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Dinterstitial&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=317984099&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83f86b71d441f587ccb99d98b200b2dba76c6589898e6b2fbf4a4499bb1dcf05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8978697940937170856&pixelIndex=0
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8978697940937170856&pixelIndex=0&google_gid=CAESEEntjuZy_6yZKZHwiCRTua0&google_cver=1
0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8978697940937170856&pixelIndex=0&google_gid=CAESEEntjuZy_6yZKZHwiCRTua0&google_cver=1
Protocol
HTTP/1.1
Server
54.166.243.20 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-243-20.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8978697940937170856&pixelIndex=0&google_gid=CAESEEntjuZy_6yZKZHwiCRTua0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
423396.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/423396.gif?partner_uid=8978697940937170856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=2429680573784973&ev=PageView&dl=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Dema...
  • https://www.facebook.com/tr/?a=tmtealium&coo=false&dl=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_m...
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?a=tmtealium&coo=false&dl=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&ec=0&ev=PageView&fbp=fb.1.1693494666981.215682927&id=2429680573784973&if=false&it=1693494666296&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1693494666983&v=2.9.125
Protocol
H2
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 31 Aug 2023 15:11:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
content-type
text/plain
location
/tr/?a=tmtealium&coo=false&dl=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&ec=0&ev=PageView&fbp=fb.1.1693494666981.215682927&id=2429680573784973&if=false&it=1693494666296&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=1&ts=1693494666983&v=2.9.125
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
ROS
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6386816772688175&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fp...
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F0...
212 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
34344b698252709a9d7d85399bcc69d1627f83b32fd8d15b6ab5c077ecdd7be6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Thu, 31 Aug 2023 15:11:07 GMT
date
Thu, 31 Aug 2023 15:11:07 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
212
x-sid
AMS-937

Redirect headers

date
Thu, 31 Aug 2023 15:11:07 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6386816772688175&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
access-control-allow-origin
https://www.cutimes.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-937
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		94 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b041b263257ea168f3f8b38479f17692a2ea4c30121a3d22b1ae5656ddf27e09

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 31 Aug 2023 15:11:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		249 B
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
30302927846e1e96074f21ad54019d617985b5fba9cecb9c449bd1453d50556f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
an-x-request-uuid
e509ad7e-cd4d-4c39-88b5-67e2b1a60e9a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
249
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		250 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f9112be5f85d8b57fc32eb873a76a4a9ec1321aaabda34c59baec9a0f3350cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
an-x-request-uuid
a17d35e0-e906-438d-88ee-82b366896184
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		564 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=699e9698c396d71&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.013830566347686313
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
01ba2992df84f6786295cfcc19ecbabdf0919e190709681db55fd9e5943d5692

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
564
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		564 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=7038f6028cd4d2c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.8429573865989406
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4b6afb9bb064fb7f5608d2bdf3004983d6a95b8886f5cce88f099bfb9975998b

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
564
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
087cf69b19444e10d1b5709e94112ebd5b54636c23d75b012eddafaab82f12bc

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7255cdffd3401ff2e3fb95517ff7c16fbaf0d9f79844049a6dabed4fd2f4aef

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 31 Aug 2023 15:11:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 15:11:07 GMT
bid
ap.lijit.com/rtb/ 		95 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4488cb268226672bb55d07e526f8a44e53e89df3f692d488464c71bfdbbbea18

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 31 Aug 2023 15:11:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		250 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c1113177a8e4eaacc91335294e8e4fceaed438e987f938e5d4275879a54c406b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
an-x-request-uuid
4f4b3c1f-7a89-4684-8e36-8569d340df5c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
prebid.media.net/rtb/ 		1 KB
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
16c2b7316acf69efba53833eb1fc7323ada9027e5b5654788234f7d714c9ca18

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 31 Aug 2023 15:11:07 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=102a0ff209e441d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.4091091683346786
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
05fb9534f982df2d1adc9d37295d76c3cbc96e4f5306348a2b78d38185fc8902

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=10334f2c4df65f31&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.2055572450475267
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2aeb25c52f7b13f470e8d28108271d4ee51e158baff2bd10ae65a29d6b10db97

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
ROS
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 		214 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6386816772688175&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
1fef10912b54dcf9f0d7476ebf49e118589a142fdeff523872ea56dc4a640f5b

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 31 Aug 2023 15:11:07 GMT
date
Thu, 31 Aug 2023 15:11:07 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
214
x-sid
AMS-937
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
ce6f4134bfa4425869c535be5b03512f14335dbea6979caa71d4af30a894f4e1

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		252 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a52f5fa09c76df9148f0ba4e0bf950b3ce214dec33bad54b997e5bbc0572e39a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
an-x-request-uuid
c503779a-0eb9-44eb-821e-98b103cc5da1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
252
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
analytics
go.alm.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.alm.com/analytics?conly=true&visitor_id=140445603&visitor_id_sign=fb3b3b526fa3f5a7df8902287e427c2a6e33ab9893f52d15ce2d11e6b2b0871935cb13bce9a43fda460f94dd4d6e3f37ba122795&pi_opt_in=&campaign_id=70855&account_id=998701&title=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014,754%20NIHFCU%20Members%20|%20Credit%20Union%20Times&url=https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102&referrer=&utm_campaign=tech_hub&utm_medium=promo&utm_source=email&utm_content=072023&utm_term=cut
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=70855&account_id=998701&title=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&referrer=&utm_campaign=tech_hub&utm_medium=promo&utm_source=email&utm_content=072023&utm_term=cut
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-125-13.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 31 Aug 2023 15:11:07 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
syncframe
gum.criteo.com/ Frame 06AD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.cutimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 15:11:06 GMT
server
Kestrel
server-processing-duration-in-ticks
330120
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		319 B
161 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=1032072710577893&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1400x320%7C1200x250%7C1200x600&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D631bbcc44af6f1e4%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_MZ-fEWMOrNcLMDK8pun59Efqtep1Q&gpic=UID%3D00000c92c6693d9e%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_Mby2_SSUwH7VCh0Axss2_NzO_OQtQ&abxe=1&dt=1693494667170&lmt=1693487467&adxs=100&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Dsuper_hero%26amznbid%3D2%26amznp%3D2&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=1703501257&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f9caede86d189d7091217062c9fdd3e22d5960edce3adbe3b6f5c9c219699e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=2180888376608351&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D631bbcc44af6f1e4%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_MZ-fEWMOrNcLMDK8pun59Efqtep1Q&gpic=UID%3D00000c92c6693d9e%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_Mby2_SSUwH7VCh0Axss2_NzO_OQtQ&abxe=1&dt=1693494667179&lmt=1693487467&adxs=215&adys=230&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=1170x100&msz=1170x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Dtop%26amznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D970x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D220710c8d4a951e3%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.02%26hb_adid%3D220710c8d4a951e3%26hb_bidder%3Drubicon&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=16371981&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc91054a135c8bec0621934a81b1975f6f9a2379a7bc36a4c0aa6467c125cf7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11513
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
smartads.epl
www.dianomi.com/ Frame 1A10 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82db28df0b0e7e83efd1a582f957468d0ad1298037fa394523fcbf3b07eee94
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7ff63445fd4a9b2b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Aug 2023 15:11:07 GMT
expires
now
link
</img/a/pss/2232/12.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
smartads.epl
www.dianomi.com/ Frame 64FF 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fba977306f82dd32d45acd8b8c033dfee26ad14218d572dc62320ba5b626a4d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7ff63445fd4f9b2b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Aug 2023 15:11:07 GMT
expires
now
link
</img/a/pss/1972/61.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f8909edfb83736fcd88a50082f38a0d75e8f9bd211b72e27d383a2391b871e30

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
ROS
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 		214 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6386816772688175&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
1fef10912b54dcf9f0d7476ebf49e118589a142fdeff523872ea56dc4a640f5b

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 31 Aug 2023 15:11:07 GMT
date
Thu, 31 Aug 2023 15:11:07 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
214
x-sid
AMS-937
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
35
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		252 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2684e66798cca1660cfde01b39566c971b5c6b3f6c5c2aa65504c32c63506919
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
an-x-request-uuid
76201d60-9e21-4fb5-91e4-3d342ea30a7c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
252
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=141523a09fd521f3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.833860090176012
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
14f40684d1ff87030cc6063511a7b2e940a8ce66a42e147fa624941d72e25a53

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=14259d44c23fe4d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.21936443674578032
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
909af2f25f0a7fdf3c2c7f0b25393282044d772a794bf415b5f019a36487c081

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
prebid.media.net/rtb/ 		1 KB
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3b0b408976464913fe074a9f1b5c8f6ad61be1273e6c3fd17cb6935c123643e9

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 31 Aug 2023 15:11:07 GMT
prebid
ib.adnxs.com/ut/v3/ 		252 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
db4317ea2e84229e217292c4a1edb7115c663a26160ab9fe1f293d5416e912d3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
an-x-request-uuid
fbf5ff22-c112-433c-994e-4c4267db0d51
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
252
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ff2f51973a802f3170c21fba2d3ede07ef395ffde19da76ec09d35b32afa564c

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 31 Aug 2023 15:11:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		95 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d1be4120a00856cee830a95a0b428176608b0723595505446002c0fc705c4299

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 31 Aug 2023 15:11:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		252 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cc12590607bb12ef353a21ebd22b1aa89bea7036a9a9c8e06a85350230fc673c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
an-x-request-uuid
f5fd7ac9-36c4-41de-bbcf-a97ac97d41eb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
252
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:06 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
ROS
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 		226 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6386816772688175&e=300x250_0%3A300x250%2C970x90%2B300x250_1%3A300x250%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
25822925881f46a4f58765b6c149fd224caa132d636bdaa21d0565c836439b65

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 31 Aug 2023 15:11:07 GMT
date
Thu, 31 Aug 2023 15:11:07 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
226
x-sid
AMS-937
prebid
ib.adnxs.com/ut/v3/ 		251 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5f91bca40a1df62ab948ea73935d2f944b7537295ccbc19e4c4e2fc3874bf399
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
an-x-request-uuid
66265e73-5c9d-43ce-8b5b-1f9fa26c5e28
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
251
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9ca0a084917496acf29f51dc2881975e7bbf9025a935f1f8efe6af4f8abb857e

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 31 Aug 2023 15:11:07 GMT
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.249.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-249-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 31 Aug 2023 15:11:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=189f4d5d2b13dae6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.04137339291173814
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
81df6eb167db278e08a4c647f9946e62eb30f38ec5b768319537685a60079c9a

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=1908b635ade473e5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.07962590052886087
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c3bc7d4092bba4637f52c9e7efba1c6af5aa9b1cfe932be0922081dee9d57e55

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
c8d100aeb497ad8e496281e396aef3959cc1e31898543dc537be06f57f7b926c

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=2842432843349718&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Defa70d5d533ffeb4%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_MYy6GLVyx-nD1OYCQklhLwkjciklg&gpic=UID%3D00000c92c5bf8e58%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_MYvLwjVHo2xc6APXlmZkclpSbpMDQ&abxe=1&dt=1693494667366&lmt=1693487467&adxs=1069&adys=987&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=315x0&msz=315x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Dmiddle%26amznbid%3D2%26amznp%3D2&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=521319232&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bebc6d275ec4c3253b5daac07ef642662d7a1d3bf3d792fc876677fcb463cc70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11847
x-xss-protection
0
google-lineitem-id
6159049915
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412945796
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 06AD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=VBzHgHxUNWZXck5jMWV0R3QwZko2WXBVbWFLUlJIM01lem84blVKVStWU3d1SEJiZlB3bmdpYUZKb00zUi8xYjdDUmllVyszZ3VyM1VwdGk4anNQK0x4R3NPem5aNmtVem5ac25idVd3ek1PVnNvUWhvdlQrNmtveGswL1...
436 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VBzHgHxUNWZXck5jMWV0R3QwZko2WXBVbWFLUlJIM01lem84blVKVStWU3d1SEJiZlB3bmdpYUZKb00zUi8xYjdDUmllVyszZ3VyM1VwdGk4anNQK0x4R3NPem5aNmtVem5ac25idVd3ek1PVnNvUWhvdlQrNmtveGswL1FQSnVvVjJhd0kwM3pZRWxSbnJQZmkvK0ZZSEp4Ti9GNWIvWHNabFdKTW9XdUNVRzRLd1ZUUFlmVmMrOHVBdlh6WkJKRWxJYkJVeDFFbWM0OUIvVlN6MW1vdzhVU3F4cjQvMklwTGlDYXVVWGdyNlpLSDFJYktDVFhlR3hUZXhTK1JMeVFyK0VFZ0JKelQvaWpWU2U2OEZiU2lTWHFQQT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2f8294a786bc25bd9d8bcbd3a5f91f1195380535a09d3e10b5dcdc98cd5e2c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1180616
expires
0

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=VBzHgHxUNWZXck5jMWV0R3QwZko2WXBVbWFLUlJIM01lem84blVKVStWU3d1SEJiZlB3bmdpYUZKb00zUi8xYjdDUmllVyszZ3VyM1VwdGk4anNQK0x4R3NPem5aNmtVem5ac25idVd3ek1PVnNvUWhvdlQrNmtveGswL1FQSnVvVjJhd0kwM3pZRWxSbnJQZmkvK0ZZSEp4Ti9GNWIvWHNabFdKTW9XdUNVRzRLd1ZUUFlmVmMrOHVBdlh6WkJKRWxJYkJVeDFFbWM0OUIvVlN6MW1vdzhVU3F4cjQvMklwTGlDYXVVWGdyNlpLSDFJYktDVFhlR3hUZXhTK1JMeVFyK0VFZ0JKelQvaWpWU2U2OEZiU2lTWHFQQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
296586
content-length
0
expires
0
61.css
www.dianomi.com/img/a/pss/1972/ Frame 64FF 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/1972/61.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2419728
cf-polished
origSize=2947
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 11 Jul 2023 08:31:14 GMT
server
cloudflare
etag
W/"b83-60031ec0fc188"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7ff634473e989b2b-FRA
expires
Sun, 01 Oct 2023 01:11:07 GMT
viewability11.js
www.dianomi.com/js/ Frame 64FF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/viewability11.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
55
cf-polished
origSize=13022
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 14:33:52 GMT
server
cloudflare
etag
W/"32de-5fa523edf86e0"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ff634474ea69b2b-FRA
expires
Thu, 31 Aug 2023 15:13:07 GMT
12.css
www.dianomi.com/img/a/pss/2232/ Frame 1A10 		2 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/2232/12.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1839439
cf-polished
origSize=2446
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 17 Jun 2023 06:38:18 GMT
server
cloudflare
etag
W/"98e-5fe4d8c018118"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7ff634479ef29b2b-FRA
expires
Sun, 01 Oct 2023 01:11:07 GMT
viewability11.js
www.dianomi.com/js/ Frame 1A10 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/viewability11.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
55
cf-polished
origSize=13022
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 14:33:52 GMT
server
cloudflare
etag
W/"32de-5fa523edf86e0"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7ff634479ef99b2b-FRA
expires
Thu, 31 Aug 2023 15:13:07 GMT
VfG99MCoyKoAAGpDgiIAAAAI.png
www.dianomi.com/img/uploads/ Frame 1A10 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/uploads/VfG99MCoyKoAAGpDgiIAAAAI.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1589994
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="VfG99MCoyKoAAGpDgiIAAAAI.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Aug 2020 16:33:27 GMT
server
cloudflare
etag
"f64-5ac380c3ca3c0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff63447ef4a9b2b-FRA
expires
Sun, 01 Oct 2023 01:11:07 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/130500/12/ Frame 1A10 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/130500/12/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6817b7775af94a21d3ee840fdcc95e0a33d90d2d5d26a6026ec3680286ba5f8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1834190
cf-polished
degrade=85, origSize=24502, status=webp_bigger
content-length
15164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 01:03:32 GMT
server
cloudflare
etag
"5fb6-5fe34c0f0cf78"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff634480f5f9b2b-FRA
expires
Sun, 01 Oct 2023 01:11:07 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/301105/3/ Frame 1A10 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/301105/3/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dbdf7a13e1334b69e8cef487194ffba66d38db4e3b625db40c174ffd69e74df
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
380144
cf-polished
degrade=85, origSize=15568, status=webp_bigger
content-length
13076
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 04 Aug 2023 10:30:10 GMT
server
cloudflare
etag
"3cd0-60216619ac548"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff634482f8e9b2b-FRA
expires
Sun, 01 Oct 2023 01:11:07 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/303728/2/ Frame 1A10 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/303728/2/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10e1bab5fbfcb4859c195c190ce035a6d5ef3b897240d494dae7672ae75b8f1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
19246
x-xss-protection
1; mode=block
last-modified
Tue, 29 Aug 2023 11:02:48 GMT
server
cloudflare
etag
"4b2e-6040dc06119f8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff634482f909b2b-FRA
expires
Sun, 01 Oct 2023 01:11:07 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/300109/6/ Frame 1A10 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/300109/6/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56cfa28e2f75af41233c297e5f7b15b514371d20311b17ee893df213bf5f9235
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
3207
cf-polished
qual=85, origFmt=jpeg, origSize=24576
content-disposition
inline; filename="263x200.webp"
content-length
12482
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 01 Aug 2023 12:10:44 GMT
server
cloudflare
etag
"6000-601db6fbb2428"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff634482f919b2b-FRA
expires
Sun, 01 Oct 2023 01:11:07 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/303522/2/ Frame 1A10 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/303522/2/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50488721a783cf87dd7cc37ed24569cbc8e3072d79b72a5bc30637f1695e0d1a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
17204
x-xss-protection
1; mode=block
last-modified
Tue, 29 Aug 2023 08:53:31 GMT
server
cloudflare
etag
"4334-6040bf1ff9c20"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff634482f929b2b-FRA
expires
Sun, 01 Oct 2023 01:11:07 GMT
1x1.gif
imagesrv.adition.com/ Frame 1A10
Redirect Chain
  • https://ad2.adfarm1.adition.com/banner?sid=4478129&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&kid=6008945&bid=18238357&wpt=C&ts=1693494667
  • https://imagesrv.adition.com/1x1.gif
68 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 31 Aug 2023 15:11:07 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 17:11:07 +0200
server
ADITIONSERVER v1.0
etag
7273504210728782605
content-type
text/plain
location
https://imagesrv.adition.com/1x1.gif
access-control-allow-origin
*
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
B30263000.372058203;dc_pre=CNX13aCXh4EDFXPKuwgdwgED3w;dc_trk_aid=562736341;dc_trk_cid=195710793;ord=1693494667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./ Frame 1A10
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B30263000.372058203;dc_trk_aid=562736341;dc_trk_cid=195710793;ord=1693494667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B30263000.372058203;dc_pre=CNX13aCXh4EDFXPKuwgdwgED3w;dc_trk_aid=562736341;dc_trk_cid=195710793;ord=1693494667;dc_lat=;dc_rdid=;tag_f...
42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B30263000.372058203;dc_pre=CNX13aCXh4EDFXPKuwgdwgED3w;dc_trk_aid=562736341;dc_trk_cid=195710793;ord=1693494667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B30263000.372058203;dc_pre=CNX13aCXh4EDFXPKuwgdwgED3w;dc_trk_aid=562736341;dc_trk_cid=195710793;ord=1693494667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 998E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 14:31:23 GMT
expires
Fri, 30 Aug 2024 14:31:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5D69 		829 B
978 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e68dd2f6c9ff7bb14ea989d54b364c47b38217e1b54ae81eb64ab011729e9443
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Okib3tZxwVtSIVPYdA4Now' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-Okib3tZxwVtSIVPYdA4Now' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 15:11:07 GMT
expires
Thu, 31 Aug 2023 15:11:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=316433315469297&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Defa70d5d533ffeb4%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_MYy6GLVyx-nD1OYCQklhLwkjciklg&gpic=UID%3D00000c92c5bf8e58%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_MYvLwjVHo2xc6APXlmZkclpSbpMDQ&abxe=1&dt=1693494667478&lmt=1693487467&adxs=1069&adys=1017&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=315x0&msz=315x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Dmiddle1%26amznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D22535ac754e4ee6a%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.04%26hb_adid%3D22535ac754e4ee6a%26hb_bidder%3Drubicon&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=1427363057&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb2535c20fc4fba30f653b4ac43b337f8acfd83a079feb2c96f27a5ab0388bf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11847
x-xss-protection
0
google-lineitem-id
6159049915
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412945796
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		318 B
161 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1271110013647194&correlator=2276451363529150&eid=31077231%2C31076770&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=729x90&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Defa70d5d533ffeb4%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_MYy6GLVyx-nD1OYCQklhLwkjciklg&gpic=UID%3D00000c92c5bf8e58%3AT%3D1693494666%3ART%3D1693494666%3AS%3DALNI_MYvLwjVHo2xc6APXlmZkclpSbpMDQ&abxe=1&dt=1693494667489&lmt=1693487467&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&vis=1&psz=1600x4904&msz=1600x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=379297884.1693494667&ga_sid=1693494667&ga_hid=593551922&ga_fc=false&dlt=1693494663794&idt=2763&prev_scp=position%3Dfooter%26amznbid%3D2%26amznp%3D2&cust_params=bmb%3Dind_12%252Cre_6%252Csz_6%252Cid_1%252Cid_2%252Cid_7%252CPIF%252CCLAIMS%252CLHR%252CHRE%252CPVY%252CLEGAL_corp%252CIPB%252CBAI%252CINSPROD%252CPCL%252CCDE%252CBEN%252CNET%252CCRY%252CLSV%252CESS%252CCYB%252CRMC%252CEDIS%252CPCM%252CGFIN%252CCMU%252CWCT%252CICPC%252CIRC%252CINDS%252CRTAIL%252CLHI%252CLEGAL_corp%252CCLAIM%252CCRE%252CFNW%252CLIT%252CINSC%252CAAB%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&adks=2815906122&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e32f84eecba342a07527ca67ad30cb046827d9b9c04caee7922a0e575ae89c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2429680573784973&ev=Microdata&dl=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&rl=&if=false&ts=1693494667515&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times%22%2C%22og%3Asite_name%22%3A%22Credit%20Union%20Times%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.cutimes.com%2Fcontrib%2Fcontent%2Fuploads%2Fsites%2F413%2F2019%2F04%2Faccount-hacked-e1556042539566.jpg%22%2C%22og%3Adescription%22%3A%22Posing%20as%20a%20third-party%20vendor%2C%20a%20fraudster%20gains%20access%20to%20a%20sensitive%20document%20within%20a%20CU%20employee%E2%80%99s%20email%20account.%20%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FWebSite%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1693494666981.215682927&it=1693494666296&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 31 Aug 2023 15:11:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
pixeljs
data.dianomi.com/frontend/ Frame 64FF 		0
195 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xB17F1F4C48564B16A276AC363787D7BF&third_party_tracking=1&consent_string=&smartad_id=3421&partner_id=1012
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ff634481f809b2b-FRA
access-control-allow-headers
dianomi-force-dmp
pixeljs
data.dianomi.com/frontend/ Frame 1A10 		0
60 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x7D3F9EB294B34BFE8DBF0DC67E7C0DB5&third_party_tracking=1&consent_string=&smartad_id=3420&partner_id=1012
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7ff634482f939b2b-FRA
access-control-allow-headers
dianomi-force-dmp
sodar
pagead2.googlesyndication.com/pagead/ Frame 5D69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=1271110013647194&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js
pagead2.googlesyndication.com/bg/ Frame 998E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
3159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 14:18:28 GMT
Ufe3LcCoyKoAADivRIsAAAAC.png
www.dianomi.com/img/uploads/ Frame 64FF 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
901661
cf-polished
origFmt=png, origSize=2126
content-disposition
inline; filename="Ufe3LcCoyKoAADivRIsAAAAC.webp"
content-length
1026
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Aug 2020 14:28:40 GMT
server
cloudflare
etag
"84e-5acc31eddb600"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ff634485fb89b2b-FRA
expires
Sun, 01 Oct 2023 01:11:07 GMT
generate_204
tpc.googlesyndication.com/ Frame 998E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HA2nBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame D471 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjOG_YUsF-urJF2qbNJZ5YJPnVyPTQ8ON9mqq4bRuDDl7YykmNiaEKve92df6-GeSiXNEOfOBe6dtfNqWKgJkHdTU-soXNBOiex-LEfu2vpM1_mhUzWxdwop1mhVK3Of7LZE4AQCX_7K1JK4qYOiYGkmRn3qYpyElAGpH_YvuY7fNSPppdH1biiPqTi5Dh4T4j4GjqPtA6wxnPVYgDcmASxzfRE1jjw3SgzJwnoj9V817DHS2t7fNneDoXGuOZ6eSfwvfhTTiQLKqm2NTbtJWpgv5f2IjQQu7bnFKhVHfUzjUXtichXHyfVEZGHCYmyC2FjkHqr79nQx58tgFF6dUH4fui_9o&sai=AMfl-YSpyFGHSm2tfYMQ7BCAJxK7VG0SRuNQPdHzwHYtFqlaTIg4bVIPxMGXVdrdnnALDRojnglR6ZQQV-MXV8nDAOrtbvldbeu7AidfVcfyJ62Ld_0dw3BvbY10EEIOw-Y&sig=Cg0ArKJSzBecTYofudt5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.js
cdn1.opstag.com/14472/ Frame D471 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-11.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D471 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 15:11:07 GMT
moatad.js
z.moatads.com/almdfp680616975594/ Frame D471 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
978b2e652db1096422f81839e749f032cd15436c464aa24eba8187931b9b71ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 10:30:36 GMT
server
AmazonS3
x-amz-request-id
13PGSN6S8X575CD9
etag
"2f453368485b59a69465361a334fade9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=32871
accept-ranges
bytes
content-length
3853
x-amz-id-2
7le3W8M0ueOBJWVdyfSuEiuYDVwtIfA9tmXuHe7nzd9Eg28iBSyGuE/TrKFUK2/0OxEIOXAfTkmgTss3H/IhnT4geLrqvdoqXFD/E5XMatU=
view
securepubads.g.doubleclick.net/pcs/ Frame 0BD3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxxPLkYVZPpkqdalz5U8EXtbt8dbsGwO7_lLfDtrW_xNFSl6aoCIJi18fBCsw-5q4YIjPg6gKm-CbH4Hp59xoWVEu-CuylSvbJkSp0S_8YMPdKdijJsqNNDjoM53Qh-qX8u9IrDLDMMUVh_vq3fRBMPciI_BQgy2IvPJvUU4t3wc57sw_aYIqYysFua1-dqGri6rM1BNt2xzgAo_FR4UDgiu_xNSPbrALXOgigPkekHcuSS9OvTQi04SQGjKbYCd1D5CjEBDtFzjAq-ARgpc-65IGLxiEUq8AXPvoyqHvAOUZ1TLHuJK6b1gdRr2WpJG3IwsNeBdTQs3emTJB3SrpHBk98pJQ&sai=AMfl-YQ0_Iw8DGLKiSPJSx2IGvvAm6MMO68HfAR09SrLappWlnxZbavE1VGKrU2TPtR0igyaBImWsTxwb_fwbuSCbJZQKxpbgEHwL0cz3nj0ZfpkYSv3yw8iMJUyQdsXuFo&sig=Cg0ArKJSzE8TPLgolHwAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.js
cdn1.opstag.com/14472/ Frame 0BD3 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-11.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BD3 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 15:11:07 GMT
moatad.js
z.moatads.com/almdfp680616975594/ Frame 0BD3 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
978b2e652db1096422f81839e749f032cd15436c464aa24eba8187931b9b71ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:07 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 10:30:36 GMT
server
AmazonS3
x-amz-request-id
13PGSN6S8X575CD9
etag
"2f453368485b59a69465361a334fade9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=32871
accept-ranges
bytes
content-length
3853
x-amz-id-2
7le3W8M0ueOBJWVdyfSuEiuYDVwtIfA9tmXuHe7nzd9Eg28iBSyGuE/TrKFUK2/0OxEIOXAfTkmgTss3H/IhnT4geLrqvdoqXFD/E5XMatU=
truncated
/ Frame D471 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31332900f82a1f5b817d8dd60603dd17884a8361ad96db65d0461253b9e1ca1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0BD3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcf62dbb083a2be2c506d4cdc4dce9cec057b0f15933c6b8454d09662420dee1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 5C04 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 19:22:21 GMT
age
157727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 19:22:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 5C04 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Aug 2023 10:00:11 GMT
age
105057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 29 Aug 2024 10:00:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 5C04 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 05:50:45 GMT
age
206423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 05:50:45 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 5C04 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 16:22:50 GMT
age
168498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 16:22:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 5C04 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 10:05:13 GMT
age
191155
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 10:05:13 GMT
truncated
/ Frame 5C04 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f84ddd75e357a6eb8868e4a0abbaf7116a48b0b965ed6d6d32695e03c6c32332

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
8964976626933392500
tpc.googlesyndication.com/daca_images/simgad/ Frame 5C04 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/8964976626933392500
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d42853bbf9154e94c82e955a5dd00fc3aac759922fd6b9e1238b5b6395a06dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:45:27 GMT
x-content-type-options
nosniff
age
415540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77463
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 12:01:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Aug 2024 19:45:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5C04 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:26:59 GMT
x-content-type-options
nosniff
server
cafe
age
63848
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 31 Aug 2023 21:26:59 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5C04 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:40:34 GMT
x-content-type-options
nosniff
server
cafe
age
63033
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 31 Aug 2023 21:40:34 GMT
l
www.google.com/ads/measurement/ Frame 5C04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBqCOG0-lx8B8GSFKL0CPES0ZnRVoJwqEYbPK6pvghM48s5WCyKWuGj-l5a9QBzp-Wulge
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALM_HEADER1&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=articledisplay&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1693494664934&de=914696345474&rx=878891491751&m=0&ar=45436f5f584-clean&iw=3dabe82&q=2&cb=0&cu=1693494664934&ll=2&lm=0&ln=0&em=0&en=0&d=4525440395%3A2480285401%3A5003141755%3A138270399629&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&bo=cutimes&bd=articledisplay&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2872%3A2872%3A3183%3A2889&fs=205170&na=213370441&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:08 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 31 Aug 2023 15:11:08 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5C04
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H2
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Thu, 31 Aug 2023 15:11:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tag.aspx
ml314.com/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?3172023
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:03:45 GMT
content-encoding
br
age
443
x-guploader-uploadid
ADPycdsx-Hzpn-GQbN5Fw27y-7LN_6wJlSiCsbEIX613m03yLQy9WH6nCFAqxGqYdCFKCCcB58awVPrcVr2KKSuVIMSC1HZXIRMc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10518
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
FRA-fa985ced
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1693494664934&de=568714337595&rx=878891491751&m=0&ar=45436f5f584-clean&iw=3dabe82&q=3&cb=0&cu=1693494664934&ll=2&lm=0&ln=0&em=0&en=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&zMoatMData=1&zMoatTopic=news%2Ccybersecurityandprivacy&zMoatPS=middle&zMoatMMV_MAX=noHistData&zMoatMSafety=safe&zMoatMGV_MAX=noHistData&zMoatMMV=noHistData&zMoatMGV=noHistData&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2872%3A2872%3A3183%3A2889&tz=middle&iq=noHistData&tt=noHistData&tu=1&tp=safe&fs=205170&na=534248995&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:08 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 31 Aug 2023 15:11:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D471 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwoucdQnw8LutOEB7wcdfob3_MaS2tFm5Cnm5ozZppBQYmWPtCcpOqe25eQ9Kh3wh-6_21UlE7iiws9lpjWxd6P1KMonzGmopqKd9tzvUjSquCVkliT2Jrx5uAHbCiTJZXja20wZLGLhyKSrpHLhaGPFZ5nVE8kAtIGjozPSeKLf-8egQLG-1nkaNHKqB2cNiZU-fnkJfo1sQEm-MQHKyJt4zPjY_UGOAqLIRBiivKr1J5JFBI5MDJEKVwPYFNtyzdCc_LTheHpuTUO123ZJDMDld1RQk-XJCy3qjHJLnXndtTzXLFhkkUwfRG4mXuiaUOt8hfYo7NzQ1UlEYnFZAs2ASCqspexg&sai=AMfl-YQ0SGeOxmFZu56DbI3UmPL-1FbXrm5Mi4dxub-nVyI4J5GMTb1hnEWD-MsCfBAOI3cSU3iFU5xqlESJp_1MLTp1NX1R8AvkBTXS23iaRxF4ZA2kQsAoNEj4ahXyMho&sig=Cg0ArKJSzN-Ouk--7UpqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 31 Aug 2023 15:11:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0BD3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswDZA4YpSkFVcvfLeuQ6dAToXm7Escd-gbj_IY2hDS0CO-SqdbqmXSTY8CIDK1LTa11n_N2DZ0oKBnHOpH35U676pXIxvc4dNJJq69szSKiatfdVOJ-wLd7BYaKYB8gmEXHa5n40MwOo196nSOJQyhRSAvblQdBB2ELq27X4JgvwhypC0b0HZZO8gkJ9QqP8ZsdTAm-FOsN1dLo202K6CmjcB0uByqMDajKjQ5Gk4eDkUmCY6fp0zH7o_T2hC2oKa0W_sYSG-_dTf9uiBF8zM1YcUIT4gZq_W7HNRVP-wQymX5QYHpUNNvifI9nKk_T3fufKsjK1-qy5HMcT5NGOKgaVOOnDgiEg&sai=AMfl-YSeTPgAkApAj3PcTYoQ0QORqnLgWfaJ9qIC1q39WyvutHP4aeX66pv8n7yzbN1rth-wan2ufQUprLrkjrcUWYnW4IX288wuB7cnCPEEMKMHkRLWtxPtkSkhsgP36eM&sig=Cg0ArKJSzD2AuA3yb0yGEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 31 Aug 2023 15:11:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5C04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCXjPi63wZL2ODpCh-wb8pJr4B7PQqp5xpbj9yrMRZBABIJv07WtgleKQgqAHoAHl_4uKA8gBAuACAKgDAcgDCKoEhANP0DVgNkLJRY9qpO7lyQbfdAaZXEkHfkuK3p5RBjFMqrLDIVd6t3f8HxiEtnmuLWxI7Qjmo8TyGh_XYL1gUDEHHTIk9aaqRanrjA2vvZSf4JvTjQiFrT5BqNdcfg8BpQKfP-dWeVF6UV8CJq3EjWbovP0POKkYWF9m9W7nsWRz02a8fUt3P420QwZabeUoMVWU8em_C9dckWiRAANcmcANQLPFyDaqbJYixgJrL93JvvSy2lSbfgieRUHEkYEl5UxUDs8t1g6Sae5-FKSRVFNP6FxuXJomi61ki7baCe-F9ueGmaejbPjR28JUnZy_9w-czR3Hzv-hRVu6-wmtlycwjKmqK-pXe_jlJ-oLvK7XjFcsQVFm8poGj8s4kLbvn9ohro_KsgdX8NmkH2DLgzSo43OT428_oZm4Dg7VckADAygyvdHZf6Scc1uJj_cl9tcUYhrCfmdHTrsRL5YFyhMHnNvhaVL_8Lbhff-yL6_CQGY1CO-NiAnJsY6rF_PweqXajjO5wAS8oezbtgTgBAGIBY2sustLkgUECAQYAZIFBAgFGASgBgKAB4OA9HWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC2tTfSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mgltaHR0cHM6Ly93d3cuZ2FydG5lci5jb20vZW4vY29uZmVyZW5jZXMvZW1lYS9pbmZyYXN0cnVjdHVyZS1vcGVyYXRpb25zLWNsb3VkLXVrL2NvbmZlcmVuY2UtcmVzb3VyY2VzL3RlYW0tc2VuZIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi01ODc3ODA1MDcwNzEzMzI0GI_Kag&sigh=00t4Wx8LbGc&uach_m=[]&ase=2&cid=CAQSOwBpAlJWIGvf2ZAMNyuUn6kEMU752lRxJgRvy31DuUUcA8vKBIIjHMpg2vaVUCwsWXHzfyGEPAzZXfefGAE&cbvp=2
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230731111102
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=1271110013647194&bg=!WVqlWhXNAAYHwnCgJ8I7ADQBe5WfODG_2MQ4SV9GVDetuxWz1oad2jOmOA5wgS6f5NpTAp6UIjL9_Lp1ZXQal4dXA-1GAgAAAGdSAAAANGgBBwoAoXuABInYbiFbCM13d2wLx0sVf94nJM5pAN2SD9FsvHHfHJlzigvWX-bX13PIGRyMOy7rHo3pA-F1NfUcUM86JR4uyQyyuf28pqsh2U9rmhKMWkQRoficuoTxk41j14CLcM5uiccdjIUNZ75EKjwhcYQL5DLOyPEx97s1PVdPS9a2rs3nlMd4mAVmV71RUIssgRHVBYtMaQJX27GK379nNCi5mQKzSn9V1Dsl1JG_swHs6XktlxV_V9xr05k6s_Val6uzI9L1INxHOuZn-EQaM401mLn7hTMelXRb9GzFDZuYWFCT0nsCXd5PnF6pRlS-rdZBkEZK3WQiuV8vUGV7tJ07YqntBlv9w5u9xH2OAvp9TFlMV0SRY7hcdegrGXkbNxOmo2uJmOCH2yaUE7Ord8_0wU85RfGfBw1iMgkq0sPeEtFc2L9YsdC3vmmiqIE0U__Hyw15jlvhrCkn7nbbxmRScr9NhkDaUpyvnrSCJT5qepsCi4FzE5Z_w9jJgaJMAcaPPmAF9bF1UaTk1HZaUCatvNPzn48oqZt1x69wlFYN785KrdZ4pyveF-ANvb5RRuuMmZhQr-5wX3ZPo6dyEn6fU_qpJlSjf0gPKka_Xd3jbd-QpvbSMXpf_edOMijcieF9nn0Dw2Jsyz6h9kMFVV7x2glNyzTeJS_gpmJtIOncW5upPJz55-yBXdSJ02bqr-Iz2PVT5VdLnFS_fKyVb4jvviV4ifyMcQxQR0SCWojv_T4CPW5HOSCH5-0OxUYu7flhJDj0ue0WLgQSvCA8GGD4kQKg_FknKzb67QRU87FQnX4qLPZbCzpjauTrMlbotrpOBCs-a3NR7nWEtQkwrXC1YNRdRo_ot4YW2r3ZSnKGYZrvWUbzLuNZiIGKVK4nX_lyjs359cbmlpq81OmRUU05vAEx9P-_z7sBdPcG4xPD-5tnhc4cxdc2x-0r_pMJEFLptcpfaFEJQxg3miDQxoWUjF9yNJzMRjEDmb4NAYFU5Ld11-V6BV2c1djJYQhNODF_M4HPA872kGnN0VpZmG489cW0h2qGBieovBVQ4QE9YVuXeORhIVOdZ1YvqvqqVAdN5lv8aQOT6LXalvSeH4wg60E7kGsan3Hw-2aWpbEs4g5aiAbd4A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1693494664934&de=740999480370&rx=878891491751&m=0&ar=45436f5f584-clean&iw=3dabe82&q=4&cb=0&cu=1693494664934&ll=2&lm=0&ln=0&em=0&en=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&zMoatMData=1&zMoatTopic=news%2Ccybersecurityandprivacy&zMoatPS=middle1&zMoatMMV_MAX=noHistData&zMoatMSafety=safe&zMoatMGV_MAX=noHistData&zMoatMMV=noHistData&zMoatMGV=noHistData&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2872%3A2872%3A3183%3A2889&tz=middle1&iq=noHistData&tt=noHistData&tu=1&tp=safe&fs=205170&na=504381309&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:08 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 31 Aug 2023 15:11:08 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=articledisplay&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fdaca_images%2Fsimgad%2F8964976626933392500&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3MGfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-2krPtvcVxBSdPA%3D%3D&sc=1&os=1-pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&f=0&j=&t=1693494664934&de=914696345474&rx=878891491751&cu=1693494664934&m=3537&ar=45436f5f584-clean&iw=3dabe82&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5597&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3183%3A2889&as=0&ag=94&an=0&gf=94&gg=0&ix=94&ic=94&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=94&bx=0&dj=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=188&cd=0&ah=188&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270399629&bo=cutimes&bd=articledisplay&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1630962278&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:08 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 31 Aug 2023 15:11:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5C04 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn-t9xZ81rKR9OCT2xz8uBDMLRNgDdy74MRBcnfDgZy8GuGDYJW5uYGibARYJCT6RAQ4D9XSPNDoif5jiqWvtB0Xw8buaH1wAe-syZByyZix1uWZTqJmtI5ObsZokWYzcvitGJLtyJXnDE&sai=AMfl-YQZp2fYpx6BEy9yFEXnSk8d3BOSTuJOIQ7cp7GdT2qWnH296bOS26H6QEe1WyJa9_gDAFMCEmi26lHsN8BPcH6E2FeasIw3QmNRdXkmrJSFCS03LL2iMgYjemU&sig=Cg0ArKJSzBcDyQ8GhCHUEAE&cid=CAQSOwBpAlJWIGvf2ZAMNyuUn6kEMU752lRxJgRvy31DuUUcA8vKBIIjHMpg2vaVUCwsWXHzfyGEPAzZXfefGAE&id=ampim&o=315,230&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=389&tls=1389&g=100&h=100&tt=1390&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=articledisplay&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3MGfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-2krPtvcVxBSdPA%3D%3D&sc=1&os=1-pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&f=0&j=&t=1693494664934&de=914696345474&rx=878891491751&cu=1693494664934&m=4552&ar=45436f5f584-clean&iw=3dabe82&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5597&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3183%3A2889&as=1&ag=1117&an=94&gi=1&gf=1117&gg=94&ix=1117&ic=1117&ez=1&ck=1117&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1117&bx=94&ci=1117&jz=1009&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=188&ah=1009&am=188&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270399629&bo=cutimes&bd=articledisplay&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=835722841&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 31 Aug 2023 15:11:09 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=articledisplay&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3MGfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-2krPtvcVxBSdPA%3D%3D&sc=1&os=1-pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&f=0&j=&t=1693494664934&de=914696345474&rx=878891491751&cu=1693494664934&m=4553&ar=45436f5f584-clean&iw=3dabe82&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5597&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3183%3A2889&as=1&ag=1117&an=1117&gi=1&gf=1117&gg=1117&ix=1117&ic=1117&ez=1&ck=1117&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1117&bx=1117&ci=1117&jz=1009&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=1009&ah=1009&am=1009&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270399629&bo=cutimes&bd=articledisplay&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=682591887&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 31 Aug 2023 15:11:09 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=articledisplay&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3MGfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-2krPtvcVxBSdPA%3D%3D&sc=1&os=1-pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&f=0&j=&t=1693494664934&de=914696345474&rx=878891491751&cu=1693494664934&m=4554&ar=45436f5f584-clean&iw=3dabe82&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5597&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3183%3A2889&as=1&ag=1117&an=1117&gi=1&gf=1117&gg=1117&ix=1117&ic=1117&ez=1&ck=1117&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1117&bx=1117&ci=1117&jz=1009&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=1009&ah=1009&am=1009&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270399629&bo=cutimes&bd=articledisplay&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1189487695&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 31 Aug 2023 15:11:09 GMT
/
onetag-sys.com/usync/ Frame 68E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1693494667037
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1E6D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112942
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 31 Aug 2023 15:11:10 GMT
expires
Fri, 01 Sep 2023 22:33:32 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 293B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13400772
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 31 Aug 2023 15:11:10 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ams1
checksync.php
contextual.media.net/ Frame DC02 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUN4B97C&prvid=2034%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C3012%2C2087%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
859554cc637e79f939df68b6fa664c990164b262497262c527207a2c61bdfa3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8476
content-type
text/html; charset=UTF-8
date
Thu, 31 Aug 2023 15:11:13 GMT
expires
Sat, 02 Sep 2023 15:11:13 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 49B4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 31 Aug 2023 15:11:10 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 58AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 31 Aug 2023 15:11:09 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3A66 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 31 Aug 2023 15:11:10 GMT
ETag
"623de86a-cf34"
Expires
Fri, 01 Sep 2023 15:11:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pd
yourbow-d.openx.net/w/1.0/ Frame 56A5 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yourbow-d.openx.net/w/1.0/pd
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-08-31-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 31 Aug 2023 15:11:10 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 49B4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ed1661b57fcb41509c4a6e2fcfb7c8738ceac87d751927edccebe8a255ce88e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 15:11:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Aug 2023 11:04:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71633
Connection
keep-alive
Content-Length
10123
Expires
Fri, 01 Sep 2023 11:05:03 GMT
async_usersync
ib.adnxs.com/ Frame 3A66 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
an-x-request-uuid
518146b2-0284-4f5c-9753-449395c51c62
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 49B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH9fUudGKGxiySGWpfz-S0I&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH9fUudGKGxiySGWpfz-S0I&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH9fUudGKGxiySGWpfz-S0I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 49B4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jUlpGtOoUFN09j3u_KXKUA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lL19NEhE2oJtFPd_p3o3UHr46o1GZCu6bcvEVw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lL19NEhE2oJtFPd_p3o3UHr46o1GZCu6bcvEVw--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 31 Aug 2023 15:11:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lL19NEhE2oJtFPd_p3o3UHr46o1GZCu6bcvEVw--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 49B4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLZAZZSP-2-AN7T
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLZAZZSP-2-AN7T
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:10 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5FF8478037444131A3CB5236A8C0FB00 Ref B: FRAEDGE1211 Ref C: 2023-08-31T15:11:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEOXRC9jTE2CDHhGSNDg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLZAZZSP-2-AN7T
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 49B4 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 49B4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDBhY2VmNzYwNTJkNmEwN2I0OTdmYjllMjUzNDk3YTViN2Y2NTgyNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDBhY2VmNzYwNTJkNmEwN2I0OTdmYjllMjUzNDk3YTViN2Y2NTgyNw
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDBhY2VmNzYwNTJkNmEwN2I0OTdmYjllMjUzNDk3YTViN2Y2NTgyNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 49B4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=X-SCrVhuTYq4CQEp4cNcPQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=X-SCrVhuTYq4CQEp4cNcPQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=X-SCrVhuTYq4CQEp4cNcPQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Aug 2023 15:11:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QYQ1ARASB847G6G1NKJH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=X-SCrVhuTYq4CQEp4cNcPQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 49B4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExaQVpaU1AtMi1BTjdU
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMJS7R8yDNspvwts8AxqrFw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExaQVpaU1AtMi1BTjdU&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExaQVpaU1AtMi1BTjdU&google_push=
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExaQVpaU1AtMi1BTjdU&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 49B4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9pKcRTlzQFyXdaoPAs_BWg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9pKcRTlzQFyXdaoPAs_BWg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9pKcRTlzQFyXdaoPAs_BWg
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Aug 2023 15:11:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9A35N9NY4BAXDETSYJ9X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9pKcRTlzQFyXdaoPAs_BWg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 1E6D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19443023&p=158370&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3db9eeba299f8f33ec4c711b890fb0e6e8c329f4791486de403cdf847f7255dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 31 Aug 2023 15:11:10 GMT
content-length
1710
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 4A79
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 31 Aug 2023 15:11:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 15:11:10 GMT
expires
Thu, 31 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
779548
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1E6D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uLrcxsN5THKnfCi-0ewaww%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:10 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=112942
accept-ranges
bytes
content-length
5606
expires
Fri, 01 Sep 2023 22:33:32 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 1E6D 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.113.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-113-219.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.63
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 1E6D
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1867899606
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:09 GMT
via
1.1 google
last-modified
Thu, 31 Aug 2023 15:11:10 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3
date
Thu, 31 Aug 2023 15:11:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 1E6D
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Yzg3b1h1NC1lbDdSbTJYcE1ZaVA1ZkZxQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8594109174659939537&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
HTTP/1.1
Server
54.174.89.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-89-161.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 15:11:11 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 31 Aug 2023 15:11:11 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1E6D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjhCQURDQzYtQzM3OS00QzcyLUE3N0MtMjhCRUQxRUMxQUMz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 31 Aug 2023 15:11:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1E6D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI5CSUQeCleXM-UjgLYOgXA&google_cver=1
42 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI5CSUQeCleXM-UjgLYOgXA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 31 Aug 2023 15:11:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI5CSUQeCleXM-UjgLYOgXA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1E6D 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 30 Aug 2023 15:11:10 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1E6D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1E6D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8594109174659939537
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8594109174659939537
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 31 Aug 2023 15:11:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8594109174659939537
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
async_usersync
ib.adnxs.com/ Frame 3A66 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:11 GMT
an-x-request-uuid
3d4a541a-b675-4161-afec-d59260835fd9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1E6D 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158370&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=articledisplay&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3MGfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-2krPtvcVxBSdPA%3D%3D&sc=1&os=1-pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&f=0&j=&t=1693494664934&de=914696345474&rx=878891491751&cu=1693494664934&m=8580&ar=45436f5f584-clean&iw=3dabe82&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5597&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3183%3A2889&as=1&ag=5145&an=1117&gi=1&gf=5145&gg=1117&ix=5145&ic=5145&ez=1&ck=1117&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5145&bx=1117&ci=1117&jz=1009&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5039&cd=1009&ah=5039&am=1009&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270399629&bo=cutimes&bd=articledisplay&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1621618907&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 31 Aug 2023 15:11:13 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=articledisplay&wf=1&ra=3&pxm=1&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3MGfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-2krPtvcVxBSdPA%3D%3D&sc=1&os=1-pw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=5&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=1&ii=4&f=0&j=&t=1693494664934&de=914696345474&rx=878891491751&cu=1693494664934&m=8781&ar=45436f5f584-clean&iw=3dabe82&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5597&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3183%3A2889&as=1&ag=5346&an=5145&gi=1&gf=5346&gg=5145&ix=5346&ic=5346&ez=1&ck=1117&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5346&bx=5145&ci=1117&jz=1009&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5239&cd=5039&ah=5239&am=5039&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270399629&bo=cutimes&bd=articledisplay&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=2091303608&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 31 Aug 2023 15:11:14 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1E6D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41501525&p=158370&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9cff57f14a226d077df52b4c184b569d9041a704925406468be85efa8e2e318f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 31 Aug 2023 15:11:13 GMT
content-length
1543
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame C5B4 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 31 Aug 2023 15:11:13 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0F1F 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 31 Aug 2023 15:11:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HD5KMD28W6KY41R68AXZ
Pug
image2.pubmatic.com/AdServer/ Frame DDEF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4TGZ5rZhxuf6ZsjitmfS4LE9y7P6Msqz7jfy1Vka
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4TGZ5rZhxuf6ZsjitmfS4LE9y7P6Msqz7jfy1Vka
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 31 Aug 2023 15:11:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 31 Aug 2023 15:11:13 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4TGZ5rZhxuf6ZsjitmfS4LE9y7P6Msqz7jfy1Vka
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 7C46
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8978697940937170856&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8978697940937170856&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 31 Aug 2023 15:11:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
9650aede-38d2-418f-84d5-615a63c2e951
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 31 Aug 2023 15:11:13 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8978697940937170856&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
mw
mwzeom.zeotap.com/ Frame 1E6D 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:13 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7ff6346f3e4c915f-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 1E6D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:26 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:26 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1E6D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 31 Aug 2023 15:11:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
B8BADCC6-C379-4C72-A77C-28BED1EC1AC3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1E6D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B8BADCC6-C379-4C72-A77C-28BED1EC1AC3?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f60d:7f4e:ab14:8158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 1E6D 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1E6D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=6f835b9c-ad0d-45dd-ac2a-59667a727748&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_e06aaa3c-4709-4eb8-9d7b-8bc4dc35e03a&bsw_param=6f835b9c-ad0d-45dd-ac2a-59667a727748&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6f835b9c-ad0d-45dd-ac2a-59667a727748&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6f835b9c-ad0d-45dd-ac2a-59667a727748&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 31 Aug 2023 15:11:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6f835b9c-ad0d-45dd-ac2a-59667a727748&gdpr=0&gdpr_consent=&gdpr_pd=
date
Thu, 31 Aug 2023 15:11:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 1E6D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158370&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:11:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
index.php
a.dpmsrv.com/dpmpxl/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?zn=&sn=&q=xSeg&v=1.x&ep%5Bids%5D=18252462%2C18600656%2C25701213%2C19033089%2C19032834%2C25816016%2C19033040%2C25711961&cl=1008&pixelIndex=0&r=789543&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&id=8978697940937170856
Requested by
Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.243.20 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-243-20.compute-1.amazonaws.com
Software
/
Resource Hash
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
31
Expires
0
seg
ib.adnxs.com/ 		43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/seg?member=827&add=18252462,18600656,25701213,19033089,19032834,25816016,19033040,25711961
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 15:11:16 GMT
an-x-request-uuid
3fb3d2d3-4df4-418a-b4a4-c6b9db4dbb54
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.88; 146.70.117.88; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
heartbeat
api.sail-track.com/v1/track/ 		36 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/heartbeat
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.218.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash
9fea063104143b2e6a174bce9d4be977451e5ce93cb54733fe702442688ef12b

Request headers

Accept
application/json
Referer
https://www.cutimes.com/
X-Lib-Version
v1.0.1
accept-language
de-DE,de;q=0.9
Authorization
Bearer bbe35466469593b785eef4ab32700018
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 15:11:17 GMT
allowedorigins
*
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
36
heartbeat
api.sail-track.com/v1/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/heartbeat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.218.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 31 Aug 2023 15:11:17 GMT
heartbeat
api.sail-track.com/v1/track/ 		36 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/heartbeat
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.218.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash
9fea063104143b2e6a174bce9d4be977451e5ce93cb54733fe702442688ef12b

Request headers

Accept
application/json
Referer
https://www.cutimes.com/
X-Lib-Version
v1.0.1
accept-language
de-DE,de;q=0.9
Authorization
Bearer 2ade0f4fc48d975844a60d5bcb4e9650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 15:11:17 GMT
allowedorigins
*
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
36
heartbeat
api.sail-track.com/v1/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/heartbeat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.218.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 31 Aug 2023 15:11:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
users.api.jeeng.com
URL
https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| documentPictureInPicture object| __cfQR function| $ function| jQuery function| _bmb object| googletag object| sizesDesktop object| sizesTablet object| sizesPhone number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT function| searchSize function| isElementVisible function| setup function| startTimer function| resetTimer function| goActive function| goInactive object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet function| _ object| apstag object| refreshed string| adUser number| timeoutID undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 string| method object| metas string| olyticsTag string| olyticsCategory string| olyticsId string| url number| oolltt object| oollttMeta string| theNameAttribute function| olyDfpSetCookie function| olyDfpGrabCookie string| olyCDFP object| olytics number| a number| c_start function| olyticsDfpSegments object| MoatNadoAllJsonpRequest_21805362 object| Moat#PML#26#1.2 boolean| Moat#EVA object| MoatDataJsonpRequest_21805362 function| __moatSlotTagLoadedalmheader466656885399 object| moatPrebidApi object| falcon object| utag_data string| socialTitle string| socialDescription string| linkedInSource string| via string| fallbackUrl boolean| __cfRLUnblockHandlers object| storeOverlayForm function| switchCSS function| tealiumLoadMore function| tealiumAlert function| tealiumOnsiteMessage function| scShare function| tealiumSlideshow function| dfpSlideshow function| insert_x13 function| insert_mobile_middle_ads function| tealiumQuiz object| WebFont object| _aps boolean| apstagLOADED object| apscustom object| cnvr_launcher_options function| setImmediate function| clearImmediate function| normalize boolean| utag_condload boolean| m object| utag object| _gaq object| pageTracker function| loadLibrary function| SHA1 boolean| __tealium_twc_switch string| d object| c number| e string| f object| adobe function| Visitor object| s_c_il number| s_c_in object| dpmPixels object| conversant string| varName object| PublisherCommonId object| _ml object| s function| AppMeasurement_Module_ActivityMap function| getPreviousValue function| getPercentPageViewed function| getTimeParting function| getValOnce function| getQueryParam function| apl function| getPageName function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq string| gtagRename object| dataLayer function| gtag function| twq object| _linkedin string| _linkedin_data_partner_id object| regeneratorRuntime object| twttr object| Sailthru object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| ggeac object| google_js_reporting_queue function| fbq function| _fbq string| piAId string| piCId number| _sf_startpt object| _sf_async_config number| _sf_endpt object| jeengConfig object| core object| jeeng object| StickScope function| toggle_visibility function| rotate_icon function| loadNextSection function| loadNext function| shareFacebook function| shareTwitter function| shareGPlus function| shareLinkedin undefined| x13_para undefined| mobile_middle_para undefined| mobile_middle1_para string| cName object| pCOOKIES number| bb object| NmeVal object| publink_options function| inList string| pageName function| cookieWrite function| cookieRead function| p_fo boolean| ppvChange string| ppvID string| g object| __fo string| _ppvPreviousPage string| _ppvInitialPercentViewed string| _ppvHighestPercentViewed string| _ppvFinalPercentViewed string| _ppvHighestPixelsSeen string| _ppvFoldsAvailable string| _ppvFoldsSeen object| s_i_almcut_almglobal object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| lintrk boolean| _already_called_lintrk function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi string| property undefined| google_measure_js_timing object| gpt_slots_object string| str object| slotsizes number| corrsize object| slot object| x object| sizes2 object| sizes3 string| dsizesFinal object| coreid number| google_unique_id object| gaGlobal object| GoogleGcLKhOms function| piResponse object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo object| Criteo_identitytag_141 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| attachedML object| google_image_requests

92 Cookies

Domain/Path Name / Value
.cutimes.com/ Name: sailthru_hid
Value: 0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
.cutimes.com/ Name: sailthru_bid
Value: 32120067.20312
store.law.com/ Name: regSID
Value: 7aab9f1d-5aba-4cf1-9d41-e537275164ca
.law.com/ Name: ipAddress
Value: 5lE7acFUCIoqomM4uA%3d%3d
.law.com/ Name: UCID
Value: 49214b34-b62a-493b-abef-6453c868365f
store.law.com/ Name: CSRFToken
Value: NoX3WOmdtXEJY1bovI-BhlnGcYErp0yijpztdLaSrlc
.law.com/ Name: ActiveDomains
Value: pBFiNZNKRc5v%2fCBl81BBygc%3d
store.cutimes.com/ Name: regSID
Value: a27fcae1-58a9-45a5-9d8d-6fa0e1136d1b
.cutimes.com/ Name: ipAddress
Value: 5VU9dswFRYMhp306skkTn1CfZA%3d%3d
.cutimes.com/ Name: UCID
Value: 895bbe01-fb2c-49c4-9cfb-ba49a63b6b32
www.cutimes.com/ Name: ssoCompliant
Value:
.cutimes.com/ Name: oly_fire_id
Value: 3348C6813023A1M
.cutimes.com/ Name: oly_anon_id
Value: 552e3030-5965-465d-8b9b-c0a67e51339c
.cutimes.com/ Name: utag_main
Value: v_id:018a4c25dfc5000e0652c1a8d8c50307400d206c00b08$_sn:1$_se:1$_ss:1$_st:1693496465158$ses_id:1693494665158%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com
www.cutimes.com/ Name: dpm_url_count
Value: 1
.adnxs.com/ Name: uuid2
Value: 8978697940937170856
.demdex.net/ Name: demdex
Value: 05301471796765840032654550420658920416
www.cutimes.com/ Name: sailthru_pageviews
Value: 2
.cutimes.com/ Name: AMCVS_96C4370453295E4C0A490D44%40AdobeOrg
Value: 1
.cutimes.com/ Name: _gcl_au
Value: 1.1.116331800.1693494666
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPCtigAAAL4cuQNx
.cutimes.com/ Name: s_ips
Value: 1200
.cutimes.com/ Name: s_tp
Value: 4914
.cutimes.com/ Name: s_ppv
Value: cut%253Ajump%253Aheg45emjfhi%2C24%2C24%2C24%2C1200%2C4%2C1
.cutimes.com/ Name: s_cc
Value: true
.twitter.com/ Name: personalization_id
Value: "v1_ll8lQaIdwZunUusdmInBIw=="
.cutimes.com/ Name: _cb
Value: Dc2iq4CSddPsmbK5r
.cutimes.com/ Name: _chartbeat2
Value: .1693494666266.1693494666266.1.C3YL97Bk_K5cBqCXzb5S49OQyJ9E.1
.cutimes.com/ Name: _cb_svref
Value: null
.dpm.demdex.net/ Name: dpm
Value: 05301471796765840032654550420658920416
.t.co/ Name: muc_ads
Value: 9f9c5256-a8ab-4979-9b28-a127b9da5847
.dpmsrv.com/ Name: dpm_pxl
Value: cd61adbf14743c7e196cf802c415e62ed13e3f99
.dpmsrv.com/ Name: dpm_pxl_aid
Value: 8978697940937170856
.linkedin.com/ Name: li_sugr
Value: 5cee8c3d-72a7-4c47-942a-2f9c0cd3e653
.linkedin.com/ Name: bcookie
Value: "v=2&4d84c416-5ead-4aa3-8d78-28aaa647ee21"
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3073:u=1:x=1:i=1693494666:t=1693581066:v=2:sig=AQHfbr7OoMP_F0xgZ6X5BTvO0DEsz-oT"
.cutimes.com/ Name: cf_clearance
Value: O8Fe0pLk66AykKLKiqtiLB2PxdyhRLVt8UOeRDqf6wg-1693494666-0-1-8ce76.188ce1e3.57099196-0.2.1693494666
www.cutimes.com/ Name: almGeoLoc2
Value: DE
www.cutimes.com/ Name: olytics_dfp_keys
Value: []
.linkedin.com/ Name: UserMatchHistory
Value: AQLiTYrubHGwSQAAAYpMJeVz-FNmYJzXiZa6wyJ8UFMlT_OLpoVtmlExxu8p7GBjtmu_hG7LMKX1cw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJhSQ0y6H4-zQAAAYpMJeVz8Ckupo25lwtTgSt6hlPD1PnbUUlRdmg5EryIe9AEMLgeJu1MEMGJ68oHmimEpA
pbjs.e-planning.net/ Name: CT
Value: 1
.cutimes.com/ Name: AMCV_96C4370453295E4C0A490D44%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19601%7CMCMID%7C06562787136986332193068710037860455840%7CMCAAMLH-1694099465%7C6%7CMCAAMB-1694099465%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1693501866s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19608%7CvVersion%7C4.4.0
.pardot.com/ Name: visitor_id997701
Value: 140445603
.pardot.com/ Name: visitor_id997701-hash
Value: fb3b3b526fa3f5a7df8902287e427c2a6e33ab9893f52d15ce2d11e6b2b0871935cb13bce9a43fda460f94dd4d6e3f37ba122795
pi.pardot.com/ Name: lpv997701
Value: aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGluZy1hdHRhY2stZXhwb3Nlcy1wZXJzb25hbC1pbmZvLWZvci0xNDc1NC1uaWhmY3UtbWVtYmVycy8%2FdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPXByb21vJnV0bV9jYW1wYWlnbj10ZWNoX2h1YiZ1dG1fY29udGVudD0wNzIwMjMmdXRtX3Rlcm09Y3V0JnNscmV0dXJuPTIwMjMwNzMxMTExMTAy
.rubiconproject.com/ Name: khaos
Value: LLZAZZSP-2-AN7T
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpdjB+dD7b7jPsKGGM1eolu5vVtDhgOVUMsxPxU5qr+6Jdm7D0sfxrz+EMertEmWyaHhfnFT4rLmuBxGCOXoSK1I8bbQ2uRe5K+xUA9sgf/4b7FQD2yB//h
www.cutimes.com/ Name: ln_or
Value: eyI3MTQ1MzAiOiJkIn0%3D
www.cutimes.com/ Name: hasLiveRampMatch
Value: true
www.cutimes.com/ Name: sailthru_content
Value: d02512019376e7afc918272f3c41dda0
www.cutimes.com/ Name: sailthru_visitor
Value: 43421196-7bdf-4d56-bdbd-49b8e01e8e6d
.cutimes.com/ Name: _fbp
Value: fb.1.1693494666981.215682927
.doubleclick.net/ Name: IDE
Value: AHWqTUm4KRDOL9W9q-elTNQ7d0KZziaBHhSzcHNesfZIlPRP7O1j_-fsJkmLR6iTKQM
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230831151106c4cdc078-947f-425a-8fb3-05ed554b215aAQEQ5kJErOS0Jp4NKRUi72xoey56MIWe"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTM0OTQ2NjY7MjswMjG2b+H9A90g+b/2fwZegWiHXkGme9svJ1Z++MZzWCpNuw==
.e-planning.net/ Name: E
Value: AL3E3Q8qoZxA5K0f
www.cutimes.com/ Name: visitor_id997701
Value: 140445603
www.cutimes.com/ Name: visitor_id997701-hash
Value: fb3b3b526fa3f5a7df8902287e427c2a6e33ab9893f52d15ce2d11e6b2b0871935cb13bce9a43fda460f94dd4d6e3f37ba122795
.facebook.com/ Name: fr
Value: 0udiSWvhbGW8uBiIM..Bk8K2L...1.0.Bk8K2L.
.criteo.com/ Name: uid
Value: d35d4a5c-f094-4c94-af91-11c978dcc2ad
.prebid.a-mo.net/ Name: __amc
Value: 4_1693494666_1693494667
.cutimes.com/ Name: __gads
Value: ID=efa70d5d533ffeb4:T=1693494666:RT=1693494666:S=ALNI_MYy6GLVyx-nD1OYCQklhLwkjciklg
.cutimes.com/ Name: __gpi
Value: UID=00000c92c5bf8e58:T=1693494666:RT=1693494666:S=ALNI_MYvLwjVHo2xc6APXlmZkclpSbpMDQ
.cutimes.com/ Name: cto_bundle
Value: PMB8RF80TVY3RlppN3pSNzUlMkJ3MHdxWDNNcnM3OFF5SmElMkZKSmJ4Nzc2V2JtZ05zaFBYUjBnZTIxQWR6dzhhYkJpOHFrYm9pOXJhS0JDcFE0UnpacWhPRm0lMkY2WmI3RDg2Wkd4czFodmZIWWUlMkJjME9lbSUyRnpoViUyQjBmSFRZVEVvdUJTaHZCczRhNUFFZXpQYkJ4RWFjRnVhJTJCWWVzQSUzRCUzRA
.adfarm1.adition.com/ Name: UserID1
Value: 7273504210728717069
.adfarm1.adition.com/ Name: lv_6008945
Value: w=4478129|t=1693494667
go.alm.com/ Name: visitor_id997701
Value: 140445603
go.alm.com/ Name: visitor_id997701-hash
Value: fb3b3b526fa3f5a7df8902287e427c2a6e33ab9893f52d15ce2d11e6b2b0871935cb13bce9a43fda460f94dd4d6e3f37ba122795
.doubleclick.net/ Name: APC
Value: AfxxVi5efqEAhUD_2DcKUsxwXmWaNufkzR8G7g6eUuMtfMzJAnYMUQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yahoo.com/ Name: A3
Value: d=AQABBI6t8GQCEJ0xmts_nW_DtHvJwOy6GQkFEgEBAQH_8WT6ZAAAAAAA_eMAAA&S=AQAAAi4TkBIWYzEq-vRGXCoV8JA
.ads.pubmatic.com/ Name: KCCH
Value: YES
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B8BADCC6-C379-4C72-A77C-28BED1EC1AC3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158370:2
.pubmatic.com/ Name: DPSync3
Value: 1694649600%3A235_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1694649600%3A21_13_54_56_220%7C1694736000%3A35
.weborama.fr/ Name: AFFICHE_W
Value: 3YkfW5C5hfvd10
.simpli.fi/ Name: suid
Value: 66078D2FF6954FCB8253FACEECA3B11A
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEI5CSUQeCleXM-UjgLYOgXA&KRTB&23025-CAESEI5CSUQeCleXM-UjgLYOgXA&KRTB&23386-CAESEI5CSUQeCleXM-UjgLYOgXA
.pubmatic.com/ Name: PugT
Value: 1693494670
.adform.net/ Name: uid
Value: 8594109174659939537
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8594109174659939537&KRTB&23263-8594109174659939537&KRTB&23481-8594109174659939537
.amazon-adsystem.com/ Name: ad-id
Value: AxhvFT5BCk9xqvRY3EIriTE
www.cutimes.com/ Name: dpm_time_site
Value: 6.007
.audrte.com/ Name: arcki2
Value: c87oXu4-el7Rm2XpMYiP5fFqA!20220908!1693494671171!ip#146.70.117.88
.audrte.com/ Name: arcki2_pubmatic
Value: B8BADCC6-C379-4C72-A77C-28BED1EC1AC3!20220908!1693494671174
.audrte.com/ Name: arcki2_ddp2
Value: c87oXu4-el7Rm2XpMYiP5fFqA!20220908!1693494671343
.audrte.com/ Name: arcki2_adform
Value: 8594109174659939537!20220908!1693494671520

8 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/423396.gif?partner_uid=8978697940937170856
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=(Line 65)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security error URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=(Line 68)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security error URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=(Line 70)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security error URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230731111102&canServeAds=true&canCookie=false&gdpr_consent=(Line 73)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
network error URL: https://cdn1.opstag.com/14472/index.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn1.opstag.com/14472/index.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B8BADCC6-C379-4C72-A77C-28BED1EC1AC3&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

119c8f089197188bfdd2e232601e0e6b.safeframe.googlesyndication.com
a.audrte.com
a.dpmsrv.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad2.adfarm1.adition.com
ads.pubmatic.com
ajax.googleapis.com
ak.sail-horizon.com
alm.demdex.net
analytics.twitter.com
ap.lijit.com
api.sail-personalize.com
api.sail-track.com
b.law.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.linkedin.oribi.io
cdn.yourbow.com
cdn1.opstag.com
cdnjs.cloudflare.com
cdp.omeda.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
data.dianomi.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geoip.alm.com
go.alm.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
images.cutimes.com
imageserver.amlaw.com
imagesrv.adition.com
linkmktg.cutimes.com
match.adsrvr.org
mb.moatads.com
ml314.com
mug.criteo.com
mwzeom.zeotap.com
olytics.omeda.com
onetag-sys.com
oqs.omeda.com
p.typekit.net
pagead2.googlesyndication.com
pbjs.e-planning.net
pi.pardot.com
ping.chartbeat.net
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s.dpmsrv.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sonata-notifications.taptapnetworks.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
store.cutimes.com
store.law.com
sync.crwdcntrl.net
t.co
tags.tiqcdn.com
telemetries.jeeng.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
use.typekit.net
users.api.jeeng.com
vi.ml314.com
www.cutimes.com
www.dianomi.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
x.bidswitch.net
yourbow-d.openx.net
z.moatads.com
users.api.jeeng.com
104.18.41.105
104.244.42.195
104.244.42.69
13.107.42.14
13.32.119.77
13.32.99.16
130.162.160.243
142.250.181.226
142.250.186.70
146.75.116.157
147.75.84.158
178.250.1.11
178.250.7.11
18.197.249.97
18.208.125.13
18.66.112.103
18.66.112.11
185.64.189.112
185.64.191.210
185.86.138.121
185.89.210.212
192.226.84.37
193.3.178.3
198.47.127.19
198.47.127.20
204.180.130.159
204.180.130.165
216.52.2.91
217.79.188.11
217.79.188.21
23.213.164.238
23.213.165.236
23.218.208.23
23.218.48.210
23.32.184.180
2600:9000:2057:b400:18:1fcd:353:c61
2600:9000:20eb:4a00:2:53b2:240:93a1
2600:9000:223c:9800:1e:5cef:3780:93a1
2600:9000:223e:c400:7:2bfb:7c00:93a1
2602:803:c003:200::31
2606:4700:10::6816:38ae
2606:4700:10::6816:39ae
2606:4700:10::ac43:db6
2606:4700::6811:180e
2606:4700::6812:3b7
2606:4700::6812:d5a
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:d::d
2a02:26f0:3100::1735:2a09
2a02:26f0:3100::1735:2a43
2a02:26f0:480:f::213:7ee1
2a02:fa8:8806:20::2100
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:d29:3601:f60d:7f4e:ab14:8158
3.126.44.120
3.212.152.189
3.222.82.214
3.75.62.37
34.107.148.139
34.111.129.221
34.111.131.239
34.111.234.236
34.246.113.219
34.254.109.178
34.98.64.218
35.157.107.99
35.201.104.135
35.204.74.118
35.227.252.103
35.244.141.151
35.244.174.68
37.157.3.20
51.222.80.231
51.38.120.206
52.211.144.29
52.222.208.154
52.223.40.198
52.30.226.31
52.46.128.147
52.54.96.194
52.94.222.140
54.166.243.20
54.174.89.161
63.140.62.160
69.173.144.138
69.173.144.139
75.2.40.13
77.243.51.122
95.101.149.233
99.83.218.184
01ba2992df84f6786295cfcc19ecbabdf0919e190709681db55fd9e5943d5692
0403725b1c8bcae9c8693bd83536607fd927b02463b2767524d07bbfe48280d7
04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8
04bcbf22aed03a8ea72525562e6a2c181a6781c856bf5208f4399a98cf54f02f
05fb9534f982df2d1adc9d37295d76c3cbc96e4f5306348a2b78d38185fc8902
06794b9794373c30562d99b864881567f23987ab2ac3754bad3e08a128852b95
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
087cf69b19444e10d1b5709e94112ebd5b54636c23d75b012eddafaab82f12bc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895
0f9caede86d189d7091217062c9fdd3e22d5960edce3adbe3b6f5c9c219699e1
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
12c2459d1782f58fd53e51f6e0b8e14851581867b93a11a4553bff90aa58d801
1464e33b6ab1590344b0611e1cceb0b144a2f53333b81b3000dc019c69f0c8c8
14f40684d1ff87030cc6063511a7b2e940a8ce66a42e147fa624941d72e25a53
16c2b7316acf69efba53833eb1fc7323ada9027e5b5654788234f7d714c9ca18
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19804186238957ecfca8efddcee6598e15bbc1eebd9bc4a48228524be1ed68b4
19cd34075de9465d3287b99d7a4161dd5163da3f2b522d668a01cd2718069815
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1fef10912b54dcf9f0d7476ebf49e118589a142fdeff523872ea56dc4a640f5b
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
2399391e7c44209c0212e6590bcc642783307226dae98884c32d7f50d9b849ab
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
242f7a4cf3f1ca8be2a2fc2f5c2bdc24c51ac07076718f07763b20a1f7d0931c
25822925881f46a4f58765b6c149fd224caa132d636bdaa21d0565c836439b65
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2684e66798cca1660cfde01b39566c971b5c6b3f6c5c2aa65504c32c63506919
2834b68f83bfbe7ba8d5b8c4c1b5dc0125083a8a0876e56c2534fb86d4aed4be
292f853f9ef0e448c5536987fe87197f401bafcde3e0857e17de1f0676f5b2eb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aeb25c52f7b13f470e8d28108271d4ee51e158baff2bd10ae65a29d6b10db97
2aff5614a231508d127ef71ee9cfeb2a3d24a42ae8aff6dd09305a822b480f1b
2cc1ae951839c9630aad94142f6632c437aff325b6581fb0da2e32a1abd1db1e
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2dbdf7a13e1334b69e8cef487194ffba66d38db4e3b625db40c174ffd69e74df
2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8294a786bc25bd9d8bcbd3a5f91f1195380535a09d3e10b5dcdc98cd5e2c2e
30302927846e1e96074f21ad54019d617985b5fba9cecb9c449bd1453d50556f
30b311e412a9c417d2f590bb6df0767d4027bb82246ab38be83639e1cde87ac0
30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a
31332900f82a1f5b817d8dd60603dd17884a8361ad96db65d0461253b9e1ca1f
32bded0620995eb1ddf9381739007b25a49a026189d4df94380fb8ca9414c479
33d0f3acffdcb58f31ac161da1a4b22762c67da71f8d832a1259d1d6347e42d1
34344b698252709a9d7d85399bcc69d1627f83b32fd8d15b6ab5c077ecdd7be6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ab137553e67ba2075dcfe54d3f10cfa9606873f55190f85b41227dfa34657fd
3b0b408976464913fe074a9f1b5c8f6ad61be1273e6c3fd17cb6935c123643e9
3cbc5d690e4bed374489983d5014b45abb2b7ca23996cde29b1acbea65deedd4
3d009e1f983a447ff23bcac73cf1ef22283e42639ec1dddb639957c8e4eca841
3d21bcee8e4e8f2c909c58ca56aaef23cec66be18425e0aec59ca80dceed4055
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db9eeba299f8f33ec4c711b890fb0e6e8c329f4791486de403cdf847f7255dc
3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed1661b57fcb41509c4a6e2fcfb7c8738ceac87d751927edccebe8a255ce88e
3f47f64f29a549fb0d86348a2a93a0e1b037120486156eb73b28ebb3d77b3631
3f5be67f95c28cdef0ff1898f436c86e6f0ae8c531bd3dce6796491e869c1010
3fa8211790c5e7d1d331736c393cce99a527b011528c8c584bef0bc564b7a80f
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4488cb268226672bb55d07e526f8a44e53e89df3f692d488464c71bfdbbbea18
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
49d90c0bc600472597b63efba08cf2f84214cb16b7f3df6487fe4a4b32c4bb3c
4a9409188917e000413cd20b03fe2d04dc6669c1292510aaf40f6910d2258689
4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6afb9bb064fb7f5608d2bdf3004983d6a95b8886f5cce88f099bfb9975998b
4dcc8a784d16b88354e3afdaca4f6726207280da9bc8e68516ba755b4ae87421
4f8af11be9101582f8a3f124d89a76aff790297722ae9612baa333cbc974c065
50488721a783cf87dd7cc37ed24569cbc8e3072d79b72a5bc30637f1695e0d1a
5143bde4188169250e768b40aa598feaf47311819ff78cb6bc542f02e4709f8e
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cfa28e2f75af41233c297e5f7b15b514371d20311b17ee893df213bf5f9235
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc
592cc96e00ffc2fbc2c57982576d5cfe2fab672ba23e21d9a7859726c32af87b
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a5ebe3f7b84fbf0530acf79443b9022980ec6ae2cfa29cbb844676cb043c6d3
5a6820b2676b11f2b87fc4a4558ddf87530ef5e8f483fb9e533f6ea1d7942260
5ca43f1ee8aecd5c06a14b8837dbd65004478a1aae8b2d277e5117f9ce8be3b1
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
5d6b69ca2b9754898cc86517363aeac55b52e8712ab9cbf2807aa5cb6f6b847d
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f91bca40a1df62ab948ea73935d2f944b7537295ccbc19e4c4e2fc3874bf399
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
60670bfa41fd1644a433674a62c5aff53afa2ae138dc05071b9dd4ab89bc21b4
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6252f5806c6e77681f600fe3a70d56824556525956c5192908adc4b708225fdf
628d06478f26d9090233c553a254ecc0b11b868ce0aea5ed61e3fc687db037b3
62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
6a301f751b675efdaabc1e9b3b1bd9b29b9a36fdbdb0c49cdcffd0119642f4f6
6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787
6cddf74bf3385131e4c86560dc82a9805b1feff23ff72b1b4ba374c4638db07c
6e39ce1bfee0dce0a9fe34948f2d048f7dce1c03eea8ee4fd23e612769f16f48
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
729189f79c7f0978b3f376ee4b58cbfd6fae04b3b9eb9779105d3eceeeddecd8
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7625b0eda49a7554cccfe266fbf8476055ac4bcfd1dcadfaeab461b0249e4238
77d7fbabd50ebc363306dd1c68bf685b831ac5cd7c189ed2a0b29f3d0b5a5c36
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
79d6921d497fe84166b05cc6cda52967e6d6e9ae08605208048dd5e1c016d5fa
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e5ab9401078ea871e58750237e868bef4999b7d0271e9510ef15761aea2f71f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81df6eb167db278e08a4c647f9946e62eb30f38ec5b768319537685a60079c9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f86b71d441f587ccb99d98b200b2dba76c6589898e6b2fbf4a4499bb1dcf05
846329f1d649d53f198402f1cff564c37202641788a49726cfca2db3f4a6970a
859554cc637e79f939df68b6fa664c990164b262497262c527207a2c61bdfa3e
866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb
88270e4eb75a854c6d013630f78952e5662a30fdf804fe44241ecd9dcdb243a1
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
8c9a66917c90d7bc4fa572a79659bf85ac4a9a4a7063f99e694b2ae9a6d38b02
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e94a5940e9270fc51c2f14984eab62e37bb9a6886e83406913109ec5a8d517d
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
8ff14e7090beb60dd4d22391b76fc95426ee3a6946e5197b2a9131310315f833
909af2f25f0a7fdf3c2c7f0b25393282044d772a794bf415b5f019a36487c081
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94bd8b828002f39cf37f40e1e740b4b6ce321465ba9f01c1cbb0100ce9a6736f
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
978b2e652db1096422f81839e749f032cd15436c464aa24eba8187931b9b71ac
98e018091a55ef9c6468213d7ce4d295a1dad2c1454cf6986e226b79ba1db6d8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b17b0fb29b28acb9c628a8f363ef5a57b47b4818c70b9932fa388ec5e9d65b4
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9ca0a084917496acf29f51dc2881975e7bbf9025a935f1f8efe6af4f8abb857e
9cff57f14a226d077df52b4c184b569d9041a704925406468be85efa8e2e318f
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
9deee22321901c58c6baa27ad470951c2eff83eb98baa4e7f4d681e4d2905c54
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9e32f84eecba342a07527ca67ad30cb046827d9b9c04caee7922a0e575ae89c3
9e373ead22e054ea4f318e38634ebfd5a1854ca4433d289eb84c6419b393d7cc
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9fd0c51d2ad92a8cba6bc510ad389f76a05256fa478137276706fcee7acfc83d
9fea063104143b2e6a174bce9d4be977451e5ce93cb54733fe702442688ef12b
a0a2301e6507a54260374c1bb20691065a2282b213937e42db2f0cd574cf828f
a1a083f86d26e7af8b8bfddeef33186ef6bb315950f0e5f70daf75097d1ec7ff
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a34377483ff3aa917edd6efc5adef60b169de3b576b2dce9627b22f0392059b7
a52f5fa09c76df9148f0ba4e0bf950b3ce214dec33bad54b997e5bbc0572e39a
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
a912d4c7fd6c04be8884c4f1b4aae12a43f7fcf61db61c4bf47cbd3b9a6977ed
a9ff2d68ce2d644201644869d71b53fece002f8e4e8b0c85a18a177ec53d1498
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b02de0aa119a272fecb441428c9e732cdd9dd9645af36686e301da7359bb15a4
b041b263257ea168f3f8b38479f17692a2ea4c30121a3d22b1ae5656ddf27e09
b218592179f2d85c0572dfc823915f0d460fa4aa4fb79e3af57c839c6af22d7b
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b7255cdffd3401ff2e3fb95517ff7c16fbaf0d9f79844049a6dabed4fd2f4aef
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
bb2535c20fc4fba30f653b4ac43b337f8acfd83a079feb2c96f27a5ab0388bf2
bc91054a135c8bec0621934a81b1975f6f9a2379a7bc36a4c0aa6467c125cf7f
bd03155fe2d248a395afcf266f3d92f447f75d38c5b842d921ef5fd9bfcb38c1
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
bebc6d275ec4c3253b5daac07ef642662d7a1d3bf3d792fc876677fcb463cc70
c1113177a8e4eaacc91335294e8e4fceaed438e987f938e5d4275879a54c406b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2210d3cf8bca2ba613f9d4dca8f4a86b0bb59b8aca2679bc6a0fc4858340dd8
c25aad21e410b837b04e08e1bb2f54ef9887585cd46a894c8fc00e8e2dcb45a1
c30f14538e5a210d3eac3c0af05e64f2bf49d109bbdf9136c7cc40a80da6b49c
c3bc7d4092bba4637f52c9e7efba1c6af5aa9b1cfe932be0922081dee9d57e55
c6817b7775af94a21d3ee840fdcc95e0a33d90d2d5d26a6026ec3680286ba5f8
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6
c8d100aeb497ad8e496281e396aef3959cc1e31898543dc537be06f57f7b926c
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ca5754e3e16907d01b9ca80435910a12f9a2ad4476a12666736ef174f7b94ec1
cc12590607bb12ef353a21ebd22b1aa89bea7036a9a9c8e06a85350230fc673c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41
cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3
ce6f4134bfa4425869c535be5b03512f14335dbea6979caa71d4af30a894f4e1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf67ca53d5fad1f739194df54982a7dbaf4d098633bf7958f6b3398d88234345
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d005cf5ee225361ff1c1eeba6e356f260381602e2b21f48e5d5864952bad535a
d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e
d10e1bab5fbfcb4859c195c190ce035a6d5ef3b897240d494dae7672ae75b8f1
d1be4120a00856cee830a95a0b428176608b0723595505446002c0fc705c4299
d2db91fcbb373af9d2ad04318eba6a4235ac07eb0b16a4dff38c7c67a73abfb8
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d42853bbf9154e94c82e955a5dd00fc3aac759922fd6b9e1238b5b6395a06dec
d494c22b41480f3e783389dc371319a94ac25bcc5ab8dc08472ef5b5bfeda7de
d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda
d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22
d70ea618644c1a799fbec5d8749ab5f96d3eac585a4647a0bc3147fc9e7f846c
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f
d868f87482b6ac0aaa3cbf3b1a9410c07fd22e13fc20ee7ec2bc687117804ca7
d9185c606398d40a48d24ef32c1c7ab20c472390b5ed9daa2e190c9b2eaba492
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585
db4317ea2e84229e217292c4a1edb7115c663a26160ab9fe1f293d5416e912d3
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
e2e7193fe2e8990e8696dfd5f5180bff5907e515004d9efaec52e78dc39d35b6
e375ba39035f084b90e5774c92f03b30625c016765624842874269d1fcc5d4eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca573db02e2bf8f6c42f62eb321e2337634944d4f369fbbd53ee2d7e8ff471
e68dd2f6c9ff7bb14ea989d54b364c47b38217e1b54ae81eb64ab011729e9443
ee80cf2fb181d3826ad6b96990477b5f3898ddc06c438eaa0d0f63641f73a3f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16adc3ce5a57a50761d90fb09e1674c343ddeecfba9c78c816fbdd06fce9646
f31d2dfc1978d5fe95f0e110bcd134a79a05c8d420e4df70165fe377b3d691c5
f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768
f4fb2954bc2129533ffd10d39909549ad56a10907252158460e91642a8066221
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8194cc3d62b0028d3d0c73c9d0863895fa17a50583ab6c7e39e6b8cc4f35a26
f82db28df0b0e7e83efd1a582f957468d0ad1298037fa394523fcbf3b07eee94
f841af768419ab81c56c7c92c43c96325b61bb104226e84279ebdad7088fcb67
f84ddd75e357a6eb8868e4a0abbaf7116a48b0b965ed6d6d32695e03c6c32332
f8909edfb83736fcd88a50082f38a0d75e8f9bd211b72e27d383a2391b871e30
f9112be5f85d8b57fc32eb873a76a4a9ec1321aaabda34c59baec9a0f3350cbc
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fba977306f82dd32d45acd8b8c033dfee26ad14218d572dc62320ba5b626a4d7
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fcb97f7551038f7d502061b27f07bdc5725d7f7fc86f89614714110d07435aed
fcf62dbb083a2be2c506d4cdc4dce9cec057b0f15933c6b8454d09662420dee1
fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf
ff2f51973a802f3170c21fba2d3ede07ef395ffde19da76ec09d35b32afa564c
ffd206df712f0040df33bbe4b7370847881beaaf156dbf7a67a422152c9224ba