www.cutimes.com Open in urlscan Pro
2606:4700::6812:3b7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.cutimes.com/webcasts/
Effective URL:
https://www.cutimes.com/webcasts/?slreturn=20230808140118
Submission: On September 08 via api (September 8th 2023, 6:01:28 pm UTC) from US — Scanned from DE

Summary HTTP 374 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 97 IPs in 8 countries across 63 domains to perform 374 HTTP transactions. The main IP is 2606:4700::6812:3b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cutimes.com. The Cisco Umbrella rank of the primary domain is 861160.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 21st 2023. Valid for: a year.

This is the only time www.cutimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 35	2606:4700::68... 2606:4700::6812:3b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	192.226.84.37 192.226.84.37	16524 (METTEL) (METTEL)
9	2a02:26f0:310... 2a02:26f0:3100::1735:2a43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
1	2a02:26f0:310... 2a02:26f0:3100::1735:29f9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6812:c5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.141.151 35.244.141.151	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	108.138.191.50 108.138.191.50	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:210... 2600:9000:2104:c000:1e:5cef:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	130.162.160.243 130.162.160.243	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
11	2600:9000:223... 2600:9000:223e:da00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:19ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	172.64.146.151 172.64.146.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.239.69.103 18.239.69.103	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:38ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
2 15	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.70.172.91 52.70.172.91	14618 (AMAZON-AES) (AMAZON-AES)
2	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
1 3	34.251.64.143 34.251.64.143	16509 (AMAZON-02) (AMAZON-02)
4	104.86.47.65 104.86.47.65	16625 (AKAMAI-AS) (AKAMAI-AS)
20	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:9c00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:310... 2a02:26f0:3100::1735:2a3b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	44.209.255.129 44.209.255.129	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	52.209.112.33 52.209.112.33	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.214 63.140.62.214	15224 (OMNITURE) (OMNITURE)
1 1	52.18.247.63 52.18.247.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:236... 2600:9000:2362:600:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	108.157.187.32 108.157.187.32	16509 (AMAZON-02) (AMAZON-02)
7	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
12	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
2 8	193.3.178.3 193.3.178.3	399668 (E-PLANNING-) (E-PLANNING-)
12	3.121.142.71 3.121.142.71	16509 (AMAZON-02) (AMAZON-02)
12	185.86.138.123 185.86.138.123	201081 (SMARTADSE...) (SMARTADSERVER)
6	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
6	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	209.191.163.209 209.191.163.209	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
7	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
6	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7 9	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:39ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
2	18.66.112.11 18.66.112.11	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 2	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 4	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
2	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:5aec:1139:b771:4a28	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 3	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.249.118.122 34.249.118.122	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	52.205.47.26 52.205.47.26	14618 (AMAZON-AES) (AMAZON-AES)
3 3	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a02:2638:d::13 2a02:2638:d::13	() ()
1	2a02:2638:3::1a 2a02:2638:3::1a	() ()
374	97

35 2606:4700::6812:3b7 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
store.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.226.84.37 (Manchester, United States) 1 redirects

ASN16524 (METTEL, US)

store.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geoip.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3100::1735:2a43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

owlcarousel2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:29f9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c5a (United States)

ASN13335 (CLOUDFLARENET, US)

imageserver.amlaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.141.151 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 151.141.244.35.bc.googleusercontent.com

cdn.yourbow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.191.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-191-50.mxp64.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:c000:1e:5cef:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:223e:da00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19ce (United States)

ASN13335 (CLOUDFLARENET, US)

data.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.64.146.151 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.69.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-103.ams58.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:38ae (United States)

ASN13335 (CLOUDFLARENET, US)

users.api.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.172.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-172-91.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.180.130.165 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.180.130.159 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

cdp.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.251.64.143 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-64-143.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.86.47.65 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-86-47-65.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:2a3b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.255.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-255-129.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.112.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-112-33.eu-west-1.compute.amazonaws.com

alm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.214 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-214.data.adobedc.net

b.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.247.63 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-247-63.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2362:600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.157.187.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-187-32.mxp53.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 193.3.178.3 (United States) 2 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.121.142.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.86.138.123 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:39ae (United States)

ASN13335 (CLOUDFLARENET, US)

telemetries.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

go.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-11.fra56.r.cloudfront.net

cdn1.opstag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.46 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.91 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

yourbow-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:5aec:1139:b771:4a28 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.118.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-118-122.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.205.47.26 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-47-26.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.234 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638:d::13 (None, )

ASN- ()

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (None, )

ASN- ()

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	cutimes.com 3 redirects www.cutimes.com — Cisco Umbrella Rank: 861160 store.cutimes.com	152 KB
34	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 cm.g.doubleclick.net — Cisco Umbrella Rank: 259 ad.doubleclick.net — Cisco Umbrella Rank: 183	200 KB
28	criteo.net static.criteo.net — Cisco Umbrella Rank: 653 imageproxy.eu.criteo.net csm.eu.criteo.net	401 KB
23	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 557 eus.rubiconproject.com — Cisco Umbrella Rank: 656 token.rubiconproject.com — Cisco Umbrella Rank: 662 pixel.rubiconproject.com — Cisco Umbrella Rank: 385	20 KB
19	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 10442 data.dianomi.com — Cisco Umbrella Rank: 11713	106 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	59 KB
16	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 279 acdn.adnxs.com — Cisco Umbrella Rank: 643	58 KB
16	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 353 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 13546 aax.amazon-adsystem.com — Cisco Umbrella Rank: 442 s.amazon-adsystem.com — Cisco Umbrella Rank: 335 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106	74 KB
14	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 565 ads.pubmatic.com — Cisco Umbrella Rank: 572 image6.pubmatic.com — Cisco Umbrella Rank: 869 simage2.pubmatic.com — Cisco Umbrella Rank: 896 image2.pubmatic.com — Cisco Umbrella Rank: 1056	25 KB
14	moatads.com z.moatads.com — Cisco Umbrella Rank: 694 mb.moatads.com — Cisco Umbrella Rank: 732 px.moatads.com — Cisco Umbrella Rank: 600	193 KB
12	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1710	4 KB
12	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1222	2 KB
11	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 866 gum.criteo.com — Cisco Umbrella Rank: 455 mug.criteo.com Failed ads.eu.criteo.com — Cisco Umbrella Rank: 8559 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14574 dis.criteo.com — Cisco Umbrella Rank: 633 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9434	66 KB
11	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1209	85 KB
10	typekit.net use.typekit.net — Cisco Umbrella Rank: 536 p.typekit.net — Cisco Umbrella Rank: 690	189 KB
8	e-planning.net 2 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7110	4 KB
7	media.net prebid.media.net — Cisco Umbrella Rank: 1453 contextual.media.net — Cisco Umbrella Rank: 712	14 KB
7	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 799	2 KB
7	openx.net rtb.openx.net — Cisco Umbrella Rank: 796 yourbow-d.openx.net — Cisco Umbrella Rank: 19832	1 KB
7	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1027	954 B
7	omeda.com olytics.omeda.com — Cisco Umbrella Rank: 28067 oqs.omeda.com — Cisco Umbrella Rank: 28617 cdp.omeda.com — Cisco Umbrella Rank: 27819	74 KB
6	lijit.com ap.lijit.com — Cisco Umbrella Rank: 747	2 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 405 www.linkedin.com — Cisco Umbrella Rank: 636 px4.ads.linkedin.com — Cisco Umbrella Rank: 6338	5 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	75 KB
5	law.com 1 redirects store.law.com — Cisco Umbrella Rank: 116038 b.law.com — Cisco Umbrella Rank: 128343	9 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2910	3 KB
4	adition.com 2 redirects ad4.adfarm1.adition.com — Cisco Umbrella Rank: 64598 imagesrv.adition.com — Cisco Umbrella Rank: 16946	1 KB
4	gstatic.com fonts.gstatic.com	161 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1275	104 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 234 alm.demdex.net — Cisco Umbrella Rank: 143936	6 KB
4	ml314.com vi.ml314.com — Cisco Umbrella Rank: 8596 ml314.com — Cisco Umbrella Rank: 2152	22 KB
3	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 3578 c1.adform.net — Cisco Umbrella Rank: 660	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 20565 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23515	898 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	170 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 30165 a.dpmsrv.com — Cisco Umbrella Rank: 25488	31 KB
3	alm.com data.alm.com geoip.alm.com — Cisco Umbrella Rank: 139631 go.alm.com — Cisco Umbrella Rank: 140165	9 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 406 fonts.googleapis.com — Cisco Umbrella Rank: 58	8 KB
3	jeeng.com users.api.jeeng.com — Cisco Umbrella Rank: 40068 Failed telemetries.jeeng.com — Cisco Umbrella Rank: 32027	158 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	529 B
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 12174	120 B
2	opstag.com cdn1.opstag.com — Cisco Umbrella Rank: 42519
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	88 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 5134	4 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 909	9 KB
2	amlaw.com imageserver.amlaw.com — Cisco Umbrella Rank: 50362	69 KB
2	github.io owlcarousel2.github.io — Cisco Umbrella Rank: 127999	2 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 935	610 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 957	265 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490	619 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 447	98 B
1	google.de www.google.de — Cisco Umbrella Rank: 5643	455 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1139	378 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1272	517 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 864	394 B
1	t.co t.co — Cisco Umbrella Rank: 580	379 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1420	201 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3228	397 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 862	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	70 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1677	15 KB
1	yourbow.com cdn.yourbow.com — Cisco Umbrella Rank: 74269	411 KB
374	63

	Domain	Requested by
34	www.cutimes.com	2 redirects www.cutimes.com
20	securepubads.g.doubleclick.net	tags.tiqcdn.com olytics.omeda.com securepubads.g.doubleclick.net www.cutimes.com www.googletagservices.com 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
17	www.dianomi.com	www.cutimes.com www.dianomi.com
15	imageproxy.eu.criteo.net	ads.eu.criteo.com
15	ib.adnxs.com	2 redirects cdn.yourbow.com acdn.adnxs.com
12	static.criteo.net	securepubads.g.doubleclick.net cdn.yourbow.com static.criteo.net ads.eu.criteo.com
12	prg.smartadserver.com	cdn.yourbow.com
12	btlr.sharethrough.com	cdn.yourbow.com
12	fastlane.rubiconproject.com	cdn.yourbow.com
11	tags.tiqcdn.com	www.cutimes.com tags.tiqcdn.com
9	cm.g.doubleclick.net	7 redirects
9	use.typekit.net	www.cutimes.com use.typekit.net
8	pbjs.e-planning.net	2 redirects cdn.yourbow.com
8	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	px.moatads.com
7	onetag-sys.com	cdn.yourbow.com
7	prebid.a-mo.net	cdn.yourbow.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
6	bidder.criteo.com	cdn.yourbow.com
6	prebid.media.net	cdn.yourbow.com
6	ap.lijit.com	cdn.yourbow.com
6	hbopenbid.pubmatic.com	cdn.yourbow.com
6	rtb.openx.net	cdn.yourbow.com
6	aax.amazon-adsystem.com	c.amazon-adsystem.com
6	cdnjs.cloudflare.com	www.cutimes.com ads.eu.criteo.com
5	pixel.rubiconproject.com	3 redirects
5	z.moatads.com	www.cutimes.com z.moatads.com securepubads.g.doubleclick.net
4	a.audrte.com	3 redirects ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	ad.doubleclick.net	2 redirects www.dianomi.com
4	fonts.gstatic.com	fonts.googleapis.com
4	px.ads.linkedin.com	3 redirects
4	secure.cdn.fastclick.net	www.cutimes.com secure.cdn.fastclick.net
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	www.googletagservices.com	securepubads.g.doubleclick.net 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
3	www.google.com	tpc.googlesyndication.com 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
3	ml314.com	tags.tiqcdn.com ml314.com z.moatads.com
3	dpm.demdex.net	1 redirects
3	cdp.omeda.com	olytics.omeda.com
3	c.amazon-adsystem.com	cdn.yourbow.com c.amazon-adsystem.com
3	store.law.com	1 redirects www.cutimes.com
2	c1.adform.net	2 redirects
2	image2.pubmatic.com	ads.pubmatic.com
2	cr.frontend.weborama.fr	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	match.adsrvr.org	ads.pubmatic.com
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	eus.rubiconproject.com	cdn.yourbow.com eus.rubiconproject.com
2	ads.pubmatic.com	cdn.yourbow.com ads.pubmatic.com
2	data.dianomi.com	www.dianomi.com
2	m.exactag.com	www.dianomi.com
2	imagesrv.adition.com	www.dianomi.com
2	ad4.adfarm1.adition.com	2 redirects
2	cdn1.opstag.com	securepubads.g.doubleclick.net
2	telemetries.jeeng.com	users.api.jeeng.com
2	www.facebook.com
2	58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	b.law.com	tags.tiqcdn.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	pi.pardot.com	tags.tiqcdn.com pi.pardot.com
2	snap.licdn.com	tags.tiqcdn.com snap.licdn.com
2	oqs.omeda.com	olytics.omeda.com
2	a.dpmsrv.com
2	mb.moatads.com	z.moatads.com
2	olytics.omeda.com	www.cutimes.com tags.tiqcdn.com
2	fonts.googleapis.com	www.cutimes.com ajax.googleapis.com
2	imageserver.amlaw.com	www.cutimes.com
2	owlcarousel2.github.io	www.cutimes.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	acdn.adnxs.com	cdn.yourbow.com
1	contextual.media.net	cdn.yourbow.com
1	yourbow-d.openx.net	cdn.yourbow.com
1	rtb.nl3.eu.criteo.com	58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
1	ads.eu.criteo.com	58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
1	go.alm.com	pi.pardot.com
1	geoip.alm.com	cdnjs.cloudflare.com
1	gum.criteo.com	static.criteo.net
1	idsync.rlcdn.com
1	www.google.de
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	alm.demdex.net	tags.tiqcdn.com
1	analytics.twitter.com
1	t.co
1	ping.chartbeat.net
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	static.ads-twitter.com	tags.tiqcdn.com
1	www.googletagmanager.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	s.dpmsrv.com	www.cutimes.com
1	data.alm.com	cdnjs.cloudflare.com
1	vi.ml314.com	www.cutimes.com
1	ajax.googleapis.com	www.cutimes.com
1	users.api.jeeng.com	www.cutimes.com
1	cdn.yourbow.com	www.cutimes.com
1	p.typekit.net	use.typekit.net
1	store.cutimes.com	1 redirects
0	mug.criteo.com Failed
374	110

This site contains links to these domains. Also see Links.

Domain
www.alm.com
www.facebook.com
twitter.com
www.linkedin.com
store.law.com
event.cutimes.com
https
cutimes.tradepub.com

Subject Issuer	Validity	Valid
cutimes.com Cloudflare Inc ECC CA-3	`2023-04-21` - `2024-04-20`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-18` - `2023-11-18`	a year	crt.sh
*.law.com Go Daddy Secure Certificate Authority - G2	`2023-03-09` - `2024-04-09`	a year	crt.sh
cdn.yourbow.com GTS CA 1D4	`2023-08-22` - `2023-11-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
vi.ml314.com GTS CA 1D4	`2023-08-09` - `2023-11-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2023-06-18` - `2024-06-23`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
alm.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.dpmsrv.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
jeeng.com Cloudflare Inc ECC CA-3	`2023-07-14` - `2024-07-13`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-08-05` - `2023-11-03`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-07-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-18` - `2023-09-16`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
b.law.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-10` - `2023-10-11`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.a-mo.net R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.e-planning.net R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.alm.com Go Daddy Secure Certificate Authority - G2	`2022-12-25` - `2023-12-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
go.alm.com R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
*.opstag.com Amazon RSA 2048 M01	`2023-08-29` - `2024-09-25`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Frame ID: 296E24835E43BACBA8EF006551E6EC02
Requests: 257 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 9213476CF3283739748F2782FC3BCF68
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
Frame ID: FD5B55FB3B8295D6CC3F664C0378B08C
Requests: 10 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
Frame ID: CA3683221281901AC86F40EE96C78539
Requests: 15 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: 02AEC21489772AC22F54FB2FF7C9F835
Requests: 1 HTTP requests in this frame

Frame: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5AE751B698FE53BFF0C1ED08479668D7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.cutimes.com
Frame ID: 32B4424A5AF17088E13CF5E4DEEFE7E6
Requests: 2 HTTP requests in this frame

Frame: https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Frame ID: 6C008DD8840E80826DA7CBE9080F0B1F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYiPYBSLaD9lvxWBJ0CbonrfBwXuDDPvf77p0Vv7RkphjLuNm9-pLBXgT00CjgABSTd5R5RctrRR2aoMrdN77OSRSyXBRLVvRPhnfaAB6HKaLgRqkITS44dcBf-O0FovGF0iqLwa6RuwGmGKDMnBe1VvAR1wO6NH217Eb7_CoQ2WqKneCqRQdGNDeEe7hOojOInyTsDXIW7xvHwYW68wOi-84CuHVjrp0kEN4LYm72VlJ1OHaAsn39dXNZapdwpJf_ZM1Rf09U_sHtBaRkZ2mNYFCjUjJ5TyIKirtxmEfHbn3mudBHpbJWt-xTJUv-XHvuQM3I9cZ_23t3ePJMpfo&sai=AMfl-YTBeo4saUYQB73S8_VEXytzGAaduaSTHDzbJ-ebYTiBQl_ZQ90eWgwqjeUUZIzCYuwOE0rr5UEje9JyV2gc19o1Ok6tEaAV11Osn9krulnPAEEasnaoyhVj5lKa4HI&sig=Cg0ArKJSzGxUmPo-ZSvqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 484B5A5CAB658B4F0DBDD497C1ADC462
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 343B6C49094CD531328E32CFF11A7376
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A9793D95A17E0BF9676A4CA25B92A29
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoRo6oqkoD5SEMXI8dysXiDZpzDRiM7L1TUaNrnAcbM-8J_1z52cdeFASrfZS5BKoYsKQHM6J924WH24-PbwSk5cqRri4LOvdlZt9s2eJoAC2YZ5SRKO0PbKzdhJoDpxrN6PlkTEsva4COj7tgm0ACLyWg9FwAAGI5cIwUzERI42_5DVvMLeOlbEBStybv6hCdJllN1IFCrgOAcEkO6uz5DOCdXRjiCgHHuIvwTNGCHOdVaG5qaC53QDWuV723xip8yfOip_phYXpkd-Th1I1nIRD--FtLPaamkDVeklnCynMtIR53MKKiUwXpmuAy_4SGJX5NO7emeCCo0LhurMA&sai=AMfl-YSc-1bbVQAtLRsHuR-_MMZpSZHfQj6u3hh6OZ8vBVa9meqI5MQWOctVeSc7j_478PjSwEOkI5jC_AIRlDWSzRA0zeHlIbaKyaz1bnCPdYVEpG-G8gvTx-NP9cCbSlM&sig=Cg0ArKJSzCfvgilWpQbrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 12BED4294079A84841E937DF101C6593
Requests: 7 HTTP requests in this frame

Frame: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BDC2C9977AF36630216052B1D4D01895
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPthcwALxVYKd4XSAAkPmFXVrfwKAcrnjbKa8Q&u=%7CgGaZFRvY%2FyrzdFH1WpqESZd42eBym4NirGglLhRg7hY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSM6boGrTGaVhphTuIU_fhho2rqRv486Nl8sHUrWfxKVtrhReMZI7QfdxBefGFkx_LxFxy9pYNBbXSntFPv3QXid87oo-Ek2K1W7WRNi_Nk6Mcjb1Mt-SAKyfX-OnTEQ1PL9GOroswS5sI99xmIUXlucnrG4CRDd4njObyITCb3V0T7LyMqszMMU6HLcL5sDX3fHBoNeZNa7NT5fGgfcARSQdHDJdYAEhIGkTJIrVL41IeAEKfFZgC3p05vXj8UjykSdYRKnxrT-GHk60bZUWC7f7psP980WOAvj8CvIy_DPXYM24f1xDKazVCXZkkK8EpujxGPihmW0LBwCOi_r6YO40KHTti1k-imZoiP_V9STsVMg0_HPRzIv7lkj-wKoitgz5eXbmfAjAMEVWp11SJ20uxp_AvxK0Z2KX83FEPb9N5niXe6vnjaIWdUucQsFLPxdGbNA9Fplb5ARx_mrCcWwNd7Y-eneH6gTGRTrlWyHeD-m4bGTY3ko91AR5ZY2JZRto4nZ0-VMYvsA7qVsoHFcucyMi31hMvx5Yek979TDbXtfkrqYsXWqBOBW0oBikS72zF3AvlGc5oYZwwIh0XsL1boeVIJ0oO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEJ3rc2H7ZNaKL9KL3gOYn6T4A8me0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMTI2MTk5MjQ0NDgwMzg3NcgBCakCj8oZsgXzsT7gAgCoAwHIAwKqBLwCT9BiKgK4z-kAwWn1anePlKloxS9JHVks3cqHqmRSe7_43y3uWE-qfToUG2-cLXBgOJsLb5vqA41A7aTRZFMDsP1mWU1p3sR947tOhl223QbA0JNZzDjNh4liR_WleTNUz7VjVCNOL0nvTIMPtJHuSxWjhNgQarXBqKmLrfEBmjLCUOFPtHrghO80C_lajUFLyVxisDL4tlYydcln1tkaPHeOFGWSCIa02nrXvXNSHqA1xvFtTH5L-xWJvNWx4Ww_Z-0U7FVkcIKsBJNc_WlXPWVg6qlS_7r9uohv2X1YCWRYzDldOtXrNzMcYUPaFF_mMmzsifHdreEH_FpUAz9EKj1QLn6F7g-cQuaM7HnUyy-OaE51KAF_KXiRoCgEPqJB502OLpGbYkGXXjsxlVDwZMc-dI3CuWhVQa8guuAEAYAG6o7pkfHckYcaoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0HvM4d2YuPyZ88nzLNGIc81CybLA%26client%3Dca-pub-1261992444803875%26adurl%3D
Frame ID: 1784F98D497A7BA0BB66E1CF08BFA554
Requests: 28 HTTP requests in this frame

Frame: https://yourbow-d.openx.net/w/1.0/pd
Frame ID: 2C7314D80770F2DB16B618E969CE47EC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1694196082693
Frame ID: ED0081A7EC0A97D6608246F6AD460AB4
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUN4B97C&prvid=2034%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C3012%2C2087%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 41C9BC0C5AC48C5E95CBCEE862812579
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: A46AAF3FB9620750A7D59CB0FBBB1FD7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FC6F1115D48AC4723352BF170551DC01
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Frame ID: 735CB1E96479A9857E2568B5176D4194
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5607E1C1A57B47E982166464CBC0ECC0
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: E452C4AF7E30F9C6B7B08CBD3CA8A4F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webcasts from Credit Union Times | Credit Union Times

Page URL History Show full URLs

https://www.cutimes.com/webcasts/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https... HTTP 302
https://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=1b90996f-f852-40d6-b355-7c9198272434... HTTP 302
https://www.cutimes.com/webcasts/?slreturn=20230808140118 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

374
Requests

93 %
HTTPS

38 %
IPv6

63
Domains

110
Subdomains

97
IPs

8
Countries

3161 kB
Transfer

7372 kB
Size

88
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alm.com/privacy-policy-new/#section5
Title: Click

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Credit-Union-Times/95378106084

Search URL Search Domain Scan URL

URL: https://twitter.com/CU_Times

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/3821859/

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/Login.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F
Title: Sign In

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F
Title: Register

Search URL Search Domain Scan URL

URL: https://event.cutimes.com/cutimes-luminaries-awards/
Title: Event Site

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/Newsletters.aspx?promoCode=CUT&intcmp=source_website_medium_header_campaign_newsletterpagenewux2023_content_navlink_term_cut
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.alm.com/terms-of-use-summit/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.alm.com/privacy-summit/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.alm.com/

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/MyAccount.aspx?promoCode=CUT#/EmailPref
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/Login.aspx?refDomain=store.cutimes.com&source=https://www.cutimes.com/webcasts/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://https//store.law.com/Registration/MyAccount.aspx?promoCode=CUT#/CustomAlerts
Title: MyAlerts

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa38/prgm.cgi
Title: Credit Card Programs: Does the value outweigh the risk?

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa4945/prgm.cgi
Title: 5 Reasons to Embed a Global Payments Solution Directly Into Your Product

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_glia29/prgm.cgi
Title: Intelligent Virtual Assistants: One Piece of a Bigger Contact Center Puzzle

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_alaa30/prgm.cgi
Title: Repositioning Bill Pay at the Center of the Credit Union Digital Experience

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_coop33/prgm.cgi
Title: The Evolving State of Debit Interchange

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_trel06/prgm.cgi
Title: How to Build the Tech Talent Force Credit Unions Need: Addressing the Credit Union Tech Talent Shortage

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_trel05/prgm.cgi
Title: How to Build Your Data Maturity Action Plan (Tools + Checklists)

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_alaa29/prgm.cgi
Title: Consumer Bill Payments in 2022: Trends Report

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_alaa28/prgm.cgi
Title: Top 10 Misconceptions About the FedNow® Service

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_opel09/prgm.cgi
Title: Sound Credit Union Expands Loan Availability to Underserved Near-Prime Borrowers

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_coop32/prgm.cgi
Title: CU Growth Outlook: Fueling Financial Performance Through Daily Interactions

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_opel08/prgm.cgi
Title: AI as an Extension of the Lending Process, Not a Replacement

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_glia22/prgm.cgi
Title: Drive Efficiency & Satisfaction With Intelligent Voice Automation

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa36/prgm.cgi
Title: Q1 Survey Shows 33% of Cardholders Increased Spending

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa33/prgm.cgi
Title: Credit Card Strategy in a Rising Rate Environment

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa32/prgm.cgi
Title: Top 5 Merchant Payments Trends to Watch for in 2023

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_alaa26/prgm.cgi
Title: Payment Hub Vendors: Options for Credit Unions to Modernize Payment Infrastructure

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_glia18/prgm.cgi
Title: Ultimate Guide to CoBrowsing

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_stae37/prgm.cgi
Title: A 5-Factor Storm of Auto Lending Risks: How to Protect Your Credit Union

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_stae35/prgm.cgi
Title: Minding the GAP Is More Important Than Ever: 8 Reasons Why

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_stae33/prgm.cgi
Title: Helping Your Members Maintain their Credit Scores with Collateral Protection Insurance (CPI)

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_stae36/prgm.cgi
Title: Why Moving From CPI to Blanket Is Risky Business

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_stae34/prgm.cgi
Title: A Collaborative Approach to Credit Union Fiduciary Responsibilities

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_alaa24/prgm.cgi
Title: Real-Time Payments: How to Monetize and Stay Competitive

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_alaa25/prgm.cgi
Title: Real-Time Payments Funding Agents 101

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_coop30/prgm.cgi
Title: The Layered Approach to Payments Fraud

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa30/prgm.cgi
Title: The Credit Card Pull: How to Attract the Next Generation of Members

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_glia16/prgm.cgi
Title: 6 Signs It's Time to Modernize Your Credit Union's Call Center

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_glia13/prgm.cgi
Title: Retaining Customers Throughout Technology Upgrades & Conversions

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa3402/prgm.cgi
Title: Think Beyond Credit Score: How Credit Unions Can Grow and Engage Members

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/webcasts/

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/login.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/webcasts/
Title: Sign In Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cutimes.com/webcasts/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118 HTTP 302
https://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=1b90996f-f852-40d6-b355-7c9198272434&source=https%3a%2f%2fwww.cutimes.com%2fwebcasts%2f%3fslreturn%3d20230808140118&debug=lawDomainIPWithRefRedirectAnon HTTP 302
https://www.cutimes.com/webcasts/?slreturn=20230808140118 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D129166%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252Fwebcasts%252F%253Fslreturn%253D20230808140118 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D129166%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252Fwebcasts%25252F%25253Fslreturn%25253D20230808140118 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=8851243300537448822&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=129166&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118

Request Chain 74

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1694196081859 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1694196081859

Request Chain 108

https://cm.everesttech.net/cm/dd?d_uuid=41728338892568179871037852171201155871 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPthcgAAAJbTyQNn

Request Chain 111

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1694196082208%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252Fwebcasts%252F%253Fslreturn%253D20230808140118%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&cookiesTest=true&liSync=true&e_ipv6=AQK8tV8VQOJGbgAAAYp19Ko4jwH_Wvek_JHa6tN7K2LcqLGxvXde2CegYYkeY9phine7mDs

Request Chain 119

https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.8148943336579761&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118 HTTP 302
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.8148943336579761&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118

Request Chain 142

https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.8148943336579761&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118 HTTP 302
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.8148943336579761&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8851243300537448822&pixelIndex=0 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8851243300537448822&pixelIndex=0&google_gid=CAESEGevSjD6gXm1avlIZYpAbBo&google_cver=1

Request Chain 204

https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js

Request Chain 212

https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=tFP8ZXxmU0IrUFJlMUh4RXFjanNRd1VsYW9HTHZVTVk2QmNMUkNiVDA4WWR3aWQyamNkZ2oreWJvS2hlSVB1WStjUThwa0tuS3JNZUhuQnRPTXBvN28zaC9IQmlqdjRmQWF2enU5SDJpNVZncTk1MGpNQVpFS0t5dEd3bFdMMFdkVzc2NWtpeFJVVUYxcU1ReGpEMjZqUVpnWVlxMmFMYmFTTjJNeE5BN3BTb1FoOHpMbkl4eW9hVlgvb2lrSGNFSUg0a2lpLzROMWpvemRRRk9LZEpQcEVVTXJyNGM4aUVNaDJPMVRVMHBTYzdUNHg5R2dkRlBtYWVyUHE2cUNSd2JLUnByamQ2OU1Fcm1aU3RaM09rN3c0ZUpJUT09fA&cppv=2

Request Chain 284

https://ad4.adfarm1.adition.com/banner?sid=4851113&kid=6098011&bid=18428349&wpt=C&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39} HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 285

https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_pre=CKHvlJ7Mm4EDFVUKVQgdVqAFkA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 295

https://ad4.adfarm1.adition.com/banner?sid=4851120&kid=6098011&bid=18428445&wpt=C&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39} HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 296

https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_pre=CODylJ7Mm4EDFSH-uwgds3EDxA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 332

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1BV0xSTVItMTktTTZMNg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELn9MKXPQuVaH4_S_1B7QLQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1BV0xSTVItMTktTTZMNg==&google_push=

Request Chain 333

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELHs40Hllf1LaXVcRbW89U0&google_cver=1

Request Chain 334

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTdiODNiMjgxMzE5MzllNDBhMTgzMjdjMTZmODEzNGZjNThiMzIzZQ

Request Chain 335

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMAWLRMR-19-M6L6

Request Chain 336

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/6znxcjtUDR6Ya3XxyIXX_Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xuy8iIdE2oL_LM1iJ0UTWlZBrVZPANTO98axRg--~A

Request Chain 337

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qdCdzLydRdK4lDuvIXjhLg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qdCdzLydRdK4lDuvIXjhLg

Request Chain 338

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AfcL4CAHSXuxUOx7L8B2WA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AfcL4CAHSXuxUOx7L8B2WA

Request Chain 339

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 340

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NwgKb1t1QEi2WXXnSl5cYA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 342

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3528795894 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=37080A6F-5B75-4048-B659-75E74A5E5C60

Request Chain 343

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=37080A6F-5B75-4048-B659-75E74A5E5C60 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWVtcjUySEk4SWxUV3EwbzBOa08zekx6UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=2867375709198133345&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 344

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzcwODBBNkYtNUI3NS00MDQ4LUI2NTktNzVFNzRBNUU1QzYw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 345

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOOLFvkW20RTOIvyqvutnBs&google_cver=1

Request Chain 348

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2867375709198133345

374 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cutimes.com/webcasts/
Redirect Chain

https://www.cutimes.com/webcasts/
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
https://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=1b90996f-f852-40d6-b355-7c9198272434&source=https%3a%2f%2fwww.cutimes.com%2fwebcasts%2f%3fslreturn%3d20230808140118&debug=lawDomain...
https://www.cutimes.com/webcasts/?slreturn=20230808140118

96 KB
21 KB

589ms
589ms

Document
text/html

2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4721935d6f22a8eb7bd6836e63a70b3128a4e78e058114c1a3d9ff5ed315924f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
backend: templates_newlaw_director
cf-cache-status: DYNAMIC
cf-ray: 80391898dbe33689-FRA
content-encoding: br
content-language: de-DE
content-type: text/html;charset=utf-8
date: Fri, 08 Sep 2023 18:01:20 GMT
server: cloudflare
vary: accept-encoding
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 21

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 803918960f193689-FRA
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=utf-8
date: Fri, 08 Sep 2023 18:01:19 GMT
location: https://www.cutimes.com/webcasts/?slreturn=20230808140118
referrer-policy: origin-when-cross-origin
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: Server #1
x-robots-tag: noindex, nofollow

GET
H2 200 rocket-loader.min.js Show response
www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 45ms
44ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 14:34:37 GMT
server: cloudflare
etag: W/"64f73c7d-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8039189c896a3689-FRA
expires: Sun, 10 Sep 2023 18:01:20 GMT

GET
H2 200 fa-icons-lib.min.css
www.cutimes.com/assets/build/css/ 4 KB
1 KB 62ms
60ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: HIT
age: 12273
x-cache: MISS
backend: templates_newlaw_director
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
server: cloudflare
etag: W/"4085-1694082458000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8039189c896f3689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 markets.min.css
www.cutimes.com/assets/master-template/css/release/ 333 KB
51 KB 739ms
737ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff387e5da8b55030f06f79a4ffbb8665e9a1f2cf26ead8145c63f5dec53f936f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"341212-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8039189c89713689-FRA
x-vnode: 28
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 falcon-ui.css
www.cutimes.com/assets/css/ 771 B
418 B 452ms
450ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/css/falcon-ui.css?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
ntcoent-length: 771
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"771-1694194104000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8039189c89753689-FRA
x-vnode: 145
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 qkq4rhw.css
use.typekit.net/ 6 KB
1 KB 586ms
364ms Stylesheet
text/css 2a02:26f0:3100::1735:2a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.css?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3d21bcee8e4e8f2c909c58ca56aaef23cec66be18425e0aec59ca80dceed4055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 08 Sep 2023 18:01:20 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 906

GET
H2 200 pagination.css
www.cutimes.com/assets/master-template/css/plc/ 4 KB
1 KB 453ms
452ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/plc/pagination.css?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff14e7090beb60dd4d22391b76fc95426ee3a6946e5197b2a9131310315f833

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"4295-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8039189c89763689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 omeda.css
www.cutimes.com/assets/master-template/css/market-css/ 2 KB
801 B 449ms
448ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/market-css/omeda.css?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7625b0eda49a7554cccfe266fbf8476055ac4bcfd1dcadfaeab461b0249e4238

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"2282-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8039189c897a3689-FRA
x-vnode: 27
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 luminaries.css
www.cutimes.com/assets/master-template/css/market-css/ 7 KB
2 KB 454ms
453ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/market-css/luminaries.css?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77d7fbabd50ebc363306dd1c68bf685b831ac5cd7c189ed2a0b29f3d0b5a5c36

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"7047-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8039189c897e3689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 nav-icon-mini-burger-white.png
www.cutimes.com/assets/master-template/images/market-images/ 58 B
268 B 60ms
59ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 6589
cf-polished: origFmt=png, origSize=2855
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-mini-burger-white.webp"
content-length: 58
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"2855-1694082458000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8039189cea263689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 nav-icon-search-white.png
www.cutimes.com/assets/master-template/images/market-images/ 362 B
519 B 67ms
66ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 6589
cf-polished: origFmt=png, origSize=3368
x-cache: HIT 4
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-search-white.webp"
content-length: 362
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"3368-1694082458000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8039189cfa283689-FRA
x-vnode: 27
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 social-fb-white.png
www.cutimes.com/assets/master-template/images/market-images/ 166 B
385 B 62ms
61ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 6589
cf-polished: origFmt=png, origSize=1222
x-cache: HIT 2
backend: templates_newlaw_director
content-disposition: inline; filename="social-fb-white.webp"
content-length: 166
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"1222-1694082458000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8039189cfa2a3689-FRA
x-vnode: 28
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 social-tw-white.png
www.cutimes.com/assets/master-template/images/market-images/ 354 B
502 B 64ms
63ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 6589
cf-polished: origFmt=png, origSize=1583
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="social-tw-white.webp"
content-length: 354
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"1583-1694082458000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8039189cfa2f3689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 social-li-white.png
www.cutimes.com/assets/master-template/images/market-images/ 256 B
418 B 63ms
62ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 6589
cf-polished: origFmt=png, origSize=1413
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="social-li-white.webp"
content-length: 256
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"1413-1694082458000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8039189cfa333689-FRA
x-vnode: 145
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 nav-icon-sign-in.png
www.cutimes.com/assets/master-template/images/ 236 B
401 B 67ms
66ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 6589
cf-polished: origFmt=png, origSize=1322
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in.webp"
content-length: 236
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"1322-1694082458000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8039189cfa383689-FRA
x-vnode: 27
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 ALM_Credit_Union_Times_white.png
www.cutimes.com/assets/master-template/images/market-images/ 2 KB
2 KB 71ms
70ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/ALM_Credit_Union_Times_white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 6589
cf-polished: origFmt=png, origSize=4365
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="ALM_Credit_Union_Times_white.webp"
content-length: 2078
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"4365-1694082458000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8039189cfa393689-FRA
x-vnode: 28
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 close-btn.png
www.cutimes.com/assets/master-template/images/ 5 KB
5 KB 453ms
452ms Image
image/png 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/close-btn.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb476cfb3e6670e0256c7721896eea14c3778a616e1ccf0efc50181de71fca01

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: EXPIRED
x-cache: MISS
backend: templates_newlaw_director
content-length: 5414
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"5414-1694194104000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8039189cfa3b3689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 moatheader.js
z.moatads.com/almheader466656885399/ 0
90 KB 138ms
41ms Other
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almheader466656885399/moatheader.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:44:48 GMT
server: AmazonS3
x-amz-request-id: FXPBQ2DV69DMPRB1
etag: "ddcc224ec812fbf8ab3224a94259352f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43081
accept-ranges: bytes
content-length: 92146
x-amz-id-2: 27z4PU9qyrlNvlu4A4X/h18Q8gMj3b9iYmKd3rSnOtOXhdPXA1nIDwvcKjWfu+zKIoDdH8HXECga8sjNndtn/5qOaxQ8ksu5

GET
H2 200 qkq4rhw.css
use.typekit.net/ 0
1 KB 718ms
559ms Other
text/css 2a02:26f0:3100::1735:2a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.css

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 08 Sep 2023 18:01:20 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 906

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 141ms
42ms Stylesheet
text/css 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-fastly-request-id: 4ca07080eac506558c9c72b3d6d7a10ac7a4d809
date: Fri, 08 Sep 2023 18:01:20 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 8
age: 273
x-cache: HIT
x-proxy-cache: HIT
content-length: 1068
x-served-by: cache-ams21056-AMS
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 91D2:581D:5859F4D:5A756C1:64E3F03F
x-timer: S1694196080.249771,VS0,VE1
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Mon, 21 Aug 2023 23:22:40 GMT

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
906 B 138ms
40ms Stylesheet
text/css 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-fastly-request-id: 95376a462ea0c4f7a2623f9f1dedc86afe3baf91
date: Fri, 08 Sep 2023 18:01:20 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 6
age: 183
x-cache: HIT
x-proxy-cache: REVALIDATED
content-length: 479
x-served-by: cache-ams21056-AMS
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 1BCA:2FFB:4056D1:41BD8B:64EFE249
x-timer: S1694196080.249904,VS0,VE0
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 31 Aug 2023 00:43:19 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 231ms
58ms Stylesheet
text/css 2a02:26f0:3100::1735:29f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qkq4rhw&ht=tk&f=139.169.175.5474.25136.14541.14546.14548&a=702529&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:29f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 control-sh.png
www.cutimes.com/assets/master-template/images/market-images/ 3 KB
4 KB 445ms
445ms Image
image/png 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/control-sh.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6126dd2dc88baf8b21f8a132aa7881682652974b2d2026d1264fea8f80946d89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2023-09-08-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: EXPIRED
x-cache: MISS
backend: templates_newlaw_director
content-length: 3513
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"3513-1694194104000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 803918a1b9bc3689-FRA
x-vnode: 28
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 CU_Times_Career_Center_Banner_ad_300x250.jpg
imageserver.amlaw.com/images/ 34 KB
34 KB 160ms
56ms Image
image/jpeg 2606:4700::6812:c5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/images/CU_Times_Career_Center_Banner_ad_300x250.jpg
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ffd206df712f0040df33bbe4b7370847881beaaf156dbf7a67a422152c9224ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 7036
x-powered-by: ASP.NET
content-length: 34323
cf-bgj: h2pri
last-modified: Wed, 17 May 2023 13:09:42 GMT
server: cloudflare
etag: "1b4547d8c088d91:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 803918a25de65b62-FRA
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 CUTimes-300x250px.jpg
imageserver.amlaw.com/images/ 35 KB
36 KB 157ms
53ms Image
image/jpeg 2606:4700::6812:c5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/images/CUTimes-300x250px.jpg
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 88270e4eb75a854c6d013630f78952e5662a30fdf804fe44241ecd9dcdb243a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 7030
x-powered-by: ASP.NET
content-length: 36042
cf-bgj: h2pri
last-modified: Tue, 28 Feb 2023 14:55:34 GMT
server: cloudflare
etag: "bc7222b6844bd91:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 803918a25de85b62-FRA
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 18 KB
18 KB 282ms
93ms Font
application/font-woff2 2a02:26f0:3100::1735:2a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
server: nginx
etag: "fa20d38ca87af1153085d9146b698f2bb93b7223"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18468

GET
H2 200 l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 33 KB
33 KB 317ms
129ms Font
application/font-woff2 2a02:26f0:3100::1735:2a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
server: nginx
etag: "0373618e2db17cca6330e4b11556968310f08eb7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33856

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 607ms
418ms Font
application/font-woff2 2a02:26f0:3100::1735:2a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 330ms
142ms Font
application/font-woff2 2a02:26f0:3100::1735:2a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33660

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 32 KB
32 KB 374ms
186ms Font
application/font-woff2 2a02:26f0:3100::1735:2a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
server: nginx
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32384

GET
H2 200 l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 19 KB
19 KB 275ms
87ms Font
application/font-woff2 2a02:26f0:3100::1735:2a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
server: nginx
etag: "5cf72d8979177145b3e27e04c6afd6f60bee7a35"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19288

GET
H2 200 l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 19 KB
19 KB 367ms
179ms Font
application/font-woff2 2a02:26f0:3100::1735:2a43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2023-09-08-14
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
server: nginx
etag: "70dc2d1e85f8b46c0851a31b57494c0bdb743209"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19412

GET
H2 200 bootstrap-master.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 25 KB
7 KB 66ms
63ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/bootstrap-master.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c25aad21e410b837b04e08e1bb2f54ef9887585cd46a894c8fc00e8e2dcb45a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: HIT
age: 12272
x-cache: MISS
backend: templates_newlaw_director
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
server: cloudflare
etag: W/"25286-1694082458000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a1ea063689-FRA
x-vnode: 145
expires: Fri, 08 Sep 2023 22:01:20 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
16 KB 136ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2738060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15535
last-modified: Thu, 22 Jun 2023 11:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942be3-3caf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APwzS4A9MEea00E6vAJ0xXRnPckr%2FSAK3V8739bjV8603RHmR10%2FzrNhw2ciGc67QnrpPQ6RjL1YqTOQzEVxZUg0%2B%2B316k8hsruwW6bpYkyTq62MaU1K5nYL5Fv0Mo9Uf5UnRMWFNuyX8PVwTUZQ%2FVl3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 803918a278fc2c5f-FRA
expires: Wed, 28 Aug 2024 18:01:21 GMT

GET
H/1.1 200
OK TimeConversion.js Show response
store.law.com/registration/js/ 9 KB
2 KB 351ms
117ms Script
application/javascript 192.226.84.37
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/registration/js/TimeConversion.js?2023-09-08-14
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.226.84.37 Manchester, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / Server #1
Resource Hash: 815767dfc57a4a2e55b41de05e8da9d8cd3cc80fc39ecf244ce99ef392c3165a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 18:00:05 GMT
Via: NS-CACHE-10.0: 56
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 06 Sep 2023 22:26:42 GMT
Server: Microsoft-IIS/8.5
Age: 177
ETag: "0bdf33511e1d91:0"
X-Powered-By: Server #1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1875

GET
H2 200 sponsorships.js Show response
www.cutimes.com/assets/multishared/js/ 1 KB
576 B 460ms
456ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/multishared/js/sponsorships.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"1454-1694194104000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a1fa133689-FRA
x-vnode: 27
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 jquery.history.js Show response
www.cutimes.com/assets/js/core/ 21 KB
7 KB 461ms
456ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/js/core/jquery.history.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"21571-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a1fa143689-FRA
x-vnode: 28
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/ 18 KB
7 KB 138ms
50ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7326855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6463
last-modified: Fri, 28 Aug 2020 22:36:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f4986fd-48b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SO9RHN4DIKfknUEUkmtRPDgD38d%2BMjpcwZR3SXfnLfG1tQZQsn67jbIZCgQtp%2BScJptJaQagwBBAHmnZTyF8nWxWPeuSIaaCEqQKcJtTRp2Vb%2FDF1sVkMbVQkl1vV%2Bsn227boY%2BDmqvaCchxffbacBJf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 803918a278fe2c5f-FRA
expires: Wed, 28 Aug 2024 18:01:21 GMT

GET
H2 200 jquery.touchSwipe.js Show response
www.cutimes.com/assets/js/core/ 66 KB
16 KB 546ms
542ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/js/core/jquery.touchSwipe.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"67916-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a1fa163689-FRA
x-vnode: 28
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 tealium.js Show response
www.cutimes.com/assets/master-template/js/ 5 KB
1 KB 461ms
457ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/tealium.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc1ae951839c9630aad94142f6632c437aff325b6581fb0da2e32a1abd1db1e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"4833-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a1fa173689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H/1.1 200
OK overlayForm.js Show response
store.law.com/Registration/js/ 14 KB
5 KB 355ms
117ms Script
application/javascript 192.226.84.37
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/Registration/js/overlayForm.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.226.84.37 Manchester, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / Server #2
Resource Hash: 30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 17:59:50 GMT
Via: NS-CACHE-10.0: 56
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 06 Sep 2023 22:26:45 GMT
Server: Microsoft-IIS/8.5
Age: 192
ETag: "d9d7fc3711e1d91:0"
X-Powered-By: Server #2
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900,public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4506

GET
H2 200 common.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 53 KB
14 KB 458ms
455ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/common.min.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"54571-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a1fa193689-FRA
x-vnode: 145
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 luminaries-rmr-tab.js Show response
www.cutimes.com/assets/master-template/js/sbm/ 3 KB
736 B 452ms
449ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/sbm/luminaries-rmr-tab.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1464e33b6ab1590344b0611e1cceb0b144a2f53333b81b3000dc019c69f0c8c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 1
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"2698-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a1fa1b3689-FRA
x-vnode: 28
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 omeda.js Show response
www.cutimes.com/assets/master-template/js/ 504 B
332 B 455ms
452ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/omeda.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9ff2d68ce2d644201644869d71b53fece002f8e4e8b0c85a18a177ec53d1498

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"504-1694194104000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a1fa1d3689-FRA
x-vnode: 28
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 olytics_dfp.js Show response
www.cutimes.com/assets/master-template/js/ 6 KB
2 KB 452ms
449ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/olytics_dfp.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

242f7a4cf3f1ca8be2a2fc2f5c2bdc24c51ac07076718f07763b20a1f7d0931c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"5676-1694194104000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a1fa1f3689-FRA
x-vnode: 27
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 lazyloadXT.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 3 KB
2 KB 93ms
91ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: HIT
age: 12273
x-cache: HIT 1
backend: templates_newlaw_director
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
server: cloudflare
etag: W/"2937-1694082458000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a22a6f3689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/almheader466656885399/ 259 KB
90 KB 45ms
42ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almheader466656885399/moatheader.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 36ebfa3ed11868297f44ef3208cbc0228c14852b11f7f71fe2bf86c208c7b703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:20 GMT
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:44:48 GMT
server: AmazonS3
x-amz-request-id: FXPBQ2DV69DMPRB1
etag: "ddcc224ec812fbf8ab3224a94259352f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43081
accept-ranges: bytes
content-length: 92146
x-amz-id-2: 27z4PU9qyrlNvlu4A4X/h18Q8gMj3b9iYmKd3rSnOtOXhdPXA1nIDwvcKjWfu+zKIoDdH8HXECga8sjNndtn/5qOaxQ8ksu5

GET
H2 200 hbyb.js Show response
cdn.yourbow.com/alm/cutimes/ 410 KB
411 KB 137ms
43ms Script
text/javascript 35.244.141.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.141.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.141.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a6a20c8c0b86509ea5f2f03b901f43ba2fed1b02eba290027fe24712682b15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 17:49:06 GMT
age: 735
x-guploader-uploadid: ADPycdvh_DfFfq_PP-R7jhWiqs6EJlJqhIm0QAqNiJ54Yft9poiW1STnLGJa9Pt63QJV48W-fbXjZdlHHh5jKAxX_gdpPA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 420174
last-modified: Fri, 08 Sep 2023 15:42:04 GMT
server: UploadServer
etag: "e77d1d603b2eabb42644354fab877648"
x-goog-generation: 1694187724492925
x-goog-hash: crc32c=0bAkBQ==, md5=530dYDsuq7QmRDVPq4d2SA==
content-type: text/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 420174
accept-ranges: bytes

GET
H2 200 bombora-rtvi.js Show response
www.cutimes.com/assets/master-template/js/ 1001 B
657 B 189ms
187ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2023-09-08-14

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"1001-1694194104000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 803918a22a723689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:21 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 11 KB
4 KB 135ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9679981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3592
last-modified: Thu, 25 Jun 2020 01:22:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ef3fc71-2b0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMIy1AbjstJUIwhXqmNcoWXO7OwmOCSx6%2FtdHtIVdDhs3gTuG%2FBZnaAs0p4hNjBnZ%2BAJXHL%2FeqEtcp0t2%2BoipYIZ2i1nY%2FHlC93v0oXXQTlT10x3jL%2FSzZOGEB18MI60TzQI0sxj0T%2FmjokRMOFD4x%2Fz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 803918a279022c5f-FRA
expires: Wed, 28 Aug 2024 18:01:21 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 141ms
55ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3714280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28007
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6d67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KJQeId%2BgDi2S%2B02JK65YYKWJVzDqhYjYOUu4xqnpUq7v5v0l1rAdUuOJgVNX128yZcxaGgMbBTPwiFlXaU%2FRUIF9UWM68fBZpw1L0hijuPtyKe6qJZzGQzCctFbnk6v2YZX3zHnnSJfesnGs3xzvEKM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 803918a279032c5f-FRA
expires: Wed, 28 Aug 2024 18:01:21 GMT

GET /
users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/ 0
0

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 132ms
40ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 09:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 09:42:08 GMT

GET
H2 200 css Show response
fonts.googleapis.com/ 3 KB
1 KB 138ms
50ms Fetch
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 18:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 16:15:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 18:01:21 GMT

GET
H2 200 get Show response
vi.ml314.com/ 264 B
388 B 156ms
60ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=80951&tk=GfRuA1kFT83xUQHkDF2f342bL3qo62byam2QEUWYmUPbh03d&fp=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Fri, 08 Sep 2023 18:01:21 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 249 KB
61 KB 162ms
55ms Script
application/javascript 108.138.191.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.191.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-191-50.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:00:08 GMT
content-encoding: gzip
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 9a3c643f228eb943137621235dabf790.cloudfront.net (CloudFront)
last-modified: Thu, 07 Sep 2023 20:56:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MXP64-P1
age: 74
x-amz-server-side-encryption: AES256
etag: W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: jcQPilxrjrI9-1Min4mtSJV0RbxkbzBpy4qR9zZA_qsvef2cwcwSOQ==

GET
H2 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 250 KB
70 KB 200ms
44ms Script
application/javascript 2600:9000:2104:c000:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/olytics_dfp.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:c000:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

592cc96e00ffc2fbc2c57982576d5cfe2fab672ba23e21d9a7859726c32af87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 14:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 12487
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Aug 2023 16:01:30 GMT
server: Apache
etag: W/"256392-1691596890000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-id: yBYrdTGmEyvEj5NdVikIVu7GHdgKtgYj0tGUdRbYoFm3u-2X_tOMbw==
expires: Wed, 06 Sep 2023 20:33:12 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 229 B
305 B 222ms
75ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3M7I1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wzyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-s8N%2BQl14YxN2gA%3D%3D&sc=1&os=1-nQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pcode=almheader466656885399&rx=586964791651&callback=MoatNadoAllJsonpRequest_67096476
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 4f6a906b211491d8d8f57405df785841be8ab53de99d1df73b08c896c3dafb50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
server: istio-envoy
etag: "36abdf2cbefadfefdb446a36cb3e9403a1d3835a"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 27
timing-allow-origin: *
content-length: 229

GET
H2 200 n.js Show response
mb.moatads.com/ 100 B
278 B 193ms
54ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3M7I1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wzyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-s8N%2BQl14YxN2gA%3D%3D&sc=1&os=1-nQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=ALM_HEADER1&hp=1&wf=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1694196081543&de=578390839835&rx=586964791651&m=0&ar=6f742097-clean&iw=45864f5&q=1&cb=0&cu=1694196081543&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=true&la=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2872%3A2872%3A3445%3A2860&fs=69&na=1677083032&cs=0&callback=MoatDataJsonpRequest_67096476
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: bbb0fbefd91498bb327db3f5543cde243960ed282fe1aa85015d5ae479bd0d02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
server: istio-envoy
etag: "9c6e42430f16adf0f73fe83394c96e4949df5f39"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 7
timing-allow-origin: *
content-length: 100

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 9213 1 KB
2 KB 40ms
39ms Document
text/html 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1839
content-length: 1374
content-type: text/html
date: Fri, 08 Sep 2023 18:01:21 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
unused62: 8096267
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 126 KB
34 KB 160ms
45ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1e88c6ae05c67fa8b374a287ffa2de66393f46af29a4a6093a5349d15062e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: FKZcbrj6DO7v7jz9eOfgPF29UBEFmb9m
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:01:21 GMT
last-modified: Thu, 31 Aug 2023 17:19:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 1
x-amz-server-side-encryption: AES256
etag: W/"e12813c5f621e48f16931cd8e26d7e94"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: ZTdeIkGBoXM-tVN8a64VDegmhynxnxK90Pe7dWCNeVO-0R_e0kyxRg==

GET
H2 200 / Show response
data.alm.com/QuestV2/SearchFalcon/ 48 KB
7 KB 1753ms
1654ms XHR
application/json 2606:4700::6812:19ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.alm.com/QuestV2/SearchFalcon/?query=topic:webcasts&source=cut-contrib&sort=webcastdate&direction=descending&start=11&end=50&fromDate=&toDate=&publication=Credit%20Union%20Times&blog=&searchType=&webcastdate=*&books=&returnType=json&module=falcon-search.xqy

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:19ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec93feb4c6e5b03f89ae76b9b7585075512de239e62e903e22ad4fce1faa4c21

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
maintenance: OFF
cf-cache-status: DYNAMIC
grace
x-cache: MISS
backend: questv2_prod_director
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: de-DE
access-control-allow-origin: *
access-control-expose-headers: maintenance
access-control-allow-credentials: true
cf-ray: 803918a6cbbf9100-FRA
x-vnode: 28

GET
H2 200 smart_cutimes.epl Show response
www.dianomi.com/ Frame FD5B 639 B
364 B 254ms
161ms Document
text/html 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba98524e3f3fbf805968193736a96676d33a615fcd63403fc7a046a79cf93fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 803918a6be68382c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 18:01:21 GMT
expires: now
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 smart_cutimes.epl Show response
www.dianomi.com/ Frame CA36 639 B
584 B 245ms
153ms Document
text/html 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0318011714690d69766e9805992b85d81f3acaec1de699405673c4149d1bee88

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 803918a6be6b382c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 18:01:21 GMT
expires: now
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Show response
s.dpmsrv.com/ 355 KB
29 KB 161ms
44ms Script
application/x-javascript 18.239.69.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-103.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f74b91c069ae3e3d9fe1c709da5d849b579b9e114e4d322de248322622b49b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 14:52:29 GMT
Content-Encoding: gzip
Via: 1.1 d419ac9a83ef724c262c5f07f9b5a8da.cloudfront.net (CloudFront)
Last-Modified: Thu, 07 Sep 2023 14:50:14 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P4
Age: 11453
x-amz-server-side-encryption: AES256
ETag: "14e1feb1d1812ef9aa56f93a2b6af7b2"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29513
X-Amz-Cf-Id: VrHvzXFL4wgN0iqisF8SrNSRM4SN0dNvSXoA239fLQmGgY8MVwK4jA==

GET
H2 200 / Show response
users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/ 539 KB
158 KB 729ms
729ms Script
text/javascript 2606:4700:10::6816:38ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c1325e19c8fb15992cff25442f5d5e1bcf003cc53626fa8f5d880d9eda41c64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: Express
etag: W/"86c89-luHBwm3UMNEirQhkev+QkHCzpi4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 803918a63f772ba9-FRA

GET
H2 200 db83f9c6-a698-4a6a-89fb-c29c85426748 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
801 B 132ms
39ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/db83f9c6-a698-4a6a-89fb-c29c85426748
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: f61448deedc4107d0ebdda233fdfb49dc52f31a721859f90b724f490865a7e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:00:12 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 69
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: T-1D2qIwH_LDATE-l5DTz_eBvWxeG04LRHz6WNglP1ohDObduaepqw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
1 KB 59ms
59ms XHR
application/json 108.138.191.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.cutimes.com&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.191.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-191-50.mxp64.r.cloudfront.net
Software: Server /
Resource Hash: d9185c606398d40a48d24ef32c1c7ab20c472390b5ed9daa2e190c9b2eaba492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 16:26:50 GMT
via: 1.1 9a3c643f228eb943137621235dabf790.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP64-P1
age: 5671
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1112
x-amz-cf-id: J4gQnJ7qQK4j5rRg2zamQZ1vyFj-nvZGGRjP-kSzDw_50b4BT3xY_A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 156ms
60ms XHR
application/javascript 108.138.191.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.191.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-191-50.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 92d05088b4c5dd8daf39fac07c1c6b00.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 11:40:18 GMT
x-amz-cf-pop: MXP64-P1
age: 22864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: T7NexumwNL8tJ6CCy9VODM7-QdSxf2aCyupMDGrLisANQaZZLhwsgw==

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D129166%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252F...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%2...
https://a.dpmsrv.com/dpmpxl/index.php?id=8851243300537448822&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=129166&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D2023080814...

247 B
994 B

502ms
119ms

Script
text/javascript

52.70.172.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=8851243300537448822&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=129166&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
Protocol: HTTP/1.1
Server: 52.70.172.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-172-91.compute-1.amazonaws.com
Software: /
Resource Hash: 7cc76e56783afb17dc4793bf9f9c48b2d76c3986802b7f342a1f7d21be67b611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 217
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:21 GMT
an-x-request-uuid: d71c0be4-95e1-4072-8531-01903480fcea
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://a.dpmsrv.com/dpmpxl/index.php?id=8851243300537448822&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=129166&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 597ms
141ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cutimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Fri, 08 Sep 2023 18:01:21 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 190ms
102ms Fetch
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50402
x-xss-protection: 0
server: cafe
etag: 16850560033342140517
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 18:01:21 GMT

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
359 B 147ms
147ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 08 Sep 2023 18:01:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 892036d6-a773-4629-8ec8-473153cadd7f Show response
cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/ 25 B
346 B 787ms
181ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/892036d6-a773-4629-8ec8-473153cadd7f

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

fc1d6e177f0a93623a64d3db5c13f5aba3b47a22dfac2a92daf9b2b9b574aed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 18:01:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 25
X-XSS-Protection: 1; mode=block

GET
H2 200 utag.119.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 11 KB
4 KB 40ms
40ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202308311717
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2de750dfc4372113d29cbef0f187bc0fbf2b3fd2121fbb0ecac3a58f5cd5a500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: Gpy3Bpjd_VA3FRhvo37z9n8XmQN2xa.d
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:00:08 GMT
last-modified: Thu, 31 Aug 2023 17:19:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 166
x-amz-server-side-encryption: AES256
etag: W/"0f498c70d7cefc5d5580e23d5fcefa86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 2pBMSTujnwfSr1JaVvVBhSWHVUfBkeCF_1QDGgoJrmPc8zaVHZideQ==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1694196081859
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1694196081859

362 B
1 KB

59ms
59ms

XHR
application/json

34.251.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1694196081859

Protocol

HTTP/1.1

Server

34.251.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-64-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ae8838235c766fb875e8133c5c6dc6f2f7a87f6174526d6907714924413921f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0db816301.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: mXKGkGCsTUA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.cutimes.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 308
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-056c40efe.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yXsHRnqdQNM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.cutimes.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1694196081859
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 139ms
34ms Script
application/javascript 104.86.47.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.86.47.65 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-86-47-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 08 Sep 2023 18:16:21 GMT

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 133ms
29ms Script
application/javascript 104.86.47.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.86.47.65 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-86-47-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Fri, 08 Sep 2023 18:16:21 GMT

GET
H2 200 tcfredirector.js Show response
www.dianomi.com/js/contextfeed/ Frame CA36 49 KB
14 KB 53ms
53ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed/tcfredirector.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

846329f1d649d53f198402f1cff564c37202641788a49726cfca2db3f4a6970a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 12
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 14:42:52 GMT
server: cloudflare
etag: W/"c42a-60398204efe00"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 803918a7dffc382c-FRA
expires: Fri, 08 Sep 2023 18:03:21 GMT

GET
H2 200 utag.26.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 43ms
43ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202103192340
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3158fe51c4123fe9b42c19639d4e824445d2c5ce801666b4f4e7a002588b2538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: phWsv3uyr8ehRLW5ixbFZCgYmw3StBrO
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:00:08 GMT
last-modified: Thu, 31 Aug 2023 17:19:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 166
x-amz-server-side-encryption: AES256
etag: W/"778814626e37d884ba453c452c733a1d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Pdx551HZhOQgNnX7gLd--IjndFGl_oogxIZllZ7OLbst2_TVfFsPHw==

GET
H2 200 utag.131.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 84 KB
25 KB 43ms
43ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.131.js?utv=ut4.49.202308022148
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2014d07a2de7e3a5a52b0379732522f6bdd04dc680a7fbca36ba61b53880f12a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: cKJJDxmTfSxCyeJmQZ21pLdyHBCcVjtS
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:01:01 GMT
last-modified: Thu, 31 Aug 2023 17:19:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 21
x-amz-server-side-encryption: AES256
etag: W/"46d9a5b6e68ac1b4c78208160d8bc076"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 1j7KF4vyYBjhG9lGAGnNVFbEDy7zk4iEPvsFoCWwdHOKHPhlQdiqAw==

GET
H2 200 utag.91.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 4 KB
2 KB 43ms
43ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.91.js?utv=ut4.49.202208181401
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cadf3603bd2109fd8369e8d0a7271c556c73a1605ab3c165babf491b69b2abae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: 1nL6NbGuaXoff.oMPWUA_g9U.eIjL3JQ
content-encoding: gzip
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:00:08 GMT
last-modified: Thu, 31 Aug 2023 17:19:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 166
x-amz-server-side-encryption: AES256
etag: W/"877e1b86cc21a724e58853090e8a814b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: q6Fz9teJi_bwtKsyQivL32buVLFoNq3oby6dokNT3jh1qkSQW8WzIw==

GET
H2 200 utag.110.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 14 KB
4 KB 53ms
53ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.49.202212130031
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f5134cf72e8109696df0f0874de5b3f6366ac464c6001942eebc54c00443602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: LHDjh1WYYdWTVrvfxnDRWGRgKH0Qg0hH
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:00:27 GMT
last-modified: Thu, 31 Aug 2023 17:19:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 152
x-amz-server-side-encryption: AES256
etag: W/"a36c5ecd4d2dea167acb33407a439a91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: W6zQMtjShjSa4NoCzRKxxujcQDhj53wLIYbEwfd2syYfP9qvlIfiiA==

GET
H2 200 utag.112.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 43ms
43ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.49.202208041434
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4c0fc0eba735a1e9a513e2fbb6af2d3f788b6abdd7166144444addb7a726689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: xYQbvwSaIKUvT7IuJz.s9YiPtBIQ0MiW
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:00:08 GMT
last-modified: Thu, 31 Aug 2023 17:19:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 243
x-amz-server-side-encryption: AES256
etag: W/"917fe8dbb81e3f4d96359c67d916e315"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: TcEU0a01eCYmFbJ0z_5Yvehw4dRg6cRTUJFoFmjIn8VV0o2CHhmS8g==

GET
H2 200 utag.133.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 22 KB
7 KB 53ms
53ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.133.js?utv=ut4.49.202306261948
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee65ff276660830f0bd0b064918210f12cc82d1ffc61fb9fd195a008c5419910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: kH4JzxUUUP4_1f70fYchPfXzo4MrOQtn
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:00:27 GMT
last-modified: Thu, 31 Aug 2023 17:19:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 139
x-amz-server-side-encryption: AES256
etag: W/"8625e43c1eac484dc0666a115ea13db0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 09M8zKzoByfsYWCNOOxNQ5s3LVrf0wtiRRhMRx8vJhLORPSLqSR_kA==

GET
H2 200 utag.97.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 10 KB
3 KB 53ms
53ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e7b10e6eda4e5564f993dafaea0c8d1eeed73cabeff72e7ea0714826b3ee15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: PsssgeN5.2zrt2aaMp2pqw23AL98I4T8
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:00:27 GMT
last-modified: Thu, 31 Aug 2023 17:19:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 138
x-amz-server-side-encryption: AES256
etag: W/"c5aa1b18fa3da3cb5de0283446142145"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: q6bIZInrHuZBCf5zgebh9JS3w0lBkdpGyz3-4gdCEhdJWCzDj7FoYQ==

GET
H2 200 utag.127.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
2 KB 43ms
43ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.127.js?utv=ut4.49.202302070009
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9b672d2ca20a6c372e59a1ba4056f768ecc3b1b7451401aa1d45b5ce7722915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: cKlG4l5Y4Eb_4ZjfZDMEoe5NohlN0mQJ
content-encoding: br
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
date: Fri, 08 Sep 2023 18:00:08 GMT
last-modified: Thu, 31 Aug 2023 17:19:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 166
x-amz-server-side-encryption: AES256
etag: W/"76b9cd911c1326b84429c009cffdafe8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 5ToaSmNUSZeSPWmKJbRkkgLa9x-Zgb3bJWPpoAZGcjEkQ3UKJ-i6dQ==

GET
H2 200 tcfredirector.js Show response
www.dianomi.com/js/contextfeed/ Frame FD5B 49 KB
14 KB 55ms
54ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed/tcfredirector.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

846329f1d649d53f198402f1cff564c37202641788a49726cfca2db3f4a6970a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 12
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 14:42:52 GMT
server: cloudflare
etag: W/"c42a-60398204efe00"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 803918a7d800382c-FRA
expires: Fri, 08 Sep 2023 18:03:21 GMT

GET
H2 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 38ms
38ms Stylesheet
text/css 2600:9000:2104:c000:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202308311717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:c000:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 16:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 6117
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 Aug 2021 04:05:28 GMT
server: Apache
etag: W/"28820-1630037128000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-id: E1ER8BQD8x7OkJ56XcHwFcZqtMNwJQtps5t3dd8nJbTtcHAaYrEGLQ==
expires: Sat, 12 Aug 2023 10:18:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 205ms
118ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202308311717

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ac7117cb68425172946e7aedb8907b5abdabde0ceef729d338d1353956e5058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29019
x-xss-protection: 0
server: cafe
etag: 978 / 19608 / m202309050101 / config-hash: 12191145004927607157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 18:01:22 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 155ms
44ms Script
application/x-javascript 2600:9000:2057:9c00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202103192340
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 17:21:22 GMT
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:45:38 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 2399
etag: W/"64d2e1b2-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 236nuvZAPJ-jLAunwEWv-WraBRjsB3V98DCFN-m7OFLjjLEdFuotIg==
expires: Sat, 09 Sep 2023 17:21:22 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 168ms
52ms Script
application/x-javascript 2a02:26f0:3100::1735:2a3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=44958
accept-ranges: bytes
content-length: 3822

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 135ms
40ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?88
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 17:42:06 GMT
content-encoding: br
age: 1156
x-guploader-uploadid: ADPycdse0gUoSn5rGHacaaLBsy5EZ-oGBd0Q9hYsOmFdOfW7zoV-U8MzBo5piyn3xdsnXEnz0MAHP1WtKvGVn0MykXRkJb_fbzz6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10518
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 367ms
121ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Mon, 04 Sep 2023 05:27:53 GMT
Server: PardotServer
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Sun, 07 Sep 2025 18:01:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
70 KB 143ms
56ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-826604080

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba0d692c158e3d89f5fbe1fe32c623db71781e5d127351e6d538ace2e5c2a325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Sep 2023 18:01:22 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 137ms
39ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220045-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 126ms
41ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Sep 2023 18:01:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: OrpV1F86snuffhP2bHUMVrzc0PoIKrsc42yy/831ZTJsaVsvhT12I7Hq/lgZ0vKIkQpInXVijqd36b9Uw5GHwQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
433 B 40ms
40ms Script
application/javascript 2600:9000:223e:da00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202308311717&cb=1694196081967
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Fri, 08 Sep 2023 17:54:51 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: dCA4uqkKhWcyRILnVRqU4hNCJ79KRfSbOZXDQiAaT1TRGhCh1Iifqg==

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 29ms
29ms Script
application/javascript 104.86.47.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.86.47.65 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-86-47-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Fri, 08 Sep 2023 18:16:22 GMT

HEAD
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
0 206ms
120ms Fetch
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29019
x-xss-protection: 0
server: cafe
etag: 528 / 19608 / m202309050101 / config-hash: 12191145004927607157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 18:01:22 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
397 B 165ms
42ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Fri, 08 Sep 2023 18:31:22 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 364ms
119ms Image
image/gif 44.209.255.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=cutimes.com&p=%2Fwebcasts%2F&u=BsgQ4YB5YsGCCFOdGX&d=cutimes.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3831&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&b=3444&t=DK5ahLByCaYhDJLUOVC4QoLQD9GcT5&V=141&i=Webcasts%20from%20Credit%20Union%20Times%20%7C%20Credit%20Union%20Times&tz=-120&sn=1&sv=u3J-YCYBBxrBbqXHLDGQBjqznTjw&sd=1&im=067b2ef3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.255.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-255-129.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
309 B 69ms
68ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pv=1694196082113_oamizhh8f&bl=en-us&cb=485472&return=&ht=&d=&dc=&si=1694196082113_oamizhh8f&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:21 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 adsct
t.co/i/ 43 B
379 B 303ms
214ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=0e9fd20a-a695-494f-be7c-3a470f309133&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82017cb8-d963-48ac-8953-37f64611d10f&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-response-time: 174
date: Fri, 08 Sep 2023 18:01:21 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c7fe945d82383967
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6b6fb94675ff84ceab05d3f0a47d3b06d6b685cd7ee04833627a950c95fe3d63
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 232ms
144ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0e9fd20a-a695-494f-be7c-3a470f309133&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=82017cb8-d963-48ac-8953-37f64611d10f&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6d55c144b9f392e9
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: fa4b827904890c37219d61c8387c227005bf90b495f02fc902228ce6cd7829cf
content-length: 43

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 52ms
51ms Script
application/x-javascript 2a02:26f0:3100::1735:2a3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=48713
accept-ranges: bytes
content-length: 4862

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ 404 KB
127 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 16:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6737
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129878
x-xss-protection: 0
server: cafe
etag: 7992010681825974757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Sep 2024 16:09:05 GMT

GET
H/1.1 200
OK dest5.html Show response
alm.demdex.net/ Frame 02AE 7 KB
3 KB 244ms
58ms Document
text/html 52.209.112.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.112.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-112-33.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v050-0bfa98f39.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 814Ur/+TSRE=
content-encoding: gzip
date: Fri, 8 Sep 2023 18:01:22 GMT
last-modified: Wed, 28 Jun 2023 12:58:38 GMT
vary: accept-encoding

GET
H2 200 id Show response
b.law.com/ 48 B
455 B 182ms
53ms XHR
application/x-javascript 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://b.law.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=40104624691584232990011211734181485919&ts=1694196082180

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

89ebdc0d91891f04451cc2399202aebcc265f507a423450c673d449eb3e4ccd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZPthcgAAAJbTyQNn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=41728338892568179871037852171201155871
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPthcgAAAJbTyQNn

42 B
942 B

59ms
59ms

Image
image/gif

34.251.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPthcgAAAJbTyQNn

Protocol

HTTP/1.1

Server

34.251.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-64-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0b10595a9.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QJp9WYPiQ8c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPthcgAAAJbTyQNn
Date: Fri, 08 Sep 2023 18:01:22 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/ 3 KB
2 KB 170ms
81ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/?random=1694196082187&cv=11&fst=1694196082187&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&hn=www.googleadservices.com&frm=0&tiba=Webcasts%20from%20Credit%20Union%20Times%20%7C%20Credit%20Union%20Times&did=dYmQxMT&gdid=dYmQxMT&auid=245346085.1694196082&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-826604080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81911318efdc3489a794910bcd8d70ccb66e9140586438a3249548c95be3b521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/ 36 B
378 B 151ms
50ms XHR
application/json 2600:9000:2362:600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2362:600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 17:59:09 GMT
content-encoding: gzip
via: 1.1 7334e58f541a6f336bf4941e79456558.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
age: 133
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: zk4zX7BnxC6pqLmNTJ-n4knZ2tSX3PpESfwiFiytlqMqJyfO5iNP3Q==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1694196082208%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252Fweb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&cookiesTest=true&liSync=true&e_ipv6=AQK8tV8...

0
264 B

315ms
222ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&cookiesTest=true&liSync=true&e_ipv6=AQK8tV8VQOJGbgAAAYp19Ko4jwH_Wvek_JHa6tN7K2LcqLGxvXde2CegYYkeY9phine7mDs
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4FF66A52FC55428EA2A25FAC5E4338FD Ref B: FRAEDGE1114 Ref C: 2023-09-08T18:01:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYE3MO9wbXlB27//S4tMA==

Redirect headers

date: Fri, 08 Sep 2023 18:01:22 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FEB775AA107D438E84D32A8A4BA1999F Ref B: DUS30EDGE0914 Ref C: 2023-09-08T18:01:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1694196082208&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&cookiesTest=true&liSync=true&e_ipv6=AQK8tV8VQOJGbgAAAYp19Ko4jwH_Wvek_JHa6tN7K2LcqLGxvXde2CegYYkeY9phine7mDs
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYE3MO4yeY+ulOKTLtpCg==

GET
H2 200 2429680573784973 Show response
connect.facebook.net/signals/config/ 136 KB
36 KB 107ms
107ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2429680573784973?v=2.9.125&r=stable&domain=www.cutimes.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2834b68f83bfbe7ba8d5b8c4c1b5dc0125083a8a0876e56c2534fb86d4aed4be

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Sep 2023 18:01:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: fIMukHLoaawQ6nUnc8tAtwsIBiIF8zgrVUlEc8d4AQGv2JHQEicdKTNmDcNDjyk88/O0FZ5ldwZd5v1e9BKr6g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 223 KB
65 KB 29ms
29ms Script
application/javascript 104.86.47.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.86.47.65 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-86-47-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 17:51:49 GMT
server: Apache
etag: "37c41-60386a6319d17-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 66128
expires: Fri, 08 Sep 2023 18:16:22 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
460 B 235ms
100ms XHR
text/javascript 108.157.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pid=YqmvsVBvuff5x&cb=0&ws=1600x1200&v=23.829.1852&t=900&slots=%5B%7B%22sd%22%3A%22gpt-top%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fwebcasts%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.187.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-187-32.mxp53.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 62fb1524856e68ad0114bff2e7022164.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P1
x-amz-rid: G004K2Y32ZYEEHSH0072
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _p1ssnyu801tS241-v3I9v0d1W_SQs-JxDVNCu2QkwGqh3oxWG5vMg==

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
156 B 170ms
48ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 405 B
743 B 220ms
95ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=696fe8e1b07c04&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.03949069640410774
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: aade161666d96480512d503f92168e73ede06c0d1b40d05d8ea68bddac3e49de

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 405
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 405 B
918 B 206ms
81ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=7981af71c7ef29&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.5135481819595145
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fd857ff3676a3bd62d7ce499b2fa172c0a4fe8ceb458803fead7300ffb24df48

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 405
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 405 B
743 B 241ms
117ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=88b14ed0be126b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.7287447694191922
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 481a720637e447573caa20d542273f09bec7ec697abf31110b3cfd968643b0c9

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 405
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.8148943336579761&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%...
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.8148943336579761&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250...

232 B
646 B

42ms
42ms

Fetch
application/json

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.8148943336579761&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 79d6921d497fe84166b05cc6cda52967e6d6e9ae08605208048dd5e1c016d5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Fri, 08 Sep 2023 18:01:22 GMT
date: Fri, 08 Sep 2023 18:01:22 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 232
x-sid: AMS-928

Redirect headers

date: Fri, 08 Sep 2023 18:01:22 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
location: /hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.8148943336579761&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-928

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 255ms
88ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 256ms
89ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 261ms
95ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 35 KB
11 KB 335ms
335ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8f8e8e789a5500fe71a0a068aaa7f6c62a4b349975786b0ac42f80df312fc6a9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
an-x-request-uuid: f0e8b2ef-8b8f-4765-91d4-97cd3384bb32
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 266ms
52ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 263ms
49ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:21 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 265ms
51ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
258 B 156ms
49ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: d5e1d2cf7ad565428c1fbaed5b52916269e96d28ccb0890d0d1f862d74b0fe88

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 190ms
71ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 359 B
1 KB 44ms
42ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1da8810687863f0e20ef934998ca8646c96a53c3526eff5e812b48795b722a60

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
an-x-request-uuid: 80ae6346-6a45-4645-a004-4def1a64f00e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 359
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
402 B 610ms
201ms Fetch
application/json 209.191.163.209
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 44a055a74759affedc0603c741fcea39e76d126cee3961d5595366050fdc63e1

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 08 Sep 2023 18:01:22 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 141ms
44ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
832 B 175ms
79ms Fetch
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f93833c5490dce469ea00ba02058ec2fed7185836d3d4f31e683b6525df944a6

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 08 Sep 2023 18:01:22 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 164ms
47ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=84154130699&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 187ms
98ms XHR
text/javascript 108.157.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pid=YqmvsVBvuff5x&cb=1&ws=1600x1200&v=23.829.1852&t=900&slots=%5B%7B%22sd%22%3A%22gpt-top1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fwebcasts%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.187.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-187-32.mxp53.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 62fb1524856e68ad0114bff2e7022164.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P1
x-amz-rid: Y1DCA8NWHGJKR5KB7K10
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ZJprD4vIMv9oCis0u9c_8sayvU2uv3zhGdeMfhgvzLe72bx7S0oJww==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 181ms
98ms XHR
text/javascript 108.157.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pid=YqmvsVBvuff5x&cb=2&ws=1600x1200&v=23.829.1852&t=900&slots=%5B%7B%22sd%22%3A%22gpt-middle%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fwebcasts%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.187.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-187-32.mxp53.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 62fb1524856e68ad0114bff2e7022164.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P1
x-amz-rid: 6ZWCYD1MXAJM5HTCP629
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: b7njgNajQdo0sETd2SeuTGpTC7q8ukedqvr-ONdQkzY_z2aUO57e7Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 176ms
102ms XHR
text/javascript 108.157.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pid=YqmvsVBvuff5x&cb=3&ws=1600x1200&v=23.829.1852&t=900&slots=%5B%7B%22sd%22%3A%22gpt-middle1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fwebcasts%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.187.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-187-32.mxp53.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 62fb1524856e68ad0114bff2e7022164.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P1
x-amz-rid: 4HAZ8332164SRN1XRW96
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: a1HwdleNECAPAfFA60wLpY_K5gNzwVKLMyM0j1nadbr23j--fIKGrQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 165ms
101ms XHR
text/javascript 108.157.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pid=YqmvsVBvuff5x&cb=4&ws=1600x1200&v=23.829.1852&t=900&slots=%5B%7B%22sd%22%3A%22gpt-footer%22%2C%22s%22%3A%5B%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fwebcasts%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.187.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-187-32.mxp53.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 62fb1524856e68ad0114bff2e7022164.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P1
x-amz-rid: VTDMMHZP8R4H80Z2G7P5
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: pU9WtF8FfxjzICtFcAWzjv-GsrokJl_3BLnuJ2SU3SmOiFpjFFrKMQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 153ms
99ms XHR
text/javascript 108.157.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pid=YqmvsVBvuff5x&cb=5&ws=1600x1200&v=23.829.1852&t=900&slots=%5B%7B%22sd%22%3A%22gpt-super_hero%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fwebcasts%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.187.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-187-32.mxp53.r.cloudfront.net

Software

Server /

Resource Hash

111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 62fb1524856e68ad0114bff2e7022164.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P1
x-amz-rid: KCZRX0ZMRBBZ3FSGWXED
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: QUYPdyD18Ptp364v-wKwCq57QeEZZnTUQBtytQ__EQ5v65tb3AkcKw==

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 121ms
71ms Fetch
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b4abb79b775d5abd2181c634a7d314e1d3964c0b427f2ad829677b4a5f3e5ec6

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 08 Sep 2023 18:01:22 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
403 B 601ms
202ms Fetch
application/json 209.191.163.209
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: d96a33690b6b2b76fc8f1ca737c573db1b5ab2d7029a1119ebc6ce10d0352a2b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 08 Sep 2023 18:01:22 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 92ms
43ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.8148943336579761&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb...
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.8148943336579761&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=...

196 B
611 B

40ms
40ms

Fetch
application/json

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.8148943336579761&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: c34c5dc63ddfbf7c969df7004a5b30153ae8ac85efb2daf955d9cfae22bf7e50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Fri, 08 Sep 2023 18:01:22 GMT
date: Fri, 08 Sep 2023 18:01:22 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 196
x-sid: AMS-928

Redirect headers

date: Fri, 08 Sep 2023 18:01:22 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
location: /hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.8148943336579761&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-928

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
275 B 98ms
47ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:21 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
129 B 100ms
51ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: b7f81850b233fcd046e03f6cc2a20c0240ca848f62bc77a01e07025187dcba4f

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 140 B
815 B 43ms
42ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

799aab1b48c3c36669df7b86e95f7d9d914991a4b2dc6bf72d413e3017da3637

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
an-x-request-uuid: 8142c49c-6c62-403a-afe7-049aeb056140
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 140
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
815 B 41ms
41ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

78dbe36485633f0f10112abd5802165591832b5ecbc767329a0a22cd379136ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
an-x-request-uuid: fc11b6b0-c56d-4c14-95f5-277e50e43ace
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 383 B
721 B 233ms
178ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=2275a03a55e9a337&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.722921468549832
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4fc1a0092e0b99cbd93042d73124eab268aa1bfd73ce5d150645246b36383363

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 383
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 112ms
47ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=92905082605&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 220ms
122ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 108ms
49ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 198ms
50ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:21 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 184ms
88ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Sep 2023 18:01:22 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 729 B
408 B 85ms
84ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=1703217849191224&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694196082482&lmt=1694188882&adxs=1090&adys=371&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Des_logo_rr&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=798144652&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14c21ff32213287758427ac0f2f0ca871dc4bb180e0a524817791d163afae2b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 377
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5AE7 6 KB
3 KB 182ms
47ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:01:22 GMT
expires: Sat, 07 Sep 2024 18:01:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
295 B 84ms
84ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=1347810717550325&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x2&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694196082498&lmt=1694188882&adxs=210&adys=962&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=840x2042&msz=840x0&fws=0&ohw=0&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Dnative_single3&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=1865652276&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

244d22f6eb30c71b2b4f7ada4f96d379dab07350dcca62f18ef699818e8c5152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 549 B
307 B 87ms
86ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=742960381476410&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x400&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694196082504&lmt=1694188882&adxs=1090&adys=371&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Des_rr_module&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=2158422392&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af97824b9fc27c6bb156870a33c1535e586f4617318b2e612ea45d9e51d8c293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
303 B 89ms
89ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=2494823685358048&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694196082508&lmt=1694188882&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=1600x3830&msz=1600x0&fws=0&ohw=0&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Dinterstitial&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=3109580626&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ea1e1f6b4c1ae8440242a46eef029acdb9cdc4366253d12e7ea8f80a0c60793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 272
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
299 B 87ms
86ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=1089081791115661&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694196082512&lmt=1694188882&adxs=260&adys=154&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=1180x2402&msz=1080x0&fws=0&ohw=0&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Des_logo_pushdown&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=3140524599&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d328a889f5a77886ffc05370a4565d2a6c0768b100c30fa89cae7e360bccb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 268
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
300 B 87ms
86ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=529561592663430&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694196082521&lmt=1694188882&adxs=210&adys=206&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=1180x2392&msz=1180x0&fws=0&ohw=0&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Dtopic_sponsor_logo&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=477420831&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e039b4b97dcea6f59deea29d4a1fb387699696c7819c35a5679913ef174cb06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 554 B
309 B 83ms
83ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=2729461502818578&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1090x95&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694196082525&lmt=1694188882&adxs=210&adys=144&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=1180x2392&msz=1180x0&fws=0&ohw=0&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Des_pushdown&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=3048883436&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fe6a63b8446094e37732add7e1153933d8a1c37ad0f586636c90278a9c59a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s01880370375282
b.law.com/b/ss/almcut,almglobal/1/JS-2.23.0/ 43 B
202 B 59ms
58ms Image
image/gif 63.140.62.214
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.law.com/b/ss/almcut,almglobal/1/JS-2.23.0/s01880370375282?AQB=1&ndh=1&pf=1&t=8%2F8%2F2023%2020%3A1%3A22%205%20-120&sdid=0686E0BFD78A9B81-604A42329DE19E64&mid=40104624691584232990011211734181485919&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&cdp=2&pageName=cut%3Awebcasts&g=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&c.&getTimeParting=6.3&getPercentPageViewed=5.1&.c&cc=USD&server=cut&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v24=cut&c30=hub&v30=D%3Dc30&v42=year%3D2023%20%7C%20month%3DSeptember%20%7C%20date%3D8%20%7C%20day%3DFriday%20%7C%20time%3D2%3A01%20PM&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.214 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 18:01:22 GMT
server: jag
etag: 3638258382630748160-4617875428446971343
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 07 Sep 2023 18:01:22 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 461ms
460ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=70855&account_id=998701&title=Webcasts%20from%20Credit%20Union%20Times%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-96-194.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

4eaac23f33586070970ea5e5e5daf8e0aba2401df268605b72a9dae8dae00573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 533
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/826604080/ 42 B
455 B 140ms
51ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/826604080/?random=1694196082187&cv=11&fst=1694196000000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&frm=0&tiba=Webcasts%20from%20Credit%20Union%20Times%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2780190480&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/826604080/ 42 B
455 B 141ms
52ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/826604080/?random=1694196082187&cv=11&fst=1694196000000&bg=ffffff&guid=ON&async=1&gtm=45be3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&frm=0&tiba=Webcasts%20from%20Credit%20Union%20Times%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2780190480&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 125ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2429680573784973&ev=PageView&dl=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&rl=&if=false&ts=1694196082637&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1694196082632.2024501653&it=1694196082236&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 08 Sep 2023 18:01:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 61ms
60ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=22254600827&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 69ms
69ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 211ms
210ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 402 B
435 B 205ms
203ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=61f97d87e6e63a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.4923814198172416
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6cb52457c5eed3817ce7aae6cf2aca66c9d9c83b856907694975d7dcaa21f9c9

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 402
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 402 B
435 B 141ms
139ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=627b2c21166ca77&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.7260465618064664
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d8fbee4841f56f479c7f499f182ae2ec255853baaf13bf624fcfe4d15f5e5292

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 402
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 35 KB
10 KB 195ms
194ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8439b38503d8e94e801d574b6391e0dcc66afdd8b9c6e2d1e31d063b951f7118

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
an-x-request-uuid: a02a48f7-2314-4c4d-8d85-59e32a28e62b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
403 B 490ms
204ms Fetch
application/json 209.191.163.209
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 18964272c5f208644be13a8865ee62b2abff17259ed9d4a46364239ad29d7895

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 08 Sep 2023 18:01:23 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 212 B
533 B 49ms
48ms Fetch
application/json 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.8148943336579761&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 34344b698252709a9d7d85399bcc69d1627f83b32fd8d15b6ab5c077ecdd7be6

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

expires: Fri, 08 Sep 2023 18:01:22 GMT
date: Fri, 08 Sep 2023 18:01:22 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 212
x-sid: AMS-928

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 49ms
49ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
130 B 48ms
47ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:21 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 42ms
42ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 51ms
50ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:21 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 51ms
50ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
829 B 89ms
89ms Fetch
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7c8cde70ffb70736dd8d0869daf78de12eede730d79192a4bd368966ba27023f

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 08 Sep 2023 18:01:22 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 250 B
926 B 39ms
39ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

be29ea3205883294b0fd66960f1880b117b0f7f37c6d38ee437a8d6f78422b2d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
an-x-request-uuid: ef053e35-69e4-4193-823a-7e5e23b4263c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 250
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
138 B 49ms
49ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 1ea0a58d1adffb88f57c883e58a47079fb69c705c401fad728bc1dd15f328905

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 403 B
437 B 74ms
72ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=94aa5c4e5e6e905&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.4728090948004149
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b16f28df442d7d5f28f03e8b56e614176dc6f1b55ecc80b2637ceb6f57d3ceb6

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 403
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 403 B
437 B 76ms
74ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=952d4abc7cb44cc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.24871619127262345
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 289a4bd79f9edacb39aa503dc0991eed35b2365cd326d666c867df4ec16560a5

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 403
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 41ms
40ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
403 B 509ms
200ms Fetch
application/json 209.191.163.209
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 1daeb6beaf719351f196f97a09e9d328a8bb005449b1dc0cc5bbeac894637a0a

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 08 Sep 2023 18:01:23 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
138 B 50ms
49ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: b7501b2bd66391145fc6606f06743c1d14cf58e791f2b1c5bd8d384084b01592

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
130 B 49ms
48ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 92ms
91ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 72ms
71ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 68ms
67ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=92918734937&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
829 B 76ms
75ms Fetch
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 45ce0ff4f7b1aaf7333cea3baf337fff9d6af91d1c79675edfd303444efe9511

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 08 Sep 2023 18:01:22 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 51ms
50ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 252 B
928 B 39ms
39ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

570faddaa4a3643185bbd329d6f9bf436420a4a8ad8dc38e3ff5b4a77d6b8436

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
an-x-request-uuid: 22f8278e-e5ff-4dc7-9329-4f12b1f1eead
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 252
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 214 B
535 B 46ms
46ms Fetch
application/json 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.8148943336579761&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 1fef10912b54dcf9f0d7476ebf49e118589a142fdeff523872ea56dc4a640f5b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

expires: Fri, 08 Sep 2023 18:01:22 GMT
date: Fri, 08 Sep 2023 18:01:22 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 214
x-sid: AMS-928

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 51ms
50ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 51ms
51ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8851243300537448822&pixelIndex=0
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8851243300537448822&pixelIndex=0&google_gid=CAESEGevSjD6gXm1avlIZYpAbBo&google_cver=1

0
597 B

118ms
117ms

Script
text/javascript

52.70.172.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8851243300537448822&pixelIndex=0&google_gid=CAESEGevSjD6gXm1avlIZYpAbBo&google_cver=1
Protocol: HTTP/1.1
Server: 52.70.172.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-172-91.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8851243300537448822&pixelIndex=0&google_gid=CAESEGevSjD6gXm1avlIZYpAbBo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 146ms
49ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=8851243300537448822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 user_visited_page
telemetries.jeeng.com/api/events/ Frame 0
0 472ms
379ms Preflight 2606:4700:10::6816:39ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetries.jeeng.com/api/events/user_visited_page

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cutimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 803918adcb7492ab-FRA
date: Fri, 08 Sep 2023 18:01:23 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 user_visited_page Show response
telemetries.jeeng.com/api/events/ 15 B
124 B 177ms
177ms XHR
application/json 2606:4700:10::6816:39ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetries.jeeng.com/api/events/user_visited_page

Requested by

Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 803918b02e3f92ab-FRA
content-length: 15

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 32B4 15 KB
6 KB 152ms
53ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.cutimes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:01:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 344765
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
16 KB 46ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2738061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15535
last-modified: Thu, 22 Jun 2023 11:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942be3-3caf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aKe7DR5322cU7UNbTqSg7i%2BGzELNj%2FBBJgoyNsDpWfsBoJLa7I8sryTbbUKd9%2BJKUaInsVaRSUF8Vxu1VaHhghl9cX9kv31Sb7BgMOU17u6Ot%2BiQ0%2FYdrB8brJPlJIg%2B3cBPWQ928UtNecxpLIlpjMO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 803918ad88ad2c5f-FRA
expires: Wed, 28 Aug 2024 18:01:22 GMT

GET
H2

200

main.js Show response
www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/ Frame 6C00
Redirect Chain

https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js

7 KB
3 KB

48ms
48ms

Script
application/javascript

2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js

Protocol

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d88a23e0d5af7ef2245445495011016b991092587a9a520dd28a0841cfa73828

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 803918ae5fe03689-FRA

Redirect headers

location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
access-control-allow-origin: *
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 803918adef0a3689-FRA
vary: accept-encoding

GET
H3 200 css
fonts.googleapis.com/ 8 KB
745 B 134ms
54ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 18:01:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 18:01:22 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 89ms
89ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5c242003d3d4f93b5261d3ac5c3e2bb9f4f25d6ab9d9e55b7f30353e49314e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11773
x-xss-protection: 0

GET
H2 200 ajax-loader.gif
www.cutimes.com/assets/master-template/images/ 2 KB
2 KB 442ms
442ms Image
image/gif 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/ajax-loader.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaafcf685b785f34f89da6881531dd799cc2bb8ca11b98d473dc66a98e0be964

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
content-length: 1849
last-modified: Fri, 08 Sep 2023 17:28:24 GMT
server: cloudflare
etag: W/"1849-1694194104000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 803918ae4fc33689-FRA
x-vnode: 21
expires: Fri, 08 Sep 2023 22:01:23 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK / Show response
geoip.alm.com/json/ 182 B
447 B 363ms
117ms XHR
application/json 192.226.84.37
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.alm.com/json/
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.226.84.37 Manchester, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: /
Resource Hash: 68e39f2157d45fad9cefe4211a81cc053a5ae8745c7da57b791d00062d1ba8d5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Fri, 08 Sep 2023 18:01:23 GMT
Access-Control-Allow-Credentials: true
X-Database-Date: Sat, 02 Sep 2023 08:05:02 GMT
Content-Length: 182
Vary: Origin
Content-Type: application/json

POST
H/1.1 200 p Show response
cdp.omeda.com/olytics/segments/ 20 B
341 B 201ms
200ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 08 Sep 2023 18:01:22 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 20
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 p
cdp.omeda.com/olytics/segments/ Frame 0
0 141ms
141ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cutimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Fri, 08 Sep 2023 18:01:22 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

GET

sid
mug.criteo.com/ Frame 32B4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=tFP8ZXxmU0IrUFJlMUh4RXFjanNRd1VsYW9HTHZVTVk2QmNMUkNiVDA4WWR3aWQyamNkZ2oreWJvS2hlSVB1WStjUThwa0tuS3JNZUhuQnRPTXBvN28zaC9IQmlqdjRmQWF2enU5SDJpNVZncTk1MGpNQVpFS0t5dEd3bF...

0
0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 181ms
179ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:23 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 262ms
260ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:23 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 46ms
46ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=53203057353&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 252 B
928 B 40ms
39ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

fd10557cdb80b8572afbc8eacccb56b1f21ac2501eb24527e2d601bbb0c0e06e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
an-x-request-uuid: 762688e7-70be-4adf-b006-0823e2074bf0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 252
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 40ms
39ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 47ms
46ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 57ms
57ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 52ms
52ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
831 B 81ms
80ms Fetch
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fc46f37cc261314afea2d2dcb4aa565744b1f811db463dbee27a210b478aa810

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 08 Sep 2023 18:01:22 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
132 B 54ms
53ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 403 B
437 B 106ms
105ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=157101424c0bf6a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.5432934640114335
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f85a653dd485945c50daee3cf3d2ca619e037e4eefd0741ca8ded3a47101f892

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 403
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 403 B
460 B 84ms
84ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=1585049e568c09f3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.40865426311928443
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 31f3896dcac1991b68a3b57e1adf1e88f60e195de49b37f414fc4a1c6cdcd629

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 403
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
403 B 301ms
200ms Fetch
application/json 209.191.163.209
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: d0505c789490c97e5c95b97b1146f534dab14d4e0a73a596efbbc32ece579bf7

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 08 Sep 2023 18:01:23 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 214 B
535 B 40ms
40ms Fetch
application/json 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.8148943336579761&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 1fef10912b54dcf9f0d7476ebf49e118589a142fdeff523872ea56dc4a640f5b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

expires: Fri, 08 Sep 2023 18:01:22 GMT
date: Fri, 08 Sep 2023 18:01:22 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 214
x-sid: AMS-928

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 18 KB
9 KB 210ms
210ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

64bdc5890071a0a871f4190d9101140e88daf28effd71735497b39280f3f85cf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
an-x-request-uuid: f102fa30-4fb5-436d-8143-68f8c94b5a62
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
94 B 50ms
50ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 06cd766adae5cdcf68f60e566bac01c0ec29fb4d0e7c44db4b01e400025e01cf

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Sep 2023 18:01:22 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 252ms
252ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=1032598050448485&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D8aa15141bbe365c8%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MZSJnvZrSISjiNHFyxzUUebU9B1Lw&gpic=UID%3D00000c704d50e80c%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MadAykL3_PqsLkZW1dcjKY-KJQ27w&abxe=1&dt=1694196082983&lmt=1694188882&adxs=230&adys=164&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=1170x40&msz=1140x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Dtop%26amznbid%3D2%26amznp%3D2%26hb_format_bluTonic%3Dbanner%26hb_size_bluTonic%3D300x250%26hb_pb_bluTonic%3D0.03%26hb_adid_bluTonic%3D239c70f96ff6781%26hb_bidder_bluTonic%3DbluTonic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.03%26hb_adid%3D239c70f96ff6781%26hb_bidder%3DbluTonic&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=2275873130&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57a8add5a9143aa38ab8fc7dde987b61a4af28fdf4dfe1713d09003f7090a6b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11830
x-xss-protection: 0
google-lineitem-id: 6159049915
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138412945943
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 80391898dbe33689 Show response
www.cutimes.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6C00 0
255 B 95ms
95ms XHR
text/plain 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cutimes.com/cdn-cgi/challenge-platform/h/b/jsd/r/80391898dbe33689
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: br
server: cloudflare
cf-ray: 803918af9a0f3689-FRA
content-type: text/plain; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 49ms
49ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 50ms
49ms Fetch
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:22 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 72ms
71ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:23 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 71ms
70ms Fetch 3.121.142.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.142.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-142-71.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:23 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H3 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
94 B 48ms
48ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 1f1e67ffbce2f1f6ccebbbca244fa90ed9df587d7fa98d9c689ea37ecf9ebf1b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 251 B
927 B 41ms
41ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c7e8f5807453423eb1c2666939f8dafce4d6a1672a15c83f1c136cd97ea64dc7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
an-x-request-uuid: 21e4f3d1-fa0e-4e65-8f64-d7a8bf485e36
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 251
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
131 B 47ms
47ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 40ms
40ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 252 B
928 B 40ms
40ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

00aba9dcfbe890214f94a3579723c2f5d00650f0a8dfa56ee7fc252deb5ba050

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
an-x-request-uuid: 93f3c024-42dd-415d-86cf-789707eaf1a7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 252
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 214 B
535 B 40ms
40ms Fetch
application/json 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.8148943336579761&e=300x250_0%3A300x250%2C970x90%2B300x250_1%3A300x250%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&pbv=8.13.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 1fef10912b54dcf9f0d7476ebf49e118589a142fdeff523872ea56dc4a640f5b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

expires: Fri, 08 Sep 2023 18:01:23 GMT
date: Fri, 08 Sep 2023 18:01:23 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 214
x-sid: AMS-928

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
852 B 110ms
110ms Fetch
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2cf9b39bad8b3bcd2c32c7c1015b01900f49a721f91962a0d94eb7ac83b0ce97

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 08 Sep 2023 18:01:23 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
403 B 200ms
199ms Fetch
application/json 209.191.163.209
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 5b6d04edea371618b6f0b9179a0f8a9cbd9ced04908dbae1b128342dc6d5d1d8

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 08 Sep 2023 18:01:23 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 56ms
56ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 403 B
437 B 314ms
313ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=20586c0362a0acdc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.6579497812296025
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ccbc5981dcae90bca1d34285c8bf3025e64a73b9b82a21c6905bef9740925068

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 403
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 403 B
437 B 106ms
106ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fwebcasts&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=2068e5ae4fde3431&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fwebcasts&slots=1&rand=0.12219937368577005
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 464199afdf89f460b7d0b472128c19e98d00dc9f3a93ae1ac6ccbef4d41a7aa9

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 403
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 46ms
46ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=73409093021&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Fri, 08 Sep 2023 18:01:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 148ms
60ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 18:01:23 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 582980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 00:05:03 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 243ms
154ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 06:04:28 GMT
x-content-type-options: nosniff
age: 561415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 06:04:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 186ms
98ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 582980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 00:05:03 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 211ms
122ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 00:05:03 GMT
x-content-type-options: nosniff
age: 582980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 00:05:03 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 40ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2429680573784973&ev=Microdata&dl=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&rl=&if=false&ts=1694196083149&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Webcasts%20from%20Credit%20Union%20Times%20%7C%20Credit%20Union%20Times%22%2C%22meta%3Adescription%22%3A%22Webcasts%20collected%20on%20topics%20from%20our%20industry%20experts%20and%20top%20thought%20leaders%20to%20guide%20and%20inform%20treasury%20professionals%20%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Webcasts%20from%20Credit%20Union%20Times%20%7C%20Credit%20Union%20Times%22%2C%22og%3Asite_name%22%3A%22Credit%20Union%20Times%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%22%2C%22og%3Aimage%22%3A%22%2F%2Fimages.cutimes.com%2Fmedia%2Fmaster-template%2Fsocial-share-logos%2Fsocial-share-cut-716x372.png%22%2C%22og%3Adescription%22%3A%22Webcasts%20collected%20on%20topics%20from%20our%20industry%20experts%20and%20top%20thought%20leaders%20to%20guide%20and%20inform%20treasury%20professionals%20%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FWebSite%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1694196082632.2024501653&it=1694196082236&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 08 Sep 2023 18:01:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK analytics Show response
go.alm.com/ 50 B
1 KB 506ms
219ms Script
text/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.alm.com/analytics?conly=true&visitor_id=143801640&visitor_id_sign=c9a8ffa34583f65808bdcdd68f5251180d3fcf0266b44e083a7b95608b19c1cf61fcacb6f177b9fcc7fb5f6e5f4415acb9b73987&pi_opt_in=&campaign_id=70855&account_id=998701&title=Webcasts%20from%20Credit%20Union%20Times%20|%20Credit%20Union%20Times&url=https://www.cutimes.com/webcasts/?slreturn=20230808140118&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=70855&account_id=998701&title=Webcasts%20from%20Credit%20Union%20Times%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 08 Sep 2023 18:01:23 GMT
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 50
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
169 B 83ms
83ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=2468640450332399&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1400x320%7C1200x250%7C1200x600&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D8aa15141bbe365c8%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MZSJnvZrSISjiNHFyxzUUebU9B1Lw&gpic=UID%3D00000c704d50e80c%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MadAykL3_PqsLkZW1dcjKY-KJQ27w&abxe=1&dt=1694196083161&lmt=1694188883&adxs=100&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Dsuper_hero%26amznbid%3D2%26amznp%3D2&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=2290974876&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28cf4ffe5e1feb4992284dfa83437f13e75ced6f2607e67454a195c99db29f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 484B 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYiPYBSLaD9lvxWBJ0CbonrfBwXuDDPvf77p0Vv7RkphjLuNm9-pLBXgT00CjgABSTd5R5RctrRR2aoMrdN77OSRSyXBRLVvRPhnfaAB6HKaLgRqkITS44dcBf-O0FovGF0iqLwa6RuwGmGKDMnBe1VvAR1wO6NH217Eb7_CoQ2WqKneCqRQdGNDeEe7hOojOInyTsDXIW7xvHwYW68wOi-84CuHVjrp0kEN4LYm72VlJ1OHaAsn39dXNZapdwpJf_ZM1Rf09U_sHtBaRkZ2mNYFCjUjJ5TyIKirtxmEfHbn3mudBHpbJWt-xTJUv-XHvuQM3I9cZ_23t3ePJMpfo&sai=AMfl-YTBeo4saUYQB73S8_VEXytzGAaduaSTHDzbJ-ebYTiBQl_ZQ90eWgwqjeUUZIzCYuwOE0rr5UEje9JyV2gc19o1Ok6tEaAV11Osn9krulnPAEEasnaoyhVj5lKa4HI&sig=Cg0ArKJSzGxUmPo-ZSvqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 403 index.js
cdn1.opstag.com/14471/ Frame 484B 0
0 523ms
424ms Script
application/xml 18.66.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.opstag.com/14471/index.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-11.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 484B 181 KB
57 KB 167ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 18:01:23 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 484B 10 KB
4 KB 42ms
42ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8ad58c689c0f970afaac33a37b24620f516b4b042c0d22f6c3642e86d8e92530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:44:49 GMT
server: AmazonS3
x-amz-request-id: 2H0VEC52THZXFK3A
etag: "f3fc384e073ec959d7efd12ffae629cc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43259
accept-ranges: bytes
content-length: 3853
x-amz-id-2: HojRN0q3ILvNIe5knjYCyzcPP60TCiF8zUhvyNjGQPJvfvUlhDRp67iTJNH0PgIAEDWITA0yogE=

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 205ms
205ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=3430051020943024&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D8aa15141bbe365c8%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MZSJnvZrSISjiNHFyxzUUebU9B1Lw&gpic=UID%3D00000c704d50e80c%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MadAykL3_PqsLkZW1dcjKY-KJQ27w&abxe=1&dt=1694196083280&lmt=1694188883&adxs=1090&adys=451&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AOrYGsnNMmRKHKavgLOVAYbEtjI-6DwBzsnyo7Hlo0oagy6iJzcgMG9iiJsloQ9JAYno-CmM0Vt62A3zO5PxndZMcwwqVVVg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Dmiddle1%26amznbid%3D2%26amznp%3D2%26hb_format_bluTonic%3Dbanner%26hb_size_bluTonic%3D300x600%26hb_pb_bluTonic%3D0.04%26hb_adid_bluTonic%3D24944de1e26e43d9%26hb_bidder_bluTonic%3DbluTonic%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.04%26hb_adid%3D24944de1e26e43d9%26hb_bidder%3DbluTonic&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=99132293&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

038fd7db261f3fe8525f3105a268cf2ab584eb0db9ec80a8b686c9cf57d03f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11821
x-xss-protection: 0
google-lineitem-id: 6159049915
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138412945796
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 menu-close-btn.png
www.cutimes.com/assets/master-template/images/ 268 B
520 B 63ms
63ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/menu-close-btn.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc76428cad5c36631113a653d30ef85dbcfe672934b13630f4fdd2c1f1403f58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/webcasts/?slreturn=20230808140118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 6578
cf-polished: origFmt=png, origSize=3321
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="menu-close-btn.webp"
content-length: 268
last-modified: Thu, 07 Sep 2023 10:27:38 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"3321-1694082458000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 803918b09bcf3689-FRA
x-vnode: 145
expires: Fri, 08 Sep 2023 22:01:23 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 343B 13 KB
5 KB 42ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 17:59:15 GMT
expires: Sat, 07 Sep 2024 17:59:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A97 829 B
979 B 49ms
48ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91c09f9bb523040f8a466343765f31e2f01bdf5cef56d3ba8783308b27172991

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W1DJNp8F-wwLxYlFXAbsQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-W1DJNp8F-wwLxYlFXAbsQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:01:23 GMT
expires: Fri, 08 Sep 2023 18:01:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 60ms
60ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-17893"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Sep 2023 18:01:23 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 343B 37 KB
14 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 06:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 06:47:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A97 0
0 221ms
140ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=1145957312267844&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 169ms
84ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-17893"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Sep 2023 18:01:23 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 318 B
167 B 80ms
79ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=947825895557841&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=729x90&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D8aa15141bbe365c8%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MZSJnvZrSISjiNHFyxzUUebU9B1Lw&gpic=UID%3D00000c704d50e80c%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MadAykL3_PqsLkZW1dcjKY-KJQ27w&abxe=1&dt=1694196083457&lmt=1694188883&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=1600x4216&msz=1600x0&fws=0&ohw=0&psts=AOrYGsnNMmRKHKavgLOVAYbEtjI-6DwBzsnyo7Hlo0oagy6iJzcgMG9iiJsloQ9JAYno-CmM0Vt62A3zO5PxndZMcwwqVVVg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Dfooter%26amznbid%3D2%26amznp%3D2&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=1551943206&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ae6f768fe36b9e98e8741e23475b64d251c33f4ebe638c2154ae1902d51bc6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag.aspx Show response
ml314.com/ 31 KB
10 KB 41ms
41ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?882023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 17:52:58 GMT
content-encoding: br
age: 505
x-guploader-uploadid: ADPycduazCDlXzivZOBWS4yN6vb67usXnHbSwfzR8ag1NzbNNXYoh-MvBBiOQbN225mhv3qoGWjYxeo6NBOTHRIaEwKT8g15tZ1t
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10518
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 73ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1694196081543&de=876736677250&rx=586964791651&m=0&ar=6f742097-clean&iw=45864f5&q=2&cb=0&cu=1694196081543&ll=2&lm=0&ln=0&em=0&en=0&d=5095087889%3A3110412442%3A6159049915%3A138412945943&zMoatMData=1&zMoatTopic=webcasts&zMoatPS=top&zMoatMMV_MAX=noHistData&zMoatMSafety=safe&zMoatMGV_MAX=noHistData&zMoatMMV=noHistData&zMoatMGV=noHistData&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com%2Fwebcasts&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&id=1&ii=4&bo=21664827602&bd=22082355883&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=22082355883&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=22082355883&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2872%3A2872%3A3445%3A2860&tz=top&iq=noHistData&tt=noHistData&tu=1&tp=safe&fs=69&na=795020349&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 Sep 2023 18:01:23 GMT

GET
DATA 200
OK truncated
/ Frame 484B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9ceaf9dd39961372b567a7445e1e2ad9993b58e7d03932c1bcdef7921098a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame CA36 9 KB
3 KB 178ms
178ms Document
text/html 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5766a178ab28457646bec8b75ef129ae7868e161ab607efe4bc2276575ede961

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 803918b308b5382c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 18:01:23 GMT
expires: now
link: </img/a/pss/2232/12.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame FD5B 7 KB
3 KB 175ms
175ms Document
text/html 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab5c0862c0387c54a45ed0d397f33b5971166a2fc7baa6e3b6031793c3c3d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 803918b308b8382c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 18:01:23 GMT
expires: now
link: </img/a/pss/1972/61.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 12BE 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoRo6oqkoD5SEMXI8dysXiDZpzDRiM7L1TUaNrnAcbM-8J_1z52cdeFASrfZS5BKoYsKQHM6J924WH24-PbwSk5cqRri4LOvdlZt9s2eJoAC2YZ5SRKO0PbKzdhJoDpxrN6PlkTEsva4COj7tgm0ACLyWg9FwAAGI5cIwUzERI42_5DVvMLeOlbEBStybv6hCdJllN1IFCrgOAcEkO6uz5DOCdXRjiCgHHuIvwTNGCHOdVaG5qaC53QDWuV723xip8yfOip_phYXpkd-Th1I1nIRD--FtLPaamkDVeklnCynMtIR53MKKiUwXpmuAy_4SGJX5NO7emeCCo0LhurMA&sai=AMfl-YSc-1bbVQAtLRsHuR-_MMZpSZHfQj6u3hh6OZ8vBVa9meqI5MQWOctVeSc7j_478PjSwEOkI5jC_AIRlDWSzRA0zeHlIbaKyaz1bnCPdYVEpG-G8gvTx-NP9cCbSlM&sig=Cg0ArKJSzCfvgilWpQbrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/webcasts/?slreturn=20230808140118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 403 index.js
cdn1.opstag.com/14472/ Frame 12BE 0
0 419ms
418ms Script
application/xml 18.66.112.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.opstag.com/14472/index.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-11.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12BE 181 KB
57 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 18:01:23 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 12BE 10 KB
4 KB 42ms
41ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8ad58c689c0f970afaac33a37b24620f516b4b042c0d22f6c3642e86d8e92530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 15:44:49 GMT
server: AmazonS3
x-amz-request-id: 2H0VEC52THZXFK3A
etag: "f3fc384e073ec959d7efd12ffae629cc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43259
accept-ranges: bytes
content-length: 3853
x-amz-id-2: HojRN0q3ILvNIe5knjYCyzcPP60TCiF8zUhvyNjGQPJvfvUlhDRp67iTJNH0PgIAEDWITA0yogE=

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 343B 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?648HAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1694196081543&de=281393579733&rx=586964791651&m=0&ar=6f742097-clean&iw=45864f5&q=3&cb=0&cu=1694196081543&ll=2&lm=0&ln=0&em=0&en=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&zMoatMData=1&zMoatTopic=webcasts&zMoatPS=middle1&zMoatMMV_MAX=noHistData&zMoatMSafety=safe&zMoatMGV_MAX=noHistData&zMoatMMV=noHistData&zMoatMGV=noHistData&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com%2Fwebcasts&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&id=1&ii=4&bo=21664827602&bd=22082355883&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=22082355883&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=22082355883&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2872%3A2872%3A3445%3A2860&tz=middle1&iq=noHistData&tt=noHistData&tu=1&tp=safe&fs=69&na=1587776346&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 Sep 2023 18:01:23 GMT

GET
DATA 200
OK truncated
/ Frame 12BE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61ccc7b69b51eddf7c72354a62b87de1fb763e8c0b3d16fff861caf7fd1a6c86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 472ms
472ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1145957312267844&correlator=4050595595372171&eid=31076398%2C31077693%2C31070233&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Cwebcasts&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=12&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D8aa15141bbe365c8%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MZSJnvZrSISjiNHFyxzUUebU9B1Lw&gpic=UID%3D00000c704d50e80c%3AT%3D1694196082%3ART%3D1694196082%3AS%3DALNI_MadAykL3_PqsLkZW1dcjKY-KJQ27w&abxe=1&dt=1694196083704&lmt=1694188883&adxs=1090&adys=451&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AOrYGsnNMmRKHKavgLOVAYbEtjI-6DwBzsnyo7Hlo0oagy6iJzcgMG9iiJsloQ9JAYno-CmM0Vt62A3zO5PxndZMcwwqVVVg%2CAOrYGskAZJu9iELndV2p3TKdK8A2LSZdxHs8pdVDYH4IjIVOhB70OHEtZc2wTFtkyOmx-x3IhJXzIoxfGqCDghE7OL_gZmm-%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1118165133.1694196082&ga_sid=1694196082&ga_hid=668843232&ga_fc=false&dlt=1694196080069&idt=2202&prev_scp=position%3Dmiddle%26amznbid%3D2%26amznp%3D2&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26topic%3Dwebcasts%26page_number%3D1%26email_domain%3Dnone&adks=2689798602&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdcb50140307a35bc5b91e3189132a866af8806e2b3ce4849467b6d0ff8eb153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14247
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 484B 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq59I9e1v6EwSXU22yk18TQwam7M2SWaI337sQc4jEkOqCWuzGFX-J-h-D3KSy6lpIGdgRfTpw-R0i1uj-T7jLELe1yWP5SOYxs6H8aTlDhvcs3Y84G_85apRSt6HKAqMzuAonODTdPzHV7UELJiZ3CAP9dIN07RrHc98FD7e0qxab9qFHv5CgvKy9SLIs5OoaMBKNW4iIcRjHQ3UDunoCuXCqDDrc9ubJmljCJ83bgVMKqSshk0x83AeZXZorrvlBYEBPqDeEwf1GiSac20hdzfZR0W2cTHVDrme4B1NvCZUbVixRp76DgmtgYToqA81ohjYo41P5dPhZMJ2zhQZh1A&sai=AMfl-YQwNef-hJqWbGQFZmFo7oIBCyCgwWijsPpwVa87J2jlPGKxVMiZ0V6Bf0UKNahoGwdlX3bFZnxehjcGGW0Wt1l9s-fNkXCWPV_fB1dakrAecqAp8ObeXPLKFU-UBAE&sig=Cg0ArKJSzAJtLRUimGfNEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Sep 2023 18:01:23 GMT

GET
H2 200 61.css
www.dianomi.com/img/a/pss/1972/ Frame FD5B 2 KB
1 KB 54ms
54ms Stylesheet
text/css 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/1972/61.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 530915
cf-polished: origSize=2947
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 11 Jul 2023 08:31:14 GMT
server: cloudflare
etag: W/"b83-60031ec0fc188"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 803918b44a17382c-FRA
expires: Mon, 09 Oct 2023 04:01:23 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame FD5B 8 KB
3 KB 54ms
54ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 20
cf-polished: origSize=13022
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 14:33:52 GMT
server: cloudflare
etag: W/"32de-5fa523edf86e0"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 803918b45a1f382c-FRA
expires: Fri, 08 Sep 2023 18:03:23 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/ Frame FD5B
Redirect Chain

https://ad4.adfarm1.adition.com/banner?sid=4851113&kid=6098011&bid=18428349&wpt=C&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}
https://imagesrv.adition.com/1x1.gif

68 B
178 B

564ms
43ms

Image
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
Protocol: H2
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Sep 2023 18:01:24 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 20:01:24 +0200
server: ADITIONSERVER v1.0
etag: 7276516769511312140
content-type: text/plain
location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

B30232522.373054704;dc_pre=CKHvlJ7Mm4EDFVUKVQgdVqAFkA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;g...
ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/ Frame FD5B
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_direct...
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_pre=CKHvlJ7Mm4EDFVUKVQgdVqAFkA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_...

42 B
247 B

61ms
60ms

Image
image/gif

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_pre=CKHvlJ7Mm4EDFVUKVQgdVqAFkA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_pre=CKHvlJ7Mm4EDFVUKVQgdVqAFkA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame FD5B 60 B
60 B 206ms
47ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=87&extPu=amex-adition&extLi=6041423&extPm=4838686&extCr=18346433&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}&rnd=INSERT_TIMESTAMP_HERE

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 18:01:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 08 Sep 2023 06:01:24 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1250
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 12.css
www.dianomi.com/img/a/pss/2232/ Frame CA36 2 KB
857 B 61ms
61ms Stylesheet
text/css 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2232/12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 530899
cf-polished: origSize=2446
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 17 Jun 2023 06:38:18 GMT
server: cloudflare
etag: W/"98e-5fe4d8c018118"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 803918b45a28382c-FRA
expires: Mon, 09 Oct 2023 04:01:23 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame CA36 8 KB
3 KB 58ms
58ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 20
cf-polished: origSize=13022
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 14:33:52 GMT
server: cloudflare
etag: W/"32de-5fa523edf86e0"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 803918b46a35382c-FRA
expires: Fri, 08 Sep 2023 18:03:23 GMT

GET
H2 200 VfG99MCoyKoAAGpDgiIAAAAI.png
www.dianomi.com/img/uploads/ Frame CA36 1 KB
1 KB 70ms
70ms Image
image/webp 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/VfG99MCoyKoAAGpDgiIAAAAI.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2594894
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="VfG99MCoyKoAAGpDgiIAAAAI.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Aug 2020 16:33:27 GMT
server: cloudflare
etag: "f64-5ac380c3ca3c0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 803918b4baab382c-FRA
expires: Mon, 09 Oct 2023 04:01:23 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/301104/3/ Frame CA36 10 KB
10 KB 58ms
56ms Image
image/jpeg 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/301104/3/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3b0ffe4e92d14c9033d4f6c8136cbffd6ffea5ce3384d26ebf238478836318

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 201740
cf-polished: degrade=85, origSize=18744, status=webp_bigger
content-length: 10444
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Aug 2023 10:29:40 GMT
server: cloudflare
etag: "4938-602165fd42e48"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 803918b4bab1382c-FRA
expires: Mon, 09 Oct 2023 04:01:23 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/299925/2/ Frame CA36 11 KB
11 KB 54ms
52ms Image
image/webp 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/299925/2/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57e3da0bf8d9429993fdbc7766799944ebe95ae8d83987d05b9412f5df1c0df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97799
cf-polished: qual=85, origFmt=jpeg, origSize=71153
content-disposition: inline; filename="263x200.webp"
content-length: 10872
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 24 Jul 2023 15:01:13 GMT
server: cloudflare
etag: "115f1-6013ce2b12288"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 803918b4cab2382c-FRA
expires: Mon, 09 Oct 2023 04:01:23 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/303710/2/ Frame CA36 9 KB
9 KB 61ms
59ms Image
image/webp 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/303710/2/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b1775ef73acc652a55f6085dd75535b3b1194656390ed57e7c26f3e13b6651

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 812549
cf-polished: qual=85, origFmt=jpeg, origSize=15733
content-disposition: inline; filename="263x200.webp"
content-length: 8768
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Aug 2023 11:07:48 GMT
server: cloudflare
etag: "3d75-6040dd2404040"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 803918b4cab3382c-FRA
expires: Mon, 09 Oct 2023 04:01:23 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/131878/15/ Frame CA36 15 KB
15 KB 64ms
63ms Image
image/jpeg 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/131878/15/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79be594c57ca2a1c419a043feaddbb72af4535d00b411f2f733bb09314e0287c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1701316
cf-polished: degrade=85, origSize=24335, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 20 Jul 2023 12:41:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 803918b4cab4382c-FRA
expires: Fri, 15 Sep 2023 18:01:23 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/304695/4/ Frame CA36 17 KB
17 KB 174ms
172ms Image
image/jpeg 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/304695/4/263x200.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92af4fd1e73914883baccd73858b9c1686d57ecc6be1d8685b29a1c8339a7c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:24 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 15:24:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 803918b4cab7382c-FRA
x-xss-protection: 1; mode=block
expires: Fri, 15 Sep 2023 18:01:24 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/ Frame CA36
Redirect Chain

https://ad4.adfarm1.adition.com/banner?sid=4851120&kid=6098011&bid=18428445&wpt=C&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}
https://imagesrv.adition.com/1x1.gif

68 B
103 B

564ms
44ms

Image
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
Protocol: H2
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Sep 2023 18:01:24 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 20:01:24 +0200
server: ADITIONSERVER v1.0
etag: 7276516769511443212
content-type: text/plain
location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

B30232522.373054704;dc_pre=CODylJ7Mm4EDFSH-uwgds3EDxA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;g...
ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/ Frame CA36
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_direct...
https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_pre=CODylJ7Mm4EDFSH-uwgds3EDxA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_...

42 B
236 B

61ms
61ms

Image
image/gif

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_pre=CODylJ7Mm4EDFSH-uwgds3EDxA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N7861.4425511PIAADVERTISINGGMBH/B30232522.373054704;dc_pre=CODylJ7Mm4EDFSH-uwgds3EDxA;dc_trk_aid=563744305;dc_trk_cid=196451712;ord=INSERT_TIMESTAMP_HERE;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame CA36 60 B
60 B 192ms
48ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=87&extPu=amex-adition&extLi=6041423&extPm=4838686&extCr=18346433&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}&rnd=INSERT_TIMESTAMP_HERE

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 18:01:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 08 Sep 2023 06:01:24 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1250
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixeljs Show response
data.dianomi.com/frontend/ Frame FD5B 0
43 B 85ms
73ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xC6EBD1F176674E36B5CBB32AC4979C3C&third_party_tracking=1&consent_string=&smartad_id=3421&partner_id=1012

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 803918b4baaa382c-FRA
access-control-allow-headers: dianomi-force-dmp

GET
H2 200 pixeljs Show response
data.dianomi.com/frontend/ Frame CA36 0
200 B 70ms
69ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x546DAC2CFC0C42238DB4B40F214A60BF&third_party_tracking=1&consent_string=&smartad_id=3420&partner_id=1012

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 803918b4cab8382c-FRA
access-control-allow-headers: dianomi-force-dmp

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 12BE 0
0 81ms
80ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst38-GcLQ_Dof4u05bpYA6apLPXaGg_bKLgzkwl4KUFb5OP9ltvJa8otsMe_4AyfgXyhWUmiTlxTDuRFXHZFuOXowe0XtvyEW3cTsrenFgZlgXC_yU5Pu8YMJs9n5yatxA56mbbIosvUXqkeS2hMlyt4CYasY63B7fHywQLND-zXhsVRf161OoQ-TraEjn4cr5VU1hTaSfnkrIggl8utW7DhMQeGKhe2gUoq-R8Fya-AN6VoM3qgTaFRQY37zIt-_uRiRQVf7mzheuNJC-iRJoLjAHXosbqhgyt3UF2biLj9moapFUCykU2T7mYBigH0IER1P_BNPmAo53MEmblR-D-NA&sai=AMfl-YSa8WaYLBrMvoyhrlKg_FA43Z5rEDXNNgQxqI4z9OGDZzWBdmttS6LNwiy-M9g4ZjY8j_s39tw5kOPmDwgrCKH6RD78ejJB2G8zCXiiqjeXia8R5ZPri4OwJ7uNaTM&sig=Cg0ArKJSzLQ02bUSYaRXEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Sep 2023 18:01:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 146ms
145ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=1145957312267844&bg=!QUKlQg3NAAa6D61Rmg87ADQBe5WfOFCLcN_WghULaiLYBfh3OVWLfv9rzmYE9EZnkTQ4yGL7qmCKt1TmjVZtywKj17u5AgAAAJFSAAAABmgBBwoAowh9kScZz-fP7vfxIfXFAQT0jJgbkNiQ274xqu3pyZkDrNB-f9A-U1-UhUGPk8_IJrIeZIYXz3nk1oR6ebcoHdf6XM5R8yvGdUA2GYrKCnZQa7pNTtoWMBLoOeljFt0-0Ky24lR7oSOelqHii-llQleO80zEz0GZ5zDD0Vhj2d9xmPTTAdc9-UugBOcjGUhMOxuugBmmlWJ1iQp6jy2YmyOx8WeZAryUSKEoUcBd1V6ogBl-dWumv-w1VfOl0waigdjEg1k_cHrF7lItAVfMMT0rTFsK-_zH3X_uTSI5cW-t_csPDNqpHzEXoYXHANzpWGT2929h_0C8_1lQ52stGlLxep7TVR96Ik6FdLyw46MXpENjyCu_-URBi6Bt-5uMzyLjdDBCb1T_cCM6J5C3ULfDor8LHfaDAJ08ayU_lB-AEPHVmLSWNG685NJcfwmvHrxcx2Oe1o-pwZHjfGMedrnGj2Ws6mSf4K5mWQ5HSDdWJATO3c8HZTDd9y1qV3fiaiWfNz-30dGugnT3meoN_JeFmPkG-d1-jdR56i6GMeut57TAQLc1i2ynyRjdyQrJ7IlZlOSiWCsWQ6diSDRkQqXHH6UHMfwyNknjKREc7xEm1jI-BMS1gwKAcQZz4jQAVxZQqkirw96hMOZtlCEk2cOvaU2TXTt0manO-AH3mrNK3kkLLqco5g1cnjnVga1kqNnx0V6GarOq2b0GaJ3mF7mY3sCBFKEfuFqPMKE2fk8ZmFOSWvvhav-TZ2hcMaA_EY14L2QVv8EchFORD3oQzs6MsTrp0dvENrCoAqVhxNsRE9-wPiBKq9WzJVzC0W3kxnlywK-kNHVeBpRU53y6qiKfqHkCEfb_sh2ggfg_Qm_9XKUxeNtiYMCi6Qny5avzJ3HeHeVlMx5ruokDTAvOd1CnIlVHdld9Wb9sJkxVy6EMO1CtSMMZhK4SDOV1Tm98HjwJ6cYWcbTKRaDBwszXb440V7nrIFzexF5SI0CnciL_GXsLPF4HF1MQj7MNy6n4E7-jlTz76glvydihnsvT68KFxqZlxPWwN2gvoQ_Bm_mWhwYj5KB7LJsbzDjIbqSK-H3jRFG1UlsOFAZHHR8IpeHqrFKDgubwAIn6WCwTLBzpl2BB79h5uBS_x6WB9n-ay3ZH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 container.html Show response
58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BDC2 6 KB
3 KB 43ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:01:22 GMT
expires: Sat, 07 Sep 2024 18:01:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 39ms
39ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALM_HEADER1&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=webcasts&wf=1&ra=3&pxm=1&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1694196081543&de=72678852953&rx=586964791651&m=0&ar=6f742097-clean&iw=45864f5&q=4&cb=0&cu=1694196081543&ll=2&lm=0&ln=0&em=0&en=0&d=4525440395%3A2480285401%3A5003141755%3A138270685228&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&id=1&ii=4&bo=cutimes&bd=webcasts&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2872%3A2872%3A3445%3A2860&fs=69&na=798573554&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 Sep 2023 18:01:24 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1784 190 KB
58 KB 2852ms
1906ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPthcwALxVYKd4XSAAkPmFXVrfwKAcrnjbKa8Q&u=%7CgGaZFRvY%2FyrzdFH1WpqESZd42eBym4NirGglLhRg7hY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSM6boGrTGaVhphTuIU_fhho2rqRv486Nl8sHUrWfxKVtrhReMZI7QfdxBefGFkx_LxFxy9pYNBbXSntFPv3QXid87oo-Ek2K1W7WRNi_Nk6Mcjb1Mt-SAKyfX-OnTEQ1PL9GOroswS5sI99xmIUXlucnrG4CRDd4njObyITCb3V0T7LyMqszMMU6HLcL5sDX3fHBoNeZNa7NT5fGgfcARSQdHDJdYAEhIGkTJIrVL41IeAEKfFZgC3p05vXj8UjykSdYRKnxrT-GHk60bZUWC7f7psP980WOAvj8CvIy_DPXYM24f1xDKazVCXZkkK8EpujxGPihmW0LBwCOi_r6YO40KHTti1k-imZoiP_V9STsVMg0_HPRzIv7lkj-wKoitgz5eXbmfAjAMEVWp11SJ20uxp_AvxK0Z2KX83FEPb9N5niXe6vnjaIWdUucQsFLPxdGbNA9Fplb5ARx_mrCcWwNd7Y-eneH6gTGRTrlWyHeD-m4bGTY3ko91AR5ZY2JZRto4nZ0-VMYvsA7qVsoHFcucyMi31hMvx5Yek979TDbXtfkrqYsXWqBOBW0oBikS72zF3AvlGc5oYZwwIh0XsL1boeVIJ0oO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEJ3rc2H7ZNaKL9KL3gOYn6T4A8me0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMTI2MTk5MjQ0NDgwMzg3NcgBCakCj8oZsgXzsT7gAgCoAwHIAwKqBLwCT9BiKgK4z-kAwWn1anePlKloxS9JHVks3cqHqmRSe7_43y3uWE-qfToUG2-cLXBgOJsLb5vqA41A7aTRZFMDsP1mWU1p3sR947tOhl223QbA0JNZzDjNh4liR_WleTNUz7VjVCNOL0nvTIMPtJHuSxWjhNgQarXBqKmLrfEBmjLCUOFPtHrghO80C_lajUFLyVxisDL4tlYydcln1tkaPHeOFGWSCIa02nrXvXNSHqA1xvFtTH5L-xWJvNWx4Ww_Z-0U7FVkcIKsBJNc_WlXPWVg6qlS_7r9uohv2X1YCWRYzDldOtXrNzMcYUPaFF_mMmzsifHdreEH_FpUAz9EKj1QLn6F7g-cQuaM7HnUyy-OaE51KAF_KXiRoCgEPqJB502OLpGbYkGXXjsxlVDwZMc-dI3CuWhVQa8guuAEAYAG6o7pkfHckYcaoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0HvM4d2YuPyZ88nzLNGIc81CybLA%26client%3Dca-pub-1261992444803875%26adurl%3D

Requested by

Host: 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
URL: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

992f32caf15584f5053e9fb98cf57ce03a200e40f38b4cafe493a0a3051516e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:01:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=nOGM9KhINbyvTr0_URhLXGYt7ucgB6f_ynyVaXUuO-4YON420z9HpPeuIdkI6kFUnczpnRY_nTO2nhfG_sgBJoHMwq9uws5zVtHcc_7cMsg70MfDOd9NSyyLz--W8mqi3kW6nmWJr1jbyDgc9sOOLlaDakjJyklGVFI6L0mbaFrnPtP4e2j-TsF1CTuYR9HsOlwp13KUz02S-zoik5TlIUzor1gO8uECjS7EiT3lOrQOlhYiq8vOPpO9ro_DJuUIbXAE0g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 63642977
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame BDC2 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
URL: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 16:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 16:09:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame BDC2 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
URL: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 06:26:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BDC2 0
0 48ms
47ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4UeyTveYpsd7LkQL5KMO4WaXWVbK7oreqJCTmC2U8VQXNww4hi3Zob1Eejc6qRvBHcprS
Requested by: Host: 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
URL: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BDC2 24 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
URL: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 07 Sep 2024 06:26:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDC2 181 KB
57 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
URL: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 18:01:24 GMT

GET
H2 200 Ufe3LcCoyKoAADivRIsAAAAC.png
www.dianomi.com/img/uploads/ Frame FD5B 1 KB
1 KB 52ms
51ms Image
image/webp 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:24 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 217593
cf-polished: origFmt=png, origSize=2126
content-disposition: inline; filename="Ufe3LcCoyKoAADivRIsAAAAC.webp"
content-length: 1026
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Aug 2020 14:28:40 GMT
server: cloudflare
etag: "84e-5acc31eddb600"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 803918b92884382c-FRA
expires: Mon, 09 Oct 2023 04:01:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 45ms
45ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=webcasts&wf=1&ra=3&pxm=1&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3M7I1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wzyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-s8N%2BQl14YxN2gA%3D%3D&sc=1&os=1-nQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1090&gp=420.84375&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&id=1&ii=4&f=0&j=&t=1694196081543&de=72678852953&rx=586964791651&cu=1694196081543&m=3164&ar=6f742097-clean&iw=45864f5&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=420.84375&lb=4456&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3445%3A2860&as=0&ag=53&an=0&gf=53&gg=0&ix=53&ic=53&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=53&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=105&cd=0&ah=105&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270685228&bo=cutimes&bd=webcasts&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=69&na=1650445428&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 Sep 2023 18:01:24 GMT

GET
DATA 200
OK truncated
/ Frame BDC2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4ddde1832d684009774721ca4446971d95dba0d1a1c515f19e4952ae87ef1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BDC2 0
0 82ms
82ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ci2MGc2H7ZNaKL9KL3gOYn6T4A8me0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMTI2MTk5MjQ0NDgwMzg3NcgBCakCj8oZsgXzsT7gAgCoAwHIAwKqBLkCT9BiKgK4z-kAwWn1anePlKloxS9JHVks3cqHqmRSe7_43y3uWE-qfToUG2-cLXBgOJsLb5vqA41A7aTRZFMDsP1mWU1p3sR947tOhl223QbA0JNZzDjNh4liR_WleTNUz7VjVCNOL0nvTIMPtJHuSxWjhNgQarXBqKmLrfEBmjLCUOFPtHrghO80C_lajUFLyVxisDL4tlYydcln1tkaPHeOFGWSCIa02nrXvXNSHqA1xvFtTH5L-xWJvNWx4Ww_Z-0U7FVkcIKsBJNc_WlXPWVg6qlS_7r9uohv2X1YCWRYzDldOtXrNzMcYUPaFF_mMmzsifHdreEH_FpUAz9EKj1QLn6F7g-cQuaM7HnUyy-OaE43KiDtqetBnY7UGXjNx6QqILaR1Eu5RrmFXW1WlnggWJVac_x1qOAEAYAG6o7pkfHckYcaoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEyNjE5OTI0NDQ4MDM4NzUYj8pq&sigh=ZdHklBF48Yc&uach_m=[UACH]&cid=CAQSPABpAlJW0IfQuZDJj5CRUs6T17-7ht5RZ2j55GpwROTnfB7PAKYxFigzku9ED-OIBLQohhfVP27b7DITfhgB&cbvp=2&vis=1
Requested by: Host: 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
URL: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame BDC2 0
126 B 128ms
42ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EI-lBKwC2ASdg2ICAgAAAKMj7eO1Q7BaVYb8dwk5jtsQc2H7ZD1ilHMk1zeeKLAAABIAAAoKQVFVQkFRRUJBUQ&wp=ZPthcwALxVYKd4XSAAkPmFXVrfwKAcrnjbKa8Q&cbvp=2

Requested by

Host: 58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
URL: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:24 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 160100
server: Kestrel
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 484B 42 B
64 B 145ms
145ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRxzNaiq5AkfVRat_RId8oIRkcd13mNu7fu13S0AdDLJECrPOPOXSEOxoCJF609xYYgMUFJtD-KvqaAM2i8nrDeDAROVRZ-e441LOpiqkKj6_l6276vjbBsStBxGZM&sig=Cg0ArKJSzDDTwFcHFSopEAE&id=lidar2&mcvt=1002&p=164,436,254,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230906&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2275873130&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694196083256&rpt=535&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12BE 42 B
64 B 145ms
145ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhQVTvgtG5Xl_Imd2rgSc0q6xZlVyJ9IDzvztC1Ehn7YjyqqvTTgUr1N0D5564S_7Nj7eKVt5YUMyEU3hRg-1IBGSbnnw_nEeBlt-sA0vm5_fgMlxmoK61RlpJ51Wt&sig=Cg0ArKJSzCGqhKHqv0mNEAE&id=lidar2&mcvt=1000&p=450,1090,700,1390&mtos=200,200,1000,1000,1000&tos=200,0,800,0,0&v=20230906&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=99132293&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694196083574&rpt=428&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BDC2 42 B
64 B 147ms
147ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfFJvMzUyfkp3vvV57o5owokEDFFbxIBn_vcVTZ3L-MvRTvJ5xG0R3wRx6Y12Zp7YhPo16Z_Ji4hM0POoj5YS5EHjcccZDnRMJb54&sig=Cg0ArKJSzCnt7RzJHoiZEAE&id=lidar2&mcvt=1000&p=420,1090,1020,1390&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2689798602&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694196084192&rpt=592&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=webcasts&wf=1&ra=3&pxm=1&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3M7I1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wzyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-s8N%2BQl14YxN2gA%3D%3D&sc=1&os=1-nQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1090&gp=420.84375&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&id=1&ii=4&f=0&j=&t=1694196081543&de=72678852953&rx=586964791651&cu=1694196081543&m=4259&ar=6f742097-clean&iw=45864f5&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=420.84375&lb=4456&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3445%3A2860&as=1&ag=1152&an=53&gi=1&gf=1152&gg=53&ix=1152&ic=1152&ez=1&ck=1152&kw=1003&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1152&bx=53&ci=1152&jz=1003&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=105&ah=1003&am=105&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270685228&bo=cutimes&bd=webcasts&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=69&na=659559132&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 Sep 2023 18:01:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
40ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=webcasts&wf=1&ra=3&pxm=1&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3M7I1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wzyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-s8N%2BQl14YxN2gA%3D%3D&sc=1&os=1-nQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1090&gp=420.84375&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&id=1&ii=4&f=0&j=&t=1694196081543&de=72678852953&rx=586964791651&cu=1694196081543&m=4260&ar=6f742097-clean&iw=45864f5&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=420.84375&lb=4456&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3445%3A2860&as=1&ag=1152&an=1152&gi=1&gf=1152&gg=1152&ix=1152&ic=1152&ez=1&ck=1152&kw=1003&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1152&bx=1152&ci=1152&jz=1003&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270685228&bo=cutimes&bd=webcasts&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=69&na=1717629501&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 Sep 2023 18:01:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 40ms
39ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=cutimes&zMoatAdUnit2=webcasts&wf=1&ra=3&pxm=1&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3M7I1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wzyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-s8N%2BQl14YxN2gA%3D%3D&sc=1&os=1-nQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1090&gp=420.84375&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2Fwebcasts%2F%3Fslreturn%3D20230808140118&id=1&ii=4&f=0&j=&t=1694196081543&de=72678852953&rx=586964791651&cu=1694196081543&m=4261&ar=6f742097-clean&iw=45864f5&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=420.84375&lb=4456&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2872%3A2872%3A3445%3A2860&as=1&ag=1152&an=1152&gi=1&gf=1152&gg=1152&ix=1152&ic=1152&ez=1&ck=1152&kw=1003&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1152&bx=1152&ci=1152&jz=1003&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4525440395%3A2480285401%3A5003141755%3A138270685228&bo=cutimes&bd=webcasts&gw=almheader466656885399&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=69&na=135645921&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 Sep 2023 18:01:25 GMT

GET
H2 200 pd Show response
yourbow-d.openx.net/w/1.0/ Frame 2C73 0
176 B 157ms
50ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://yourbow-d.openx.net/w/1.0/pd
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 08 Sep 2023 18:01:26 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 /
onetag-sys.com/usync/ Frame ED00 0
0 41ms
40ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1694196082693

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 41C9 24 KB
8 KB 156ms
55ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUN4B97C&prvid=2034%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C3012%2C2087%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f3d5d6495ed5a386eade2d979f9840927aaa0bd5efbac9dc3ad07a58ca7c2cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8475
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 18:01:26 GMT
expires: Sun, 10 Sep 2023 18:01:26 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 204 isyn
prebid.a-mo.net/ Frame A46A 0
0 47ms
45ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Fri, 08 Sep 2023 18:01:25 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FC6F 52 KB
17 KB 182ms
43ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 08 Sep 2023 18:01:26 GMT
ETag: "623de86a-cf34"
Expires: Sat, 09 Sep 2023 18:01:28 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 735C 15 KB
6 KB 148ms
56ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=108458
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 08 Sep 2023 18:01:26 GMT
expires: Sun, 10 Sep 2023 00:09:04 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5607 281 B
554 B 136ms
40ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-09-08-14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Sep 2023 18:01:26 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5607 35 KB
10 KB 41ms
41ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5808454badb7af9321ed7e4c1ff21edbdd449266c49c8c003f7bc06106fbc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 18:01:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Sep 2023 13:30:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=70096
Connection: keep-alive
Content-Length: 10211
Expires: Sat, 09 Sep 2023 13:29:42 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 735C 2 KB
2 KB 158ms
47ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12005856&p=158370&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b35e7b05594246aca3454469fde0f794656ffdbf7e12b0398114e9785e68110b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 08 Sep 2023 18:01:26 GMT
content-length: 1710
content-type: text/html; charset=UTF-8

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame FC6F 0
594 B 82ms
82ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
an-x-request-uuid: 4c7dbd1c-8294-4dda-b2ee-9b6be17f535a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 5607 70 B
264 B 195ms
60ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5607
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1BV0xSTVItMTktTTZMNg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELn9MKXPQuVaH4_S_1B7QLQ&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1BV0xSTVItMTktTTZMNg==&google_push=

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1BV0xSTVItMTktTTZMNg==&google_push=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1BV0xSTVItMTktTTZMNg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5607
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELHs40Hllf1LaXVcRbW89U0&google_cver=1

0
239 B

171ms
42ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELHs40Hllf1LaXVcRbW89U0&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELHs40Hllf1LaXVcRbW89U0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5607
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTdiODNiMjgxMzE5MzllNDBhMTgzMjdjMTZmODEzNGZjNThiMzIzZQ

170 B
188 B

54ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTdiODNiMjgxMzE5MzllNDBhMTgzMjdjMTZmODEzNGZjNThiMzIzZQ

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTdiODNiMjgxMzE5MzllNDBhMTgzMjdjMTZmODEzNGZjNThiMzIzZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 5607
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMAWLRMR-19-M6L6

0
143 B

236ms
230ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMAWLRMR-19-M6L6
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:25 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 96EFAF7CB5CE400F877600E1F3F1333B Ref B: DUS30EDGE0914 Ref C: 2023-09-08T18:01:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYE3MPsLq6nw2Bn1zQf/g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMAWLRMR-19-M6L6
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5607
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/6znxcjtUDR6Ya3XxyIXX_Mn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xuy8iIdE2oL_LM1iJ0UTWlZBrVZPANTO98axRg--~A

0
239 B

66ms
41ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xuy8iIdE2oL_LM1iJ0UTWlZBrVZPANTO98axRg--~A
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 08 Sep 2023 18:01:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xuy8iIdE2oL_LM1iJ0UTWlZBrVZPANTO98axRg--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 5607
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qdCdzLydRdK4lDuvIXjhLg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qdCdzLydRdK4lDuvIXjhLg

43 B
479 B

123ms
122ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qdCdzLydRdK4lDuvIXjhLg

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 18:01:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A62DCN7HRXTHHAG0Y67H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qdCdzLydRdK4lDuvIXjhLg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5607
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AfcL4CAHSXuxUOx7L8B2WA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AfcL4CAHSXuxUOx7L8B2WA

43 B
720 B

133ms
133ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AfcL4CAHSXuxUOx7L8B2WA

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 18:01:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3SK94C2EK8BMJSA3JDDB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AfcL4CAHSXuxUOx7L8B2WA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E452
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

143ms
42ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 08 Sep 2023 18:01:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 18:01:25 GMT
expires: Fri, 08 Sep 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1228852
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 735C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NwgKb1t1QEi2WXXnSl5cYA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

40ms
40ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:26 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=108458
accept-ranges: bytes
content-length: 5606
expires: Sun, 10 Sep 2023 00:09:04 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 735C 49 B
265 B 189ms
56ms Image
image/gif 34.249.118.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=37080A6F-5B75-4048-B659-75E74A5E5C60&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.118.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-118-122.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.10
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 735C
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3528795894
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=37080A6F-5B75-4048-B659-75E74A5E5C60

0
284 B

151ms
49ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=37080A6F-5B75-4048-B659-75E74A5E5C60
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
via: 1.1 google
last-modified: Fri, 08 Sep 2023 18:01:26 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=37080A6F-5B75-4048-B659-75E74A5E5C60
date: Fri, 08 Sep 2023 18:01:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 735C
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=37080A6F-5B75-4048-B659-75E74A5E5C60
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWVtcjUySEk4SWxUV3EwbzBOa08zekx6UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=2867375709198133345&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

118ms
118ms

Image
image/png

52.205.47.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: HTTP/1.1
Server: 52.205.47.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-47-26.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 18:01:27 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 08 Sep 2023 18:01:27 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 735C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzcwODBBNkYtNUI3NS00MDQ4LUI2NTktNzVFNzRBNUU1QzYw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

159ms
47ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 08 Sep 2023 18:01:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 735C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOOLFvkW20RTOIvyqvutnBs&google_cver=1

42 B
347 B

152ms
48ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOOLFvkW20RTOIvyqvutnBs&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 08 Sep 2023 18:01:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOOLFvkW20RTOIvyqvutnBs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 735C 43 B
610 B 197ms
47ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 07 Sep 2023 18:01:26 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 735C 70 B
265 B 159ms
58ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 735C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2867375709198133345

42 B
322 B

81ms
44ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2867375709198133345
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 08 Sep 2023 18:01:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2867375709198133345
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame FC6F 0
594 B 40ms
39ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:27 GMT
an-x-request-uuid: 8b17c96f-29ac-4965-bd18-7f4f4ac93b90
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1784 2 KB
1 KB 48ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPthcwALxVYKd4XSAAkPmFXVrfwKAcrnjbKa8Q&u=%7CgGaZFRvY%2FyrzdFH1WpqESZd42eBym4NirGglLhRg7hY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSM6boGrTGaVhphTuIU_fhho2rqRv486Nl8sHUrWfxKVtrhReMZI7QfdxBefGFkx_LxFxy9pYNBbXSntFPv3QXid87oo-Ek2K1W7WRNi_Nk6Mcjb1Mt-SAKyfX-OnTEQ1PL9GOroswS5sI99xmIUXlucnrG4CRDd4njObyITCb3V0T7LyMqszMMU6HLcL5sDX3fHBoNeZNa7NT5fGgfcARSQdHDJdYAEhIGkTJIrVL41IeAEKfFZgC3p05vXj8UjykSdYRKnxrT-GHk60bZUWC7f7psP980WOAvj8CvIy_DPXYM24f1xDKazVCXZkkK8EpujxGPihmW0LBwCOi_r6YO40KHTti1k-imZoiP_V9STsVMg0_HPRzIv7lkj-wKoitgz5eXbmfAjAMEVWp11SJ20uxp_AvxK0Z2KX83FEPb9N5niXe6vnjaIWdUucQsFLPxdGbNA9Fplb5ARx_mrCcWwNd7Y-eneH6gTGRTrlWyHeD-m4bGTY3ko91AR5ZY2JZRto4nZ0-VMYvsA7qVsoHFcucyMi31hMvx5Yek979TDbXtfkrqYsXWqBOBW0oBikS72zF3AvlGc5oYZwwIh0XsL1boeVIJ0oO4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEJ3rc2H7ZNaKL9KL3gOYn6T4A8me0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMTI2MTk5MjQ0NDgwMzg3NcgBCakCj8oZsgXzsT7gAgCoAwHIAwKqBLwCT9BiKgK4z-kAwWn1anePlKloxS9JHVks3cqHqmRSe7_43y3uWE-qfToUG2-cLXBgOJsLb5vqA41A7aTRZFMDsP1mWU1p3sR947tOhl223QbA0JNZzDjNh4liR_WleTNUz7VjVCNOL0nvTIMPtJHuSxWjhNgQarXBqKmLrfEBmjLCUOFPtHrghO80C_lajUFLyVxisDL4tlYydcln1tkaPHeOFGWSCIa02nrXvXNSHqA1xvFtTH5L-xWJvNWx4Ww_Z-0U7FVkcIKsBJNc_WlXPWVg6qlS_7r9uohv2X1YCWRYzDldOtXrNzMcYUPaFF_mMmzsifHdreEH_FpUAz9EKj1QLn6F7g-cQuaM7HnUyy-OaE51KAF_KXiRoCgEPqJB502OLpGbYkGXXjsxlVDwZMc-dI3CuWhVQa8guuAEAYAG6o7pkfHckYcaoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0HvM4d2YuPyZ88nzLNGIc81CybLA%26client%3Dca-pub-1261992444803875%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 18:01:27 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1784 2 KB
1 KB 46ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 18:01:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1784 308 B
636 B 46ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 02 Sep 2024 18:01:27 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1784 293 B
621 B 51ms
50ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 02 Sep 2024 18:01:27 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 1784 43 B
348 B 125ms
41ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=n5tFPHYodlBGV-9CbxHmTD-pSvYy_2Wc5DtmPns2nO2rVbMpnBRjmjfGnPQTB7GtpOq_PS3y65czyEaQwfJXmSeCBpP5AzzkSugjslPDZDbMDpP2q_4KZZiU6I4CfdmKxMGPuerHVe4v9M9qJ5XN35Pp5Nn8lgxwxQX5m3LHHJ6QuzRiK_0UDfYY-gth9YSe0uFjsWKDRJTlYO18OYsN19Hx7tMhMpeEx5jyMCXXuIsvSsTL4UovIAJgjWcfnzm5kb3TELH5XX5NTST-C5dC2B0M3C00B-_qV2XfL-35pOwg-SVXvyt2Wv3Xr934UrlEkdLw6MnVh8yHdFPEdvJrmJILWipt-8GudTcDm9v8fS9s7tlJnuvNwLahtiyfW0qV-gPwcxFbjsnaPNBOmaGK_xKKRd0eWvPFccya4QdIXMPomsTx_u6a-ZjYhRfFI99SUb_2N0c41kx4n4m5RsrYBuZAA-g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2281836
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 1784 46 KB
46 KB 65ms
65ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 18:01:27 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 1784 38 KB
38 KB 54ms
54ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 18:01:27 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1784 12 KB
5 KB 49ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4307333
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jUKpd6fdudtXAlwvA2ZRQX4DFUkcOSCI6iHG7WWqW07xHBh8i%2BOxTWZKdYch8S5ew3tdXrVEW8pTitIFwoQ8pKbcs%2B%2BQcuHiBT2zK%2Bsz5m4XGiHIqJK%2BI8EstwJ1bFkvkYd2sX8YJIol1CYQbg3d9qF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 803918cb3aae2c22-FRA
expires: Wed, 28 Aug 2024 18:01:27 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1784 12 KB
6 KB 49ms
48ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 18:01:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 5 KB
5 KB 274ms
172ms Image
image/png 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=104&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=596&s=RHFnzKqE_m4xAaPo168bgmBw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e28f9a97c9ff2e04da97bc5085447b9b0b43769e45529012b84cde452c497663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 4791
expires: Sun, 11 Aug 2024 06:41:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 32 KB
33 KB 210ms
108ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4918258%2Fadd99ba09062453c85f01b64b8e2ce89_img_square_03.jpg&v=3&w=1200&s=_AuBREZKbGoTb239Bg64Ncw8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

8ca105c8d25403c1a2f429166be7202e4fb04c8dc334c1d33065c56a09909618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 33072
expires: Sat, 17 Aug 2024 14:35:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 24 KB
24 KB 288ms
186ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21186505-GxTQpvpG.jpg&v=3&w=400&s=cL0D8KMrqFEeYFm28aqEeE1e&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

895e3e9c91bc92db50f6b7c02ab3a0f2fbd57de3abe79297eb31abb0145706ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 24568
expires: Wed, 13 Sep 2023 14:54:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 28 KB
28 KB 258ms
157ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21149183-PLIuYCJx.jpg&v=3&w=400&s=YJkDL-KcCxhq9EV_bd-Uy7_F&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

b188ef43451b5536877b89d51cad5de630be0baba989df918cd71a462c2a3153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 28236
expires: Wed, 13 Sep 2023 11:23:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 9 KB
9 KB 156ms
55ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23123587-sGF4DMlD.jpg&v=3&w=400&s=zdzJoBJpdHXuN6hixPUZrp0E&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

fae5d7493064c647b20b14bca22467d8715394e78171a5830ff3097386075d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 9526
expires: Fri, 15 Sep 2023 07:46:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 1 KB
2 KB 157ms
56ms Image
image/png 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&s=LMbwVQqqZkIT_OqRJg0FwumN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 1366
expires: Mon, 02 Sep 2024 05:46:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 18 KB
19 KB 155ms
154ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23117447-dz9PQKjB.jpg&v=3&w=400&s=MbUrTtKwm0vFaiCN9b7YIyJh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

acca672d4cdba50cc3ee2fef531d296c03609db99b332e18f2bf54cef9cf9513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 18816
expires: Thu, 14 Sep 2023 14:55:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 10 KB
10 KB 191ms
190ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1660893986%2F22190457-YNazZy6w.jpg&v=3&w=400&s=KTQhfajMGBdcat0aJiNBdniN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

1161b22ee942c30148d3a8be465aab7a53f11982af7fcd0a4428c8772b47d128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10162
expires: Sat, 09 Sep 2023 09:32:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 17 KB
17 KB 165ms
164ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1544094890%2F18370102-LHBKJULD.jpg&v=3&w=400&s=azODS5_1OlwxTRRSmxXUzvVG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

9cfd6a38248d4d685a10d28aa0b8234c556f2149a66e6671cc09d23e8b677e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 17590
expires: Sat, 09 Sep 2023 18:56:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 17 KB
17 KB 179ms
178ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1625124604%2F21161572-qiggTtEM.jpg&v=3&w=400&s=pm_T3EPbdLONqd4f0AtKbCjd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

3748f74ccf5f20f65d18c959dd7768832f2319fe548c2fe7d7169b7b02b69787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 17036
expires: Mon, 11 Sep 2023 11:27:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 14 KB
14 KB 171ms
170ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23123147-RfGS8OYu.jpg&v=3&w=400&s=uci66ZKC4hjL2GT_QcrBwQDz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

de5bef16f3955f5f06f7614f08a9167e2b02d2fe2f11273c1a58c626111fdd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13992
expires: Fri, 15 Sep 2023 06:53:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 21 KB
21 KB 185ms
184ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1655806887%2F22133814-tFc9o1PD.jpg&v=3&w=400&s=KXN5B-bfX2Y3Kd18kvWBeAff&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

f1107f5944cdc211e6bbdcbdeaab6390839e7d834015308afa00d2ce235176cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 21088
expires: Tue, 12 Sep 2023 19:02:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 7 KB
8 KB 185ms
184ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23101055-rSJ5Rmuo.jpg&v=3&w=400&s=HSEFC4i1FQPQTLL_XmyT-aZg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e0754122ccf9b825d230893813e6913e6d5dc8b8c029645a94c9671209dc3e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 7656
expires: Fri, 15 Sep 2023 09:01:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 12 KB
12 KB 194ms
193ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20161635-8t9TSb4U.jpg&v=3&w=400&s=AkDjzFcHYtkwCHJkFS4vTrcO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

c9be5afbba175bdc7cafdc31915c7bebf1c89ba6fcdc37cf1c9dc30cad3973b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 11954
expires: Tue, 12 Sep 2023 07:37:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1784 12 KB
12 KB 199ms
198ms Image
image/webp 2a02:2638:d::13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23112521-7vNvnt7G.jpg&v=3&w=400&s=mZlUTAETyrrVPrbgeAqABzHU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

0d7e02d412da92ccf0e4e976523d8df8256b43575f33f2fccbfde42933c1357c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 12392
expires: Fri, 15 Sep 2023 07:14:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1784 0
128 B 145ms
46ms Ping
text/plain 2a02:2638:3::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=nOGM9KhINbyvTr0_URhLXGYt7ucgB6f_ynyVaXUuO-4YON420z9HpPeuIdkI6kFUnczpnRY_nTO2nhfG_sgBJoHMwq9uws5zVtHcc_7cMsg70MfDOd9NSyyLz--W8mqi3kW6nmWJr1jbyDgc9sOOLlaDakjJyklGVFI6L0mbaFrnPtP4e2j-TsF1CTuYR9HsOlwp13KUz02S-zoik5TlIUzor1gO8uECjS7EiT3lOrQOlhYiq8vOPpO9ro_DJuUIbXAE0g&sds=2&rev=88100.4&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 08 Sep 2023 18:01:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1784 2 KB
1 KB 46ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 18:01:27 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1784 2 KB
1 KB 47ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 18:01:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 02 Sep 2024 18:01:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=tFP8ZXxmU0IrUFJlMUh4RXFjanNRd1VsYW9HTHZVTVk2QmNMUkNiVDA4WWR3aWQyamNkZ2oreWJvS2hlSVB1WStjUThwa0tuS3JNZUhuQnRPTXBvN28zaC9IQmlqdjRmQWF2enU5SDJpNVZncTk1MGpNQVpFS0t5dEd3bFdMMFdkVzc2NWtpeFJVVUYxcU1ReGpEMjZqUVpnWVlxMmFMYmFTTjJNeE5BN3BTb1FoOHpMbkl4eW9hVlgvb2lrSGNFSUg0a2lpLzROMWpvemRRRk9LZEpQcEVVTXJyNGM4aUVNaDJPMVRVMHBTYzdUNHg5R2dkRlBtYWVyUHE2cUNSd2JLUnByamQ2OU1Fcm1aU3RaM09rN3c0ZUpJUT09fA&cppv=2

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

88 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
store.law.com/	1970-01-20 14:36:39	Name: regSID Value: 6223de93-8a70-4117-952d-3b1245c0d7b3
.law.com/	1970-01-20 14:37:19	Name: ipAddress Value: 71UjdcNRCIw1pH02
.law.com/	1970-01-21 00:12:36	Name: UCID Value: 1b90996f-f852-40d6-b355-7c9198272434
store.law.com/	1970-01-20 14:37:19	Name: CSRFToken Value: E_CaDCsoQMiNhuzLQdh_aqShDWVt1AtaNOAUgO_5OZI
.law.com/	1970-01-20 14:37:19	Name: ActiveDomains Value: pBFiNZNKRc5v%2fCBl81BBygc%3d
store.cutimes.com/	1970-01-20 14:36:39	Name: regSID Value: 5787d981-2483-4444-a8f9-b52407d21bbd
.cutimes.com/	1970-01-20 14:37:19	Name: ipAddress Value: 5QQ9dsxQR4shpH4zuEQbl1CUOA%3d%3d
.cutimes.com/	1970-01-21 00:12:36	Name: UCID Value: eb2985ff-27b9-48a7-8603-3a4ea2d8b699
www.cutimes.com/	1970-01-20 23:22:12	Name: ssoCompliant Value:
www.cutimes.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.cutimes.com/	1970-01-20 23:22:12	Name: oly_fire_id Value: 3348C6813023A1M
.cutimes.com/	1970-01-20 23:22:12	Name: oly_anon_id Value: 892036d6-a773-4629-8ec8-473153cadd7f
.cutimes.com/	1970-01-20 23:22:12	Name: utag_main Value: v_id:018a75f4a4b0001ea4e6024893d503074003906c00b08$_sn:1$_se:1$_ss:1$_st:1694197881840$ses_id:1694196081840%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com
.adnxs.com/	1970-01-20 16:46:12	Name: uuid2 Value: 8851243300537448822
.cutimes.com/	1970-01-21 00:05:24	Name: _cb Value: BsgQ4YB5YsGCCFOdGX
.cutimes.com/	1970-01-21 00:05:24	Name: _chartbeat2 Value: .1694196082089.1694196082089.1.u3J-YCYBBxrBbqXHLDGQBjqznTjw.1
.cutimes.com/	1970-01-20 14:36:37	Name: _cb_svref Value: null
.demdex.net/	1970-01-20 18:55:48	Name: demdex Value: 41728338892568179871037852171201155871
.cutimes.com/	1969-12-31 23:59:59	Name: AMCVS_96C4370453295E4C0A490D44%40AdobeOrg Value: 1
.cutimes.com/	1970-01-20 16:46:12	Name: _gcl_au Value: 1.1.245346085.1694196082
.twitter.com/	1970-01-21 00:12:36	Name: personalization_id Value: "v1_mWTNNdNt67VqeiqeDADRrg=="
.everesttech.net/	1970-01-20 23:22:12	Name: everest_g_v2 Value: g_surferid~ZPthcgAAAJbTyQNn
.t.co/	1970-01-21 00:12:36	Name: muc_ads Value: 5975d812-6c60-44b3-8987-03723333d839
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
www.cutimes.com/	1970-01-20 14:38:02	Name: ln_or Value: eyI3MTQ1MzAiOiJkIn0%3D
.dpmsrv.com/	1970-01-21 00:12:36	Name: dpm_pxl Value: c7a9246f05af485ebcbcbf90533880b5fa999aa2
.dpmsrv.com/	1970-01-21 00:12:36	Name: dpm_pxl_aid Value: 8851243300537448822
.linkedin.com/	1970-01-20 16:46:12	Name: li_sugr Value: a058970d-39f3-457c-9750-50b068447bce
.linkedin.com/	1970-01-20 23:22:12	Name: bcookie Value: "v=2&fdce036e-5eb1-4d82-8c8b-68c91bd917f7"
.linkedin.com/	1970-01-20 14:38:02	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2587:u=1:x=1:i=1694196082:t=1694282482:v=2:sig=AQEbok4zWBcRl6QwcNSI6GZnv4w1hgNt"
.dpm.demdex.net/	1970-01-20 18:55:48	Name: dpm Value: 41728338892568179871037852171201155871
.cutimes.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.cutimes.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 23:58:12	Name: IDE Value: AHWqTUm2MorQeoMvD3YBkNh7cfbrRA2OVOHx_mwtdkKBVhTp02KweFP_ICxAiFcliZk
.rubiconproject.com/	1970-01-20 23:22:12	Name: khaos Value: LMAWLRMR-19-M6L6
.rubiconproject.com/	1970-01-20 23:22:12	Name: audit Value: 1\|naVuGyos1qofMC76qoyGFQNb0fGVcfL/XWaA1sYWTLE9gLr7Yht2ffqODcdVl+sH+EMertEmWyaHhfnFT4rLmuBxGCOXoSK1I8bbQ2uRe5K+xUA9sgf/4b7FQD2yB//h
.e-planning.net/	1970-01-21 00:12:36	Name: E Value: AFY1E8SZsmrgWfxX
.cutimes.com/	1970-01-20 16:46:12	Name: _fbp Value: fb.1.1694196082632.2024501653
.cutimes.com/	1970-01-21 00:12:36	Name: AMCV_96C4370453295E4C0A490D44%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19609%7CMCMID%7C40104624691584232990011211734181485919%7CMCAAMLH-1694800882%7C6%7CMCAAMB-1694800882%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1694203282s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19616%7CvVersion%7C4.4.0
www.cutimes.com/	1970-01-20 14:36:36	Name: olytics_dfp_keys Value: []
www.cutimes.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.cutimes.com/	1970-01-20 23:58:12	Name: __gads Value: ID=8aa15141bbe365c8:T=1694196082:RT=1694196082:S=ALNI_MZSJnvZrSISjiNHFyxzUUebU9B1Lw
.cutimes.com/	1970-01-20 23:58:12	Name: __gpi Value: UID=00000c704d50e80c:T=1694196082:RT=1694196082:S=ALNI_MadAykL3_PqsLkZW1dcjKY-KJQ27w
.linkedin.com/	1970-01-20 15:19:48	Name: UserMatchHistory Value: AQI4y1XpsSGxZgAAAYp19Kf5GSC1cjQmxN0I2aPbDWvRWYqBYaGf3nZ6CGbFI4TzEW6r3Nk0HcM2GQ
.linkedin.com/	1970-01-20 15:19:48	Name: AnalyticsSyncHistory Value: AQKolU6mdT-aUgAAAYp19Kf5TypWOxks6V_gAkRXHdLTTewzdZzKjQ4XeoMLvaNr48vpgNf9zvhU1nY4uvqr7A
.cutimes.com/	1969-12-31 23:59:59	Name: s_tp Value: 4078
.cutimes.com/	1969-12-31 23:59:59	Name: s_ppv Value: cut%253Awebcasts%2C29%2C29%2C29%2C1200%2C3%2C1
.criteo.com/	1970-01-20 23:58:12	Name: uid Value: 54c0dede-3bdd-43eb-b133-92080e7163cc
.www.linkedin.com/	1970-01-20 23:22:12	Name: bscookie Value: "v=1&20230908180122ef04c8a1-5c47-4dbe-855d-d811e72ecddcAQF82ovfBj4IyNcKD8zG2VpsHj_BSzVX"
.linkedin.com/	1970-01-20 18:55:48	Name: li_gc Value: MTswOzE2OTQxOTYwODI7MjswMjH1JHA8jS7e7iwHADdUPNS1i6eI4DuRw2vORWfb6MXM9Q==
.pardot.com/	1970-01-21 00:12:36	Name: visitor_id997701 Value: 143801640
.pardot.com/	1970-01-21 00:12:36	Name: visitor_id997701-hash Value: c9a8ffa34583f65808bdcdd68f5251180d3fcf0266b44e083a7b95608b19c1cf61fcacb6f177b9fcc7fb5f6e5f4415acb9b73987
pi.pardot.com/	1970-01-20 14:36:37	Name: lpv997701 Value: aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vd2ViY2FzdHMvP3NscmV0dXJuPTIwMjMwODA4MTQwMTE4
www.cutimes.com/	1970-01-21 00:12:36	Name: visitor_id997701 Value: 143801640
www.cutimes.com/	1970-01-21 00:12:36	Name: visitor_id997701-hash Value: c9a8ffa34583f65808bdcdd68f5251180d3fcf0266b44e083a7b95608b19c1cf61fcacb6f177b9fcc7fb5f6e5f4415acb9b73987
.adnxs.com/	1970-01-20 16:46:12	Name: icu Value: ChgIv494EAoYAyADKAMw88LtpwY4A0ADSAMQ88LtpwYYAg..
.prebid.a-mo.net/	1970-01-20 23:22:12	Name: __amc Value: 4_1694196082_1694196083
.cutimes.com/	1970-01-20 23:22:12	Name: cf_clearance Value: 7jtl4PZNMkX0ndo5xlCZ0YhgExRpNO8dPl5f4oeUaT0-1694196083-0-1-44898c96.d86c4d7c.1388d376-0.2.1694196083
www.cutimes.com/	1970-01-20 14:38:02	Name: almGeoLoc2 Value: DE
go.alm.com/	1970-01-21 00:12:36	Name: visitor_id997701 Value: 143801640
go.alm.com/	1970-01-21 00:12:36	Name: visitor_id997701-hash Value: c9a8ffa34583f65808bdcdd68f5251180d3fcf0266b44e083a7b95608b19c1cf61fcacb6f177b9fcc7fb5f6e5f4415acb9b73987
.adfarm1.adition.com/	1970-01-20 16:46:08	Name: UserID1 Value: 7276516769511377676
.adfarm1.adition.com/	1970-01-20 14:36:37	Name: lv_6098011 Value: w=4851120\|t=1694196083
m.exactag.com/	1970-01-20 16:46:12	Name: exactag_new_gk Value: fc9c633ec4a84e5b86ddd75e0b088664%7C07.11.2023%2018%3A01%3A24
m.exactag.com/	1970-01-20 18:55:48	Name: exactag_new_uk Value: 06d34cdd65c24e72a1b31daf36453fe4%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 43ca34ed8b954ab2a2180f99
.doubleclick.net/	1970-01-20 18:55:48	Name: APC Value: AfxxVi6fE6jGwOmnkyXmJ-H8qtRPh2O6AK6Kq3QIMbbZpQF_5yPkRQ
.ads.pubmatic.com/	1970-01-20 14:38:02	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 23:22:12	Name: KADUSERCOOKIE Value: 37080A6F-5B75-4048-B659-75E74A5E5C60
.pubmatic.com/	1970-01-20 16:46:12	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 14:38:02	Name: pi Value: 158370:2
.pubmatic.com/	1970-01-20 16:46:12	Name: DPSync3 Value: 1695340800%3A241_235_201_245
.pubmatic.com/	1970-01-20 16:46:12	Name: SyncRTB3 Value: 1695340800%3A13_54_56_220_21%7C1695427200%3A35
.adform.net/	1970-01-20 15:19:48	Name: C Value: 1
.weborama.fr/	1970-01-21 00:02:31	Name: AFFICHE_W Value: iKyBCWuOb2WI17
.adform.net/	1970-01-20 16:03:00	Name: uid Value: 2867375709198133345
.simpli.fi/	1970-01-20 23:23:38	Name: suid Value: 2A443E9EE5AD4EB28708C262FC531783
.pubmatic.com/	1970-01-20 16:46:12	Name: KRTBCOOKIE_80 Value: 22987-CAESEOOLFvkW20RTOIvyqvutnBs&KRTB&23025-CAESEOOLFvkW20RTOIvyqvutnBs&KRTB&23386-CAESEOOLFvkW20RTOIvyqvutnBs
.pubmatic.com/	1970-01-20 15:19:48	Name: PugT Value: 1694196085
.pubmatic.com/	1970-01-20 15:19:48	Name: KRTBCOOKIE_391 Value: 22924-2867375709198133345&KRTB&23263-2867375709198133345&KRTB&23481-2867375709198133345
.amazon-adsystem.com/	1970-01-21 00:12:36	Name: ad-privacy Value: 0
www.cutimes.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 5.003
.yahoo.com/	1970-01-20 23:22:33	Name: A3 Value: d=AQABBHZh-2QCEIF7oVR5V6gSzyk__AEAhagFEgEBAQGy_GQFZQAAAAAA_eMAAA&S=AQAAAqySaMBjAx9AYPKFMngZi-o
.audrte.com/	1970-01-20 14:58:12	Name: arcki2 Value: eemr52HI8IlTWq0o0NkO3zLzQ!20220908!1694196086795!ip#80.255.7.106
.audrte.com/	1970-01-20 14:58:12	Name: arcki2_pubmatic Value: 37080A6F-5B75-4048-B659-75E74A5E5C60!20220908!1694196086797
.amazon-adsystem.com/	1970-01-20 19:33:14	Name: ad-id Value: Ayt-C5MpkEKHmRkPxVHuZBI
.audrte.com/	1970-01-20 14:58:12	Name: arcki2_ddp2 Value: eemr52HI8IlTWq0o0NkO3zLzQ!20220908!1694196086976
.audrte.com/	1970-01-20 14:58:12	Name: arcki2_adform Value: 2867375709198133345!20220908!1694196087156

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=8851243300537448822 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://cdn1.opstag.com/14471/index.js Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=(Line 65) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security	error	URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=(Line 68) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security	error	URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=(Line 70) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security	error	URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/webcasts/%3Fslreturn%3D20230808140118&canServeAds=true&canCookie=false&gdpr_consent=(Line 73) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
network	error	URL: https://cdn1.opstag.com/14472/index.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=37080A6F-5B75-4048-B659-75E74A5E5C60&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58b6b5e59eff9a7d525da231ae354b51.safeframe.googlesyndication.com
a.audrte.com
a.dpmsrv.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad4.adfarm1.adition.com
ads.eu.criteo.com
ads.pubmatic.com
ajax.googleapis.com
alm.demdex.net
analytics.twitter.com
ap.lijit.com
b.law.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.linkedin.oribi.io
cdn.yourbow.com
cdn1.opstag.com
cdnjs.cloudflare.com
cdp.omeda.com
cm.everesttech.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
csm.eu.criteo.net
data.alm.com
data.dianomi.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geoip.alm.com
go.alm.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
imageserver.amlaw.com
imagesrv.adition.com
m.exactag.com
match.adsrvr.org
mb.moatads.com
ml314.com
mug.criteo.com
olytics.omeda.com
onetag-sys.com
oqs.omeda.com
owlcarousel2.github.io
p.typekit.net
pagead2.googlesyndication.com
pbjs.e-planning.net
pi.pardot.com
ping.chartbeat.net
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
s.dpmsrv.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
store.cutimes.com
store.law.com
sync.crwdcntrl.net
t.co
tags.tiqcdn.com
telemetries.jeeng.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
use.typekit.net
users.api.jeeng.com
vi.ml314.com
www.cutimes.com
www.dianomi.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
yourbow-d.openx.net
z.moatads.com
ib.adnxs.com
mug.criteo.com
users.api.jeeng.com
104.244.42.67
104.244.42.69
104.86.47.65
108.138.191.50
108.157.187.32
13.107.42.14
130.162.160.243
142.250.185.226
145.40.97.66
146.75.120.157
15.197.193.217
172.64.146.151
178.250.1.6
178.250.1.9
18.208.125.13
18.239.69.103
18.66.112.11
185.64.189.112
185.64.190.78
185.64.190.80
185.86.138.123
192.226.84.37
193.3.178.3
198.47.127.205
204.180.130.159
204.180.130.165
209.191.163.209
216.58.206.38
217.79.188.10
217.79.188.46
23.32.185.123
23.35.236.188
23.35.236.201
2600:9000:2057:9c00:18:1fcd:353:c61
2600:9000:2104:c000:1e:5cef:3780:93a1
2600:9000:223e:da00:7:2bfb:7c00:93a1
2600:9000:2362:600:2:53b2:240:93a1
2602:803:c003:200::61
2606:4700:10::6816:38ae
2606:4700:10::6816:39ae
2606:4700::6811:180e
2606:4700::6812:19ce
2606:4700::6812:3b7
2606:4700::6812:c5a
2606:50c0:8000::153
2620:1ec:21::14
2a00:1450:4001:802::200a
2a00:1450:4001:809::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:d::13
2a02:2638:d::d
2a02:26f0:3100::1735:29f9
2a02:26f0:3100::1735:2a3b
2a02:26f0:3100::1735:2a43
2a02:fa8:8806:16::1460
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3602:5aec:1139:b771:4a28
3.121.142.71
34.107.148.139
34.111.129.221
34.111.131.239
34.111.234.236
34.249.118.122
34.251.64.143
34.98.64.218
35.201.104.135
35.204.158.49
35.227.252.103
35.244.141.151
35.244.174.68
37.157.2.234
37.252.172.123
44.209.255.129
51.89.9.252
52.18.247.63
52.205.47.26
52.209.112.33
52.46.151.131
52.54.96.194
52.70.172.91
52.94.222.140
63.140.62.214
69.173.144.138
69.173.144.139
85.14.248.91
95.101.148.20
95.101.149.233
99.86.4.128
00aba9dcfbe890214f94a3579723c2f5d00650f0a8dfa56ee7fc252deb5ba050
0318011714690d69766e9805992b85d81f3acaec1de699405673c4149d1bee88
038fd7db261f3fe8525f3105a268cf2ab584eb0db9ec80a8b686c9cf57d03f17
04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cd766adae5cdcf68f60e566bac01c0ec29fb4d0e7c44db4b01e400025e01cf
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895
0d7e02d412da92ccf0e4e976523d8df8256b43575f33f2fccbfde42933c1357c
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
1161b22ee942c30148d3a8be465aab7a53f11982af7fcd0a4428c8772b47d128
1464e33b6ab1590344b0611e1cceb0b144a2f53333b81b3000dc019c69f0c8c8
14c21ff32213287758427ac0f2f0ca871dc4bb180e0a524817791d163afae2b1
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18964272c5f208644be13a8865ee62b2abff17259ed9d4a46364239ad29d7895
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
1ab5c0862c0387c54a45ed0d397f33b5971166a2fc7baa6e3b6031793c3c3d3c
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d328a889f5a77886ffc05370a4565d2a6c0768b100c30fa89cae7e360bccb46
1da8810687863f0e20ef934998ca8646c96a53c3526eff5e812b48795b722a60
1daeb6beaf719351f196f97a09e9d328a8bb005449b1dc0cc5bbeac894637a0a
1ea0a58d1adffb88f57c883e58a47079fb69c705c401fad728bc1dd15f328905
1f1e67ffbce2f1f6ccebbbca244fa90ed9df587d7fa98d9c689ea37ecf9ebf1b
1fef10912b54dcf9f0d7476ebf49e118589a142fdeff523872ea56dc4a640f5b
2014d07a2de7e3a5a52b0379732522f6bdd04dc680a7fbca36ba61b53880f12a
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
242f7a4cf3f1ca8be2a2fc2f5c2bdc24c51ac07076718f07763b20a1f7d0931c
244d22f6eb30c71b2b4f7ada4f96d379dab07350dcca62f18ef699818e8c5152
2834b68f83bfbe7ba8d5b8c4c1b5dc0125083a8a0876e56c2534fb86d4aed4be
289a4bd79f9edacb39aa503dc0991eed35b2365cd326d666c867df4ec16560a5
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
28cf4ffe5e1feb4992284dfa83437f13e75ced6f2607e67454a195c99db29f35
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac7117cb68425172946e7aedb8907b5abdabde0ceef729d338d1353956e5058
2cc1ae951839c9630aad94142f6632c437aff325b6581fb0da2e32a1abd1db1e
2cf9b39bad8b3bcd2c32c7c1015b01900f49a721f91962a0d94eb7ac83b0ce97
2de750dfc4372113d29cbef0f187bc0fbf2b3fd2121fbb0ecac3a58f5cd5a500
2e039b4b97dcea6f59deea29d4a1fb387699696c7819c35a5679913ef174cb06
2e7b10e6eda4e5564f993dafaea0c8d1eeed73cabeff72e7ea0714826b3ee15c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fe6a63b8446094e37732add7e1153933d8a1c37ad0f586636c90278a9c59a55
30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a
3158fe51c4123fe9b42c19639d4e824445d2c5ce801666b4f4e7a002588b2538
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f3896dcac1991b68a3b57e1adf1e88f60e195de49b37f414fc4a1c6cdcd629
34344b698252709a9d7d85399bcc69d1627f83b32fd8d15b6ab5c077ecdd7be6
36ebfa3ed11868297f44ef3208cbc0228c14852b11f7f71fe2bf86c208c7b703
3748f74ccf5f20f65d18c959dd7768832f2319fe548c2fe7d7169b7b02b69787
3ae6f768fe36b9e98e8741e23475b64d251c33f4ebe638c2154ae1902d51bc6b
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3d21bcee8e4e8f2c909c58ca56aaef23cec66be18425e0aec59ca80dceed4055
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44a055a74759affedc0603c741fcea39e76d126cee3961d5595366050fdc63e1
45ce0ff4f7b1aaf7333cea3baf337fff9d6af91d1c79675edfd303444efe9511
464199afdf89f460b7d0b472128c19e98d00dc9f3a93ae1ac6ccbef4d41a7aa9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4721935d6f22a8eb7bd6836e63a70b3128a4e78e058114c1a3d9ff5ed315924f
481a720637e447573caa20d542273f09bec7ec697abf31110b3cfd968643b0c9
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eaac23f33586070970ea5e5e5daf8e0aba2401df268605b72a9dae8dae00573
4f6a906b211491d8d8f57405df785841be8ab53de99d1df73b08c896c3dafb50
4fc1a0092e0b99cbd93042d73124eab268aa1bfd73ce5d150645246b36383363
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570faddaa4a3643185bbd329d6f9bf436420a4a8ad8dc38e3ff5b4a77d6b8436
5766a178ab28457646bec8b75ef129ae7868e161ab607efe4bc2276575ede961
57a8add5a9143aa38ab8fc7dde987b61a4af28fdf4dfe1713d09003f7090a6b8
57e3da0bf8d9429993fdbc7766799944ebe95ae8d83987d05b9412f5df1c0df1
5808454badb7af9321ed7e4c1ff21edbdd449266c49c8c003f7bc06106fbc404
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc
592cc96e00ffc2fbc2c57982576d5cfe2fab672ba23e21d9a7859726c32af87b
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5b6d04edea371618b6f0b9179a0f8a9cbd9ced04908dbae1b128342dc6d5d1d8
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
6126dd2dc88baf8b21f8a132aa7881682652974b2d2026d1264fea8f80946d89
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ccc7b69b51eddf7c72354a62b87de1fb763e8c0b3d16fff861caf7fd1a6c86
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335
64bdc5890071a0a871f4190d9101140e88daf28effd71735497b39280f3f85cf
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68e39f2157d45fad9cefe4211a81cc053a5ae8745c7da57b791d00062d1ba8d5
6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787
6cb52457c5eed3817ce7aae6cf2aca66c9d9c83b856907694975d7dcaa21f9c9
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7625b0eda49a7554cccfe266fbf8476055ac4bcfd1dcadfaeab461b0249e4238
77d7fbabd50ebc363306dd1c68bf685b831ac5cd7c189ed2a0b29f3d0b5a5c36
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
78dbe36485633f0f10112abd5802165591832b5ecbc767329a0a22cd379136ed
799aab1b48c3c36669df7b86e95f7d9d914991a4b2dc6bf72d413e3017da3637
79be594c57ca2a1c419a043feaddbb72af4535d00b411f2f733bb09314e0287c
79d6921d497fe84166b05cc6cda52967e6d6e9ae08605208048dd5e1c016d5fa
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7c8cde70ffb70736dd8d0869daf78de12eede730d79192a4bd368966ba27023f
7cc76e56783afb17dc4793bf9f9c48b2d76c3986802b7f342a1f7d21be67b611
7ea1e1f6b4c1ae8440242a46eef029acdb9cdc4366253d12e7ea8f80a0c60793
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
815767dfc57a4a2e55b41de05e8da9d8cd3cc80fc39ecf244ce99ef392c3165a
81911318efdc3489a794910bcd8d70ccb66e9140586438a3249548c95be3b521
8439b38503d8e94e801d574b6391e0dcc66afdd8b9c6e2d1e31d063b951f7118
846329f1d649d53f198402f1cff564c37202641788a49726cfca2db3f4a6970a
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb
88270e4eb75a854c6d013630f78952e5662a30fdf804fe44241ecd9dcdb243a1
895e3e9c91bc92db50f6b7c02ab3a0f2fbd57de3abe79297eb31abb0145706ce
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
89ebdc0d91891f04451cc2399202aebcc265f507a423450c673d449eb3e4ccd8
8ad58c689c0f970afaac33a37b24620f516b4b042c0d22f6c3642e86d8e92530
8ca105c8d25403c1a2f429166be7202e4fb04c8dc334c1d33065c56a09909618
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f5134cf72e8109696df0f0874de5b3f6366ac464c6001942eebc54c00443602
8f8e8e789a5500fe71a0a068aaa7f6c62a4b349975786b0ac42f80df312fc6a9
8ff14e7090beb60dd4d22391b76fc95426ee3a6946e5197b2a9131310315f833
91c09f9bb523040f8a466343765f31e2f01bdf5cef56d3ba8783308b27172991
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
92af4fd1e73914883baccd73858b9c1686d57ecc6be1d8685b29a1c8339a7c53
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
992f32caf15584f5053e9fb98cf57ce03a200e40f38b4cafe493a0a3051516e5
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9cfd6a38248d4d685a10d28aa0b8234c556f2149a66e6671cc09d23e8b677e3c
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4c0fc0eba735a1e9a513e2fbb6af2d3f788b6abdd7166144444addb7a726689
a6a20c8c0b86509ea5f2f03b901f43ba2fed1b02eba290027fe24712682b15b5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
a9b672d2ca20a6c372e59a1ba4056f768ecc3b1b7451401aa1d45b5ce7722915
a9ff2d68ce2d644201644869d71b53fece002f8e4e8b0c85a18a177ec53d1498
aaafcf685b785f34f89da6881531dd799cc2bb8ca11b98d473dc66a98e0be964
aade161666d96480512d503f92168e73ede06c0d1b40d05d8ea68bddac3e49de
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acca672d4cdba50cc3ee2fef531d296c03609db99b332e18f2bf54cef9cf9513
ae8838235c766fb875e8133c5c6dc6f2f7a87f6174526d6907714924413921f8
af97824b9fc27c6bb156870a33c1535e586f4617318b2e612ea45d9e51d8c293
b16f28df442d7d5f28f03e8b56e614176dc6f1b55ecc80b2637ceb6f57d3ceb6
b188ef43451b5536877b89d51cad5de630be0baba989df918cd71a462c2a3153
b35e7b05594246aca3454469fde0f794656ffdbf7e12b0398114e9785e68110b
b4abb79b775d5abd2181c634a7d314e1d3964c0b427f2ad829677b4a5f3e5ec6
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
b7501b2bd66391145fc6606f06743c1d14cf58e791f2b1c5bd8d384084b01592
b7f81850b233fcd046e03f6cc2a20c0240ca848f62bc77a01e07025187dcba4f
b9ceaf9dd39961372b567a7445e1e2ad9993b58e7d03932c1bcdef7921098a5d
ba0d692c158e3d89f5fbe1fe32c623db71781e5d127351e6d538ace2e5c2a325
ba98524e3f3fbf805968193736a96676d33a615fcd63403fc7a046a79cf93fb9
bbb0fbefd91498bb327db3f5543cde243960ed282fe1aa85015d5ae479bd0d02
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
bdcb50140307a35bc5b91e3189132a866af8806e2b3ce4849467b6d0ff8eb153
be29ea3205883294b0fd66960f1880b117b0f7f37c6d38ee437a8d6f78422b2d
c1325e19c8fb15992cff25442f5d5e1bcf003cc53626fa8f5d880d9eda41c64f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25aad21e410b837b04e08e1bb2f54ef9887585cd46a894c8fc00e8e2dcb45a1
c34c5dc63ddfbf7c969df7004a5b30153ae8ac85efb2daf955d9cfae22bf7e50
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c7e8f5807453423eb1c2666939f8dafce4d6a1672a15c83f1c136cd97ea64dc7
c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6
c9b1775ef73acc652a55f6085dd75535b3b1194656390ed57e7c26f3e13b6651
c9be5afbba175bdc7cafdc31915c7bebf1c89ba6fcdc37cf1c9dc30cad3973b9
cadf3603bd2109fd8369e8d0a7271c556c73a1605ab3c165babf491b69b2abae
ccbc5981dcae90bca1d34285c8bf3025e64a73b9b82a21c6905bef9740925068
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0505c789490c97e5c95b97b1146f534dab14d4e0a73a596efbbc32ece579bf7
d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d4ddde1832d684009774721ca4446971d95dba0d1a1c515f19e4952ae87ef1e1
d5e1d2cf7ad565428c1fbaed5b52916269e96d28ccb0890d0d1f862d74b0fe88
d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda
d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22
d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f
d88a23e0d5af7ef2245445495011016b991092587a9a520dd28a0841cfa73828
d8fbee4841f56f479c7f499f182ae2ec255853baaf13bf624fcfe4d15f5e5292
d9185c606398d40a48d24ef32c1c7ab20c472390b5ed9daa2e190c9b2eaba492
d96a33690b6b2b76fc8f1ca737c573db1b5ab2d7029a1119ebc6ce10d0352a2b
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de5bef16f3955f5f06f7614f08a9167e2b02d2fe2f11273c1a58c626111fdd72
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
e0754122ccf9b825d230893813e6913e6d5dc8b8c029645a94c9671209dc3e88
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e28f9a97c9ff2e04da97bc5085447b9b0b43769e45529012b84cde452c497663
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3b0ffe4e92d14c9033d4f6c8136cbffd6ffea5ce3384d26ebf238478836318
ec93feb4c6e5b03f89ae76b9b7585075512de239e62e903e22ad4fce1faa4c21
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
ee65ff276660830f0bd0b064918210f12cc82d1ffc61fb9fd195a008c5419910
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1107f5944cdc211e6bbdcbdeaab6390839e7d834015308afa00d2ce235176cf
f1e88c6ae05c67fa8b374a287ffa2de66393f46af29a4a6093a5349d15062e6f
f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768
f3d5d6495ed5a386eade2d979f9840927aaa0bd5efbac9dc3ad07a58ca7c2cef
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c242003d3d4f93b5261d3ac5c3e2bb9f4f25d6ab9d9e55b7f30353e49314e4
f61448deedc4107d0ebdda233fdfb49dc52f31a721859f90b724f490865a7e0d
f74b91c069ae3e3d9fe1c709da5d849b579b9e114e4d322de248322622b49b4e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f85a653dd485945c50daee3cf3d2ca619e037e4eefd0741ca8ded3a47101f892
f93833c5490dce469ea00ba02058ec2fed7185836d3d4f31e683b6525df944a6
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fae5d7493064c647b20b14bca22467d8715394e78171a5830ff3097386075d73
fb476cfb3e6670e0256c7721896eea14c3778a616e1ccf0efc50181de71fca01
fc1d6e177f0a93623a64d3db5c13f5aba3b47a22dfac2a92daf9b2b9b574aed5
fc46f37cc261314afea2d2dcb4aa565744b1f811db463dbee27a210b478aa810
fc76428cad5c36631113a653d30ef85dbcfe672934b13630f4fdd2c1f1403f58
fd10557cdb80b8572afbc8eacccb56b1f21ac2501eb24527e2d601bbb0c0e06e
fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f
fd857ff3676a3bd62d7ce499b2fa172c0a4fe8ceb458803fead7300ffb24df48
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf
ff387e5da8b55030f06f79a4ffbb8665e9a1f2cf26ead8145c63f5dec53f936f
ffd206df712f0040df33bbe4b7370847881beaaf156dbf7a67a422152c9224ba

www.cutimes.com Open in urlscan Pro 2606:4700::6812:3b7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

374 Requests

93 %HTTPS

38 %IPv6

63 Domains

110 Subdomains

97 IPs

8 Countries

3161 kBTransfer

7372 kBSize

88 Cookies

46 Outgoing links

Page URL History

Redirected requests

374 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cutimes.com Open in urlscan Pro
2606:4700::6812:3b7 Public Scan

Screenshot
Live screenshot

Full Image

374
Requests

93 %
HTTPS

38 %
IPv6

63
Domains

110
Subdomains

97
IPs

8
Countries

3161 kB
Transfer

7372 kB
Size

88
Cookies

374 HTTP transactions
4 data transactions