www.cutimes.com Open in urlscan Pro
2606:4700::6812:1e95  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/c2aDXPyhan Page URL
2. https://buff.ly/3hxjwjr HTTP 301
   https://at.law.com/EZKSCg?cmp=share_twitter HTTP 301
   https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter HTTP 302
   https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832 HTTP 302
   http://store.cutimes.com/Registration/Login.aspx?mode=token&token=A7B056E9-248E-4D8D-8748-C12B0F839C7A&source=https%3a%2f%2fwww.cutimes.com%2f2020%2f07%2f24%2fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2f%3fcmp%3dshare_twitter%26slreturn%3d20200625084832&debug=lawDomainIPWithRefRedirect HTTP 301
   https://store.cutimes.com/Registration/Login.aspx?mode=token&token=A7B056E9-248E-4D8D-8748-C12B0F839C7A&source=https%3a%2f%2fwww.cutimes.com%2f2020%2f07%2f24%2fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2f%3fcmp%3dshare_twitter%26slreturn%3d20200625084832&debug=lawDomainIPWithRefRedirect HTTP 302
   https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

• https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D627924%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F2020%252F07%252F24%252Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%252F%253Fcmp%253Dshare_twitter%2526slreturn%253D20200625084832&_=1595681315141 HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D627924%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F2020%25252F07%25252F24%25252Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%25252F%25253Fcmp%25253Dshare_twitter%252526slreturn%25253D20200625084832%26_%3D1595681315141 HTTP 302
• https://a.dpmsrv.com/dpmpxl/index.php?id=785406113196087521&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=627924&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&_=1595681315141

Request Chain 37

• https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595681315222 HTTP 302
• https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595681315222

Request Chain 73

• https://cm.everesttech.net/cm/dd?d_uuid=91901746725369473920204364653861545000 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=XxwqIwAABIVi9xTJ

Request Chain 78

• https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=01738604997e009d79e829d77f7000078009107000b08&tealium_account=alm&tealium_profile=main HTTP 302
• https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=01738604997e009d79e829d77f7000078009107000b08&tealium_account=alm&tealium_profile=main&google_tc= HTTP 302
• https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01738604997e009d79e829d77f7000078009107000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEFDEBJIxrz8G2gDLIWs-epc&google_cver=1

Request Chain 84

• https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=785406113196087521&pixelIndex=0&_=1595681315142 HTTP 302
• https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=785406113196087521&pixelIndex=0&_=1595681315142&google_gid=CAESED8_jbOSGs0sMBFiQpLdhLY&google_cver=1

Request Chain 156

• https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3611937282197553224&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3611937282197553224&redir=

Request Chain 157

• https://idsync.rlcdn.com/395886.gif?partner_uid=3611937282197553224 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMTkzNzI4MjE5NzU1MzIyNBAAGg0IpdTw-AUSBQjoBxAAQgBKAA HTTP 307
• https://ml314.com/csync.ashx?fp=c05053054c259f0890c448bf244a3bd7177d2bbfba1a3a9f943f3955baeacec3f4cb09cee1a4f8eb&person_id=3611937282197553224&eid=50082

Request Chain 158

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
• https://ml314.com/utsync.ashx?eid=53819&et=0&fp=e241e8d8-fd32-4de0-a27d-1d4b7fc2d90a

Request Chain 159

• https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3611937282197553224 HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3611937282197553224 HTTP 302
• https://ml314.com/csync.ashx?fp=27f1062f559652f1c328ffbf76025bd6&eid=50146&person_id=3611937282197553224

Request Chain 160

• https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
• https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2OoTxh3nNclEu35LYYv7S9inEpRN3paJYZQTBrXIzOV8&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
• https://ml314.com/csync.ashx?fp=2OoTxh3nNclEu35LYYv7S9inEpRN3paJYZQTBrXIzOV8&person_id=3611937282464940125&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
• https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 210

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 214

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 243

• https://colossusssp.com/?c=o&m=cookie HTTP 302
• https://sync.colossusssp.com/hms.gif?puid=25799c0a57e0a92ac075bd474e60ded306cd05e1

Request Chain 249

• https://ib.adnxs.com/seg?member=827&add=18252462,18600656,21243164,19033089,19032834 HTTP 307
• https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D18252462%2C18600656%2C21243164%2C19033089%2C19032834

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	c2aDXPyhan Show response t.co/	224 B 405 B	139ms 138ms	Document text/html	104.244.42.5 TWITTER
General Check archive.org Show headers Download Go to Full URL https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.5 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash 8d46019ce826549e5011757b2a1ed0c0c012a2540a4340d25f07895c3897df4c Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers :method GET :authority t.co :scheme https :path /c2aDXPyhan pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 cache-control private,max-age=300 content-encoding gzip content-length 175 content-type text/html; charset=utf-8 date Sat, 25 Jul 2020 12:48:31 GMT expires Sat, 25 Jul 2020 12:53:31 GMT server tsa_o set-cookie muc=1624d3c4-1be6-443a-a7db-48def17a9f7b; Max-Age=63072000; Expires=Mon, 25 Jul 2022 12:48:31 GMT; Domain=t.co; Secure; SameSite=None strict-transport-security max-age=0 vary Origin x-connection-hash 2fa0e5f563e6a3146ac7747abb139a35 x-response-time 114 x-xss-protection 0
GET H2	200	Primary Request / Show response www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/ Redirect Chain https://buff.ly/3hxjwjr https://at.law.com/EZKSCg?cmp=share_twitter https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion... http://store.cutimes.com/Registration/Login.aspx?mode=token&token=A7B056E9-248E-4D8D-8748-C12B0F839C7A&source=https%3a%2f%2fwww.cutimes.com%2f2020%2f07%2f24%2fphishing-schemes-top-covid-19-digital-... https://store.cutimes.com/Registration/Login.aspx?mode=token&token=A7B056E9-248E-4D8D-8748-C12B0F839C7A&source=https%3a%2f%2fwww.cutimes.com%2f2020%2f07%2f24%2fphishing-schemes-top-covid-19-digital... https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832	63 KB 15 KB	185ms 184ms	Document text/html	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eefeff112650a7d10f8c234d5764f8209dba993d49321e3a13fc1e05541862e7 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :method GET :authority www.cutimes.com :scheme https :path /2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://t.co/ accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=daf540b3c07125c2cd5457a8013eb55ff1595681312; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00445525d5f4f58455e445a4a423660; ipAddress=5l04acdREJUqongusU4V; UCID=b22b44df-48d3-487a-b6c7-a600b4ab3cc6 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://t.co/c2aDXPyhan Response headers status 200 date Sat, 25 Jul 2020 12:48:34 GMT content-type text/html;charset=utf-8 cf-ray 5b85fef3b838d6c1-FRA cache-control private content-language en-US set-cookie ssoCompliant=; Max-Age=31536000; Expires=Sun, 25-Jul-2021 12:48:33 GMT; Path=/ NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00445525d5f4f58455e445a4a423660;expires=Sat, 25-Jul-2020 12:53:33 GMT;path=/;secure;httponly cf-cache-status DYNAMIC backend templates_newlaw_director cf-request-id 04279dac4e0000d6c1b508b200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-cache MISS x-frame-options SAMEORIGIN x-vnode 21 vary Accept-Encoding server cloudflare content-encoding br Redirect headers status 302 date Sat, 25 Jul 2020 12:48:33 GMT content-type text/html; charset=utf-8 location https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 cf-ray 5b85fef0e9bed6c1-FRA cache-control private set-cookie regSID=b172f68d-2d1f-49a7-92e4-d11c8d04f44c; expires=Sat, 25-Jul-2020 13:48:41 GMT; path=/; HttpOnly ipAddress=5l04acdREJUqongusU4V; domain=.cutimes.com; expires=Sun, 26-Jul-2020 00:48:41 GMT; path=/ UCID=b22b44df-48d3-487a-b6c7-a600b4ab3cc6; domain=.cutimes.com; expires=Mon, 25-Jul-2050 12:48:41 GMT; path=/ cf-cache-status DYNAMIC cf-request-id 04279daa920000d6c1b5078200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" referrer-policy origin-when-cross-origin x-aspnet-version 4.0.30319 x-powered-by Server #1 vary Accept-Encoding server cloudflare
GET H2	200	bootstrap-master-template.min.css www.cutimes.com/assets/master-template/css/release/	105 KB 16 KB	28ms 25ms	Stylesheet text/css	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status HIT age 11488 x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279dad180000d6c1b50a1200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"107730-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef4fb2fd6c1-FRA x-vnode 27 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	markets-lite.min.css www.cutimes.com/assets/master-template/css/release/	131 KB 20 KB	528ms 526ms	Stylesheet text/css	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/css/release/markets-lite.min.css?2020-07-25-08 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d900c895c28f5f0fde1ee604e5f8c46b28001aa7194e57d7a6178ab41ddbfe57 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status MISS x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279dad180000d6c1b50a2200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"133802-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef4fb31d6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	font-awesome.min.css www.cutimes.com/assets/master-template/css/release/	21 KB 5 KB	53ms 50ms	Stylesheet text/css	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/css/release/font-awesome.min.css Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f65fd65a1d67e0fa53270a158ccaa8cbae87234ae14a10dda02c9b70699f02f9 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status HIT age 11488 x-cache MISS status 200 backend templates_newlaw_director cf-request-id 04279dad190000d6c1b50a3200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"21246-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef4fb34d6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	article.min.css www.cutimes.com/assets/master-template/css/release/	26 KB 5 KB	32ms 30ms	Stylesheet text/css	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/css/release/article.min.css Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78c507cf45f479f2123e053b1737ae1c0a445a6ee645a7bf1f8d2490138f21ac Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status HIT age 11488 x-cache MISS status 200 backend templates_newlaw_director cf-request-id 04279dad190000d6c1b50a4200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"26347-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef4fb36d6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	jquery.2.1.3.min.js Show response www.cutimes.com/assets/master-template/js/	82 KB 28 KB	40ms 38ms	Script application/javascript	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/js/jquery.2.1.3.min.js Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status HIT age 5546 x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279dad190000d6c1b50a5200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"84320-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef4fb38d6c1-FRA x-vnode 27 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	yi.js Show response z.moatads.com/almprebidheader476420012280/	95 KB 36 KB	117ms 43ms	Script application/x-javascript	92.122.255.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/almprebidheader476420012280/yi.js Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AmazonS3 / Resource Hash 0e40fbde1dbb4757342b655cc782db23c8f4844a0623a84643a349d52b6cda90 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding gzip last-modified Mon, 27 Apr 2020 21:09:46 GMT server AmazonS3 x-amz-request-id 0EE8DC6D80B89D17 etag "8389737683f8879d84e29825a1ca8102" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=3940 accept-ranges bytes content-length 36741 x-amz-id-2 hg1n2vZpFfE37wNlyTLiiaAUfXRt4jWWw6kzniToEc0260n+6yxHq3mMarmzP48b/NQbeQITsIM=
GET H2	200	master-article-functions.min.js Show response www.cutimes.com/assets/master-template/js/release/	13 KB 4 KB	422ms 420ms	Script application/javascript	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/js/release/master-article-functions.min.js?2020-07-25-08 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ad33da7b07588da78786b87f066ddf8f807e57928a30995edcd172ec70b5c1d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status MISS ntcoent-length 13494 x-cache HIT 6 status 200 backend templates_newlaw_director cf-request-id 04279dad190000d6c1b50a6200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"13494-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef4fb3ad6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	nav-icon-sign-in.png www.cutimes.com/assets/master-template/images/	240 B 537 B	25ms 24ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 11488 cf-polished origFmt=png, origSize=1322 x-cache MISS status 200 backend templates_newlaw_director content-disposition inline; filename="nav-icon-sign-in.webp" cf-bgj imgq:100,h2pri content-length 240 cf-request-id 04279dad1a0000d6c1b50a7200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"1322-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85fef4fb3ed6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	cut-logo-white-nav.png www.cutimes.com/assets/master-template/images/market-images/	2 KB 2 KB	22ms 21ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/market-images/cut-logo-white-nav.png Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc9c9bc71151e9dc81ff5f49f2f41cec37e30e621233753dd812911fd5eff581 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 11488 cf-polished origFmt=png, origSize=2159 x-cache MISS status 200 backend templates_newlaw_director content-disposition inline; filename="cut-logo-white-nav.webp" cf-bgj imgq:100,h2pri content-length 1896 cf-request-id 04279dad1a0000d6c1b50a8200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"2159-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85fef4fb41d6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	mini-home-white.png www.cutimes.com/assets/master-template/images/	132 B 309 B	23ms 22ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/mini-home-white.png Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80a9a7bf48f7d199016a82f341b15181d59aa012462ff329c3de66b7ee87af1d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 5546 cf-polished origFmt=png, origSize=2927 x-cache HIT 1 status 200 backend templates_newlaw_director content-disposition inline; filename="mini-home-white.webp" cf-bgj imgq:100,h2pri content-length 132 cf-request-id 04279dad1b0000d6c1b50a9200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"2927-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85fef4fb44d6c1-FRA x-vnode 27 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	rocket-loader.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/	12 KB 4 KB	10ms 9ms	Script application/javascript	2606:4700::6810:85e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding gzip vary Accept-Encoding last-modified Thu, 23 Jul 2020 16:13:23 GMT server cloudflare etag W/"5f19b723-3016" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript status 200 cache-control max-age=172800, public strict-transport-security max-age=15780000; includeSubDomains cf-ray 5b85fef58f5496aa-FRA cf-request-id 04279dad75000096aac92e6200000001 expires Mon, 27 Jul 2020 12:48:34 GMT
GET H2	200	3f25cc00-b9ab-0134-0eba-0cc47a63c1a4 Show response tag.simpli.fi/sifitag/	2 KB 3 KB	360ms 295ms	Script application/javascript	169.50.137.176 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.50.137.176 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS Software / Resource Hash 0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache, no-cache date Sat, 25 Jul 2020 12:48:34 GMT x-content-type-options nosniff status 200 strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 1998 x-request-id FiT_s3eBrX1I7zxsDOBB expires Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	ad-scroll-v2.min.js Show response www.cutimes.com/assets/master-template/js/release/	1 KB 690 B	407ms 401ms	Script application/javascript	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/js/release/ad-scroll-v2.min.js?2020-07-25-08 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71589b103fe41e467a42d73570aa89f148b223837869fe205e0914f9e4cf530f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status MISS ntcoent-length 1457 x-cache HIT 5 status 200 backend templates_newlaw_director cf-request-id 04279dad8a0000d6c1b50b0200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"1457-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef5acf3d6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H/1.1	200 OK	TimeConversion.js Show response store.law.com/Registration/js/	9 KB 2 KB	342ms 113ms	Script application/javascript	204.14.32.196 -Reserved AS-
General Check archive.org Show headers Download Go to Full URL https://store.law.com/Registration/js/TimeConversion.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.14.32.196 , Rwanda, ASN7124 (-Reserved AS-, ZZ), Reverse DNS Software Microsoft-IIS/8.5 / Server #1 Resource Hash 815767dfc57a4a2e55b41de05e8da9d8cd3cc80fc39ecf244ce99ef392c3165a Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 25 Jul 2020 12:48:41 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Wed, 22 Jul 2020 23:18:20 GMT Server Microsoft-IIS/8.5 X-Powered-By Server #1 Vary Accept-Encoding Content-Type application/javascript Cache-Control public,max-age=604800 Accept-Ranges bytes Content-Length 1875 ETag "0462c637e60d61:0"
GET H2	200	master-core-lite.min.js Show response www.cutimes.com/assets/master-template/js/release/	27 KB 10 KB	36ms 30ms	Script application/javascript	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9cfa29fa86ce04673d24bcdcfcaccf4e9e6b29f81b64553b13952cddf7194ba Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status HIT age 11488 x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279dad8a0000d6c1b50b1200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"27835-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef5acf6d6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	tealium.js Show response www.cutimes.com/assets/master-template/js/	4 KB 1 KB	32ms 27ms	Script application/javascript	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/js/tealium.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58ecc1cfaf2bd3805360ae09cb08f51468c60a0f5feffc8588706335f92da5e1 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status HIT age 5546 x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279dad8a0000d6c1b50b2200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"4577-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef5acf8d6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H/1.1	200 OK	overlayForm.js Show response store.law.com/Registration/js/	14 KB 4 KB	345ms 114ms	Script application/javascript	204.14.32.196 -Reserved AS-
General Check archive.org Show headers Download Go to Full URL https://store.law.com/Registration/js/overlayForm.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.14.32.196 , Rwanda, ASN7124 (-Reserved AS-, ZZ), Reverse DNS Software Microsoft-IIS/8.5 / Server #2 Resource Hash c595655ff7d1e11aa1641d3c5243d12bb62ba0180cc02639081efa1d7f1f09c4 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 25 Jul 2020 12:48:39 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Wed, 22 Jul 2020 23:18:35 GMT Server Microsoft-IIS/8.5 X-Powered-By Server #2 Vary Accept-Encoding Content-Type application/javascript Cache-Control public,max-age=900 Accept-Ranges bytes Content-Length 3594 ETag "80171d6c7e60d61:0"
GET H2	200	bootstrap-master.min.js Show response www.cutimes.com/assets/master-template/js/release/	25 KB 6 KB	31ms 26ms	Script application/javascript	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/js/release/bootstrap-master.min.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c25aad21e410b837b04e08e1bb2f54ef9887585cd46a894c8fc00e8e2dcb45a1 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status HIT age 11488 x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279dad8a0000d6c1b50b3200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"25286-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef5acf9d6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	common.min.js Show response www.cutimes.com/assets/master-template/js/release/	53 KB 13 KB	415ms 410ms	Script application/javascript	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/js/release/common.min.js?2020-07-25-08 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e8ee14092586919b5ca348ed176e27b988cfee653a306a0fed55ef028cd156a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status MISS x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279dad8b0000d6c1b50b4200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"54582-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef5acfbd6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 5 KB	10ms 5ms	Script text/javascript	2a00:1450:4001:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 22 Jul 2020 18:35:03 GMT content-encoding gzip x-content-type-options nosniff age 238411 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 22 Jul 2021 18:35:03 GMT
GET H2	200	lazyloadXT.min.js Show response www.cutimes.com/assets/master-template/js/release/	3 KB 2 KB	25ms 21ms	Script application/javascript	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 386304e8dcdc06a6474321865af2cd47cea2690e7f70223a364eaeaa45f9c74c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status HIT age 5546 x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279dad8b0000d6c1b50b5200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"2933-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef5acfcd6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	cutimes.prebid.js Show response www.cutimes.com/assets/master-template/js/prebid/	207 KB 60 KB	28ms 25ms	Script application/javascript	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfbc7023380757b7eb822963462b2fbdc5bba03a868df9b3f98b58c0a020dcb5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding br cf-cache-status HIT age 11488 x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279dad8b0000d6c1b50b6200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"211483-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fef5acfed6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	nav-divot-red.png www.cutimes.com/assets/master-template/images/market-images/	120 B 421 B	27ms 26ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/market-images/nav-divot-red.png Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef7559eaf776544be90a6d50a4581875e797898016c60c089ade988267e768e7 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 11488 cf-polished origFmt=png, origSize=2911 x-cache HIT 2 status 200 backend templates_newlaw_director content-disposition inline; filename="nav-divot-red.webp" cf-bgj imgq:100,h2pri content-length 120 cf-request-id 04279dad990000d6c1b50ba200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"2911-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85fef5cd2ad6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	hash-0.png www.cutimes.com/assets/master-template/images/	6 KB 7 KB	36ms 31ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/hash-0.png Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f21b03e99bd273ed3f25194efa266e5b3db514d46dac62f675ff14613d9470bf Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 5546 cf-polished origFmt=png, origSize=22074 x-cache MISS status 200 backend templates_newlaw_director content-disposition inline; filename="hash-0.webp" cf-bgj imgq:100,h2pri content-length 6550 cf-request-id 04279dad9d0000d6c1b50bb200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"22074-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85fef5cd40d6c1-FRA x-vnode 27 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/	75 KB 75 KB	9ms 9ms	Font font/woff2	2001:4de0:ac19::1:b:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/assets/master-template/css/release/font-awesome.min.css Origin https://www.cutimes.com Response headers date Sat, 25 Jul 2020 12:48:34 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:36:18 GMT status 200 etag "1544639778" vary Accept-Encoding x-cache HIT content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 77171
GET H2	200	nav-divot-cutimes.png www.cutimes.com/assets/master-template/images/market-images/	122 B 399 B	24ms 24ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/market-images/nav-divot-cutimes.png Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b7c22e1d47c8df63bc6abfa17ec37e1ae4431e70c8df9b918dd20cfed819b23 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/assets/master-template/css/release/markets-lite.min.css?2020-07-25-08 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:34 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 11488 cf-polished origFmt=png, origSize=1086 x-cache HIT 1 status 200 backend templates_newlaw_director content-disposition inline; filename="nav-divot-cutimes.webp" cf-bgj imgq:100,h2pri content-length 122 cf-request-id 04279daf450000d6c1b50d2200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"1086-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85fef86bf6d6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:34 GMT
GET H2	200	css Show response fonts.googleapis.com/	3 KB 1 KB	41ms 14ms	Fetch text/css	2a00:1450:4001:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans&display=swap Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1b484d46c585707d69102873172a893ffabd34b2b7e17fedf7b19015dbf251a7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 25 Jul 2020 11:06:08 GMT server ESF date Sat, 25 Jul 2020 12:48:34 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 25 Jul 2020 12:48:34 GMT
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/alm/main/prod/	119 KB 33 KB	157ms 88ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 4ffaf6d5d8ebefea1142264d4bd6102067e2fa1ad6751870c4ada82bf35d28da Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Wed, 22 Jul 2020 22:26:27 GMT server AkamaiNetStorage etag "3c000f4ce1f6c78d0947e512fe904ba2:1595456787.143391" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=300 accept-ranges bytes content-length 33027 expires Sat, 25 Jul 2020 12:53:35 GMT
GET H/1.1	200 OK	dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Show response s.dpmsrv.com/	283 KB 47 KB	96ms 22ms	Script application/x-javascript	143.204.201.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.201.72 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1f116cf5298f94d631f3a61dd1dcb27813d5742d9167ec0146206f40480e28c3 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 25 Jul 2020 01:51:51 GMT Content-Encoding gzip Last-Modified Thu, 28 May 2020 20:47:58 GMT Server AmazonS3 Age 39405 ETag "8fc8dfe271ccc51f656867158081ffa2" X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront) Connection keep-alive X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes Content-Length 48062 X-Amz-Cf-Id Q03EyAYcdyZRA2qyKYKmYK24kPzbrnDLyMPR8szd9yr-Rm0Db4a5fw==
GET H2	200	yi.js Show response mb.moatads.com/	1 KB 2 KB	210ms 131ms	Script text/html	35.177.118.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&confidence=2&pcode=almprebidheader476420012280&callback=MoatNadoAllJsonpRequest_35824289 Requested by Host: z.moatads.com URL: https://z.moatads.com/almprebidheader476420012280/yi.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.118.109 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software TornadoServer/4.5.3 / Resource Hash a2e1355b5fd2abd0e184eed30b972d1b7a714db9abe3510c327c508b2abe8057 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT server TornadoServer/4.5.3 etag "c458c1fa3f25b8d68d3ae369dbe288bc74918a03" content-type text/html; charset=UTF-8 status 200 cache-control max-age=900 timing-allow-origin * content-length 1471
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	37ms 37ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&t=1595681315011&de=769218544265&d=ALM_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=31f9dba90d-clean&iw=af9b55d&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=cutimes.com&bd=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&ac=1&bq=11&f=0&na=1925607679&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:35 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:35 GMT
GET H2	200	bootstrap-master-template.min.css Show response www.cutimes.com/assets/master-template/css/release/	105 KB 16 KB	20ms 19ms	XHR text/css	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding br cf-cache-status HIT age 11489 x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279db0fe0000d6c1b511a200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"107730-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fefb3b34d6c1-FRA x-vnode 27 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	p Show response i.simpli.fi/	34 B 765 B	86ms 28ms	Script application/javascript	169.50.137.179 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.50.137.179 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS Software / Resource Hash e09104e2d44f1a94518d3115e39e60dec46fd3486d07db5a0c815c434a7899f6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache, no-cache date Sat, 25 Jul 2020 12:48:35 GMT x-content-type-options nosniff status 200 strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 5 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 22 Jul 2020 18:35:03 GMT content-encoding gzip x-content-type-options nosniff age 238412 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 22 Jul 2021 18:35:03 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Origin https://www.cutimes.com Response headers date Thu, 11 Jun 2020 13:03:24 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:49 GMT server sffe age 3800711 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9132 x-xss-protection 0 expires Fri, 11 Jun 2021 13:03:24 GMT
GET H/1.1	200 OK	index.php Show response a.dpmsrv.com/dpmpxl/ Redirect Chain https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D627924%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%... https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D627924%2526tzOffset%2... https://a.dpmsrv.com/dpmpxl/index.php?id=785406113196087521&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=627924&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-...	242 B 993 B	520ms 117ms	Script text/javascript	34.192.142.95 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.dpmsrv.com/dpmpxl/index.php?id=785406113196087521&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=627924&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&_=1595681315141 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash b759e23b31e7f120ae59f24591105231d390628ee10016fc28c76465af07616f Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache content-encoding gzip Access-Control-Max-Age 10 Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type text/javascript Access-Control-Allow-Headers content-type, accept Content-Length 215 Expires 0 Redirect headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:35 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.250:80 AN-X-Request-Uuid 8ca2810e-c520-4fd9-82e3-4e3e2437b4ef Server nginx/1.13.4 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://a.dpmsrv.com/dpmpxl/index.php?id=785406113196087521&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=627924&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&_=1595681315141 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rd Show response dpm.demdex.net/id/ Redirect Chain https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595681315222 https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595681315222	362 B 1 KB	48ms 47ms	XHR application/json	54.76.175.152 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595681315222 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.175.152 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ac4f5f8dc6c4465f48dac4c602a22da6401e63d5fb865da0e4e6a1ab7079c92c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers DCS dcs-prod-irl1-v075-095ef69a9.edge-irl1.demdex.com 5.74.0.20200706134429 2ms (+0ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip X-TID 3M3tp/zyRcI= Vary Origin, Accept-Encoding, User-Agent P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.cutimes.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 299 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains Access-Control-Allow-Origin https://www.cutimes.com X-TID cIJQBQymQnM= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1595681315222 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	markets-lite.min.css Show response www.cutimes.com/assets/master-template/css/release/	131 KB 20 KB	56ms 56ms	XHR text/css	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/css/release/markets-lite.min.css?2020-07-25-08 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d900c895c28f5f0fde1ee604e5f8c46b28001aa7194e57d7a6178ab41ddbfe57 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding br cf-cache-status HIT age 1 x-cache HIT 1 status 200 backend templates_newlaw_director cf-request-id 04279db19e0000d6c1b5142200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"133802-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fefc3d97d6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	utag.87.js Show response tags.tiqcdn.com/utag/alm/main/prod/	9 KB 3 KB	360ms 351ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.87.js?utv=ut4.39.202007222226 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash b329fa560bb94ce2f0b8417b01d3744cdda13cbfaa6036800529f302457f6815 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Wed, 22 Jul 2020 22:26:28 GMT server AkamaiNetStorage etag "cd8587db2697e130b292a91760a32f40:1595456788.403344" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=1296000 accept-ranges bytes content-length 2897 expires Sun, 09 Aug 2020 12:48:35 GMT
GET H2	200	utag.26.js Show response tags.tiqcdn.com/utag/alm/main/prod/	3 KB 2 KB	421ms 413ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202003232302 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 0404edab2dc1f7c6d53acc365707f538e3a6ef3e45c1210526710f01a9cbdac1 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Mon, 22 Jun 2020 21:26:56 GMT server AkamaiNetStorage etag "f6fc4a048e38478542f37e53c6fe35da:1592861216.785713" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=1296000 accept-ranges bytes content-length 1505 expires Sun, 09 Aug 2020 12:48:35 GMT
GET H2	200	utag.78.js Show response tags.tiqcdn.com/utag/alm/main/prod/	108 KB 34 KB	507ms 499ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.39.202005222105 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 5fc6f0aaafb0654e6f77aee8062743dcc2ed72e3218310a2933c2ce18fc38f94 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Mon, 22 Jun 2020 21:26:54 GMT server AkamaiNetStorage etag "b8399314898c109250e76d9335018053:1592861214.18641" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=1296000 accept-ranges bytes content-length 34830 expires Sun, 09 Aug 2020 12:48:35 GMT
GET H2	200	utag.32.js Show response tags.tiqcdn.com/utag/alm/main/prod/	3 KB 2 KB	481ms 473ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.32.js?utv=ut4.39.201909121652 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 999b37529edf4d7b34cf4bdcd937594e893a1d3add9811102f7818936b8d4293 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Mon, 22 Jun 2020 21:26:56 GMT server AkamaiNetStorage etag "fb390697366796015697c0162fac7588:1592861216.366485" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=1296000 accept-ranges bytes content-length 1448 expires Sun, 09 Aug 2020 12:48:35 GMT
GET H2	200	utag.39.js Show response tags.tiqcdn.com/utag/alm/main/prod/	2 KB 1 KB	514ms 506ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Tue, 30 Aug 2016 19:05:16 GMT server AkamaiNetStorage etag "19f5cfea9207d9078058ad07886d8356:1472583916" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=1296000 accept-ranges bytes content-length 953 expires Sun, 09 Aug 2020 12:48:35 GMT
GET H2	200	utag.115.js Show response tags.tiqcdn.com/utag/alm/main/prod/	13 KB 4 KB	532ms 525ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.115.js?utv=ut4.39.202006181642 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 0adce7288d8695bd58abcf6c721fc5b33f1f1ffba1cd69477e4a93bea0c767e5 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Mon, 22 Jun 2020 21:26:53 GMT server AkamaiNetStorage etag "965f1682763e76a92cd993fa62bb8feb:1592861213.319632" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=1296000 accept-ranges bytes content-length 3422 expires Sun, 09 Aug 2020 12:48:35 GMT
GET H2	200	utag.116.js Show response tags.tiqcdn.com/utag/alm/main/prod/	13 KB 4 KB	556ms 548ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.116.js?utv=ut4.39.202006181642 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 10f63eeedd48638d7707b27efcf4982dbaa287241cc35b1a893fec1a9d8ffda0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Mon, 22 Jun 2020 21:26:50 GMT server AkamaiNetStorage etag "0c36e0bf1ac75d734731c85b9eb62809:1592861210.402313" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=1296000 accept-ranges bytes content-length 3424 expires Sun, 09 Aug 2020 12:48:35 GMT
GET H2	200	utag.101.js Show response tags.tiqcdn.com/utag/alm/main/prod/	13 KB 4 KB	571ms 563ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 300908cbcb84903590648db1851fcb3c493af3aaab47d4109e0a9f8394e06fd7 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Mon, 22 Jun 2020 21:26:53 GMT server AkamaiNetStorage etag "d92cbafa99067935fba25cba6e9bcb91:1592861213.763276" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=1296000 accept-ranges bytes content-length 4339 expires Sun, 09 Aug 2020 12:48:35 GMT
GET H2	200	utag.112.js Show response tags.tiqcdn.com/utag/alm/main/prod/	2 KB 1 KB	588ms 581ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.39.202005192159 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 93a22a0e7b076844df8bbc2d01d9d50b6f46412cb41ccd7fbf053467778dedab Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Tue, 19 May 2020 21:59:32 GMT server AkamaiNetStorage etag "237667acf6557ccb2652f9af3e9f82a8:1589925572.725309" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=1296000 accept-ranges bytes content-length 1014 expires Sun, 09 Aug 2020 12:48:35 GMT
GET H2	200	css fonts.googleapis.com/	7 KB 840 B	20ms 16ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 25 Jul 2020 12:48:35 GMT server ESF date Sat, 25 Jul 2020 12:48:35 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 25 Jul 2020 12:48:35 GMT
GET H2	200	qkq4rhw.js Show response use.typekit.net/	20 KB 8 KB	66ms 27ms	Script text/javascript	2a01:4a0:1338:28::c38a:ff08 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/qkq4rhw.js Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 87a85dd49446af6ecdfc0db0ebf7dc7f0f01313b5e65f01e8bac5573102cf0cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip server nginx status 200 date Sat, 25 Jul 2020 12:48:35 GMT vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=600, stale-while-revalidate=604800 timing-allow-origin * content-length 7633
GET		/ geoip.alm.com/json/	0 0
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	24ms 8ms	Font font/woff2	2a00:1450:4001:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin Origin https://www.cutimes.com Response headers date Tue, 14 Jul 2020 15:32:55 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:31:11 GMT server sffe age 940540 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9080 x-xss-protection 0 expires Wed, 14 Jul 2021 15:32:55 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	23ms 8ms	Font font/woff2	2a00:1450:4001:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin Origin https://www.cutimes.com Response headers date Thu, 11 Jun 2020 13:03:24 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:49 GMT server sffe age 3800711 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9132 x-xss-protection 0 expires Fri, 11 Jun 2021 13:03:24 GMT
GET H2	200	cybersecurity-virus-e1595594872572.jpg images.cutimes.com/contrib/content/uploads/sites/413/2020/07/	55 KB 55 KB	62ms 37ms	Image image/jpeg	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.cutimes.com/contrib/content/uploads/sites/413/2020/07/cybersecurity-virus-e1595594872572.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09d789d724d3a5db2f9f7ac9e1f62558d653a923c8f0ff6d61b07ec7db19fdad Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT vary Accept-Encoding cf-cache-status HIT age 5546 cf-polished origSize=59408, status=webp_bigger x-cache MISS status 200 backend contribsreimg_prod_director cf-bgj imgq:100,h2pri content-length 56447 cf-request-id 04279db2240000d6c1b514f200000001 last-modified Fri, 24 Jul 2020 12:47:52 GMT server cloudflare etag "854fe7-e810-5ab2f6192ad89" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85fefd0ff8d6c1-FRA x-vnode 27 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin Origin https://www.cutimes.com Response headers date Thu, 09 Jul 2020 00:04:34 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:37 GMT server sffe age 1428241 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9016 x-xss-protection 0 expires Fri, 09 Jul 2021 00:04:34 GMT
GET H2	200	article.min.css Show response www.cutimes.com/assets/master-template/css/release/	26 KB 6 KB	19ms 19ms	XHR text/css	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/css/release/article.min.css Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78c507cf45f479f2123e053b1737ae1c0a445a6ee645a7bf1f8d2490138f21ac Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding br cf-cache-status HIT age 11489 x-cache MISS status 200 backend templates_newlaw_director cf-request-id 04279db23f0000d6c1b5150200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"26347-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85fefd385dd6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	l use.typekit.net/af/71f83c/00000000000000003b9b093b/27/	33 KB 33 KB	13ms 4ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff08 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/qkq4rhw.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Origin https://www.cutimes.com Response headers date Sat, 25 Jul 2020 12:48:35 GMT server nginx etag "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 33656
GET H2	200	l use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/	33 KB 33 KB	20ms 11ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff08 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/qkq4rhw.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 943c47e42eff83d25675ef352e488d2e3aaf8c8af0f019a78d21339836a1f065 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Origin https://www.cutimes.com Response headers date Sat, 25 Jul 2020 12:48:35 GMT server nginx etag "0373618e2db17cca6330e4b11556968310f08eb7" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 33856
GET H2	200	l use.typekit.net/af/4838bd/00000000000000003b9b0934/27/	32 KB 32 KB	17ms 8ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff08 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/qkq4rhw.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Origin https://www.cutimes.com Response headers date Sat, 25 Jul 2020 12:48:35 GMT server nginx etag "852dacc5cd2685c187708b882b28635465e17bd0" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 32688
GET H2	200	l use.typekit.net/af/437c3d/00000000000000003b9b0932/27/	32 KB 32 KB	19ms 10ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff08 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/qkq4rhw.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Origin https://www.cutimes.com Response headers date Sat, 25 Jul 2020 12:48:35 GMT server nginx etag "474f8294a654ddd4e855cc66b1bb647cd40bfa9b" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 32380
GET H2	200	l use.typekit.net/af/3331e6/00000000000000003b9b0936/27/	32 KB 33 KB	13ms 5ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff08 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/qkq4rhw.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Origin https://www.cutimes.com Response headers date Sat, 25 Jul 2020 12:48:35 GMT server nginx etag "b7f32cce44884c0c7d09c7eaf8ec10d20386685b" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 33180
GET H2	200	l use.typekit.net/af/2553b3/000000000000000000011c34/27/	19 KB 19 KB	27ms 19ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff08 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/qkq4rhw.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 36c9fc6051d4a3d870934f3f78edcc4acaeb2b289453123baaccceaf125f4456 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Origin https://www.cutimes.com Response headers date Sat, 25 Jul 2020 12:48:35 GMT server nginx etag "5cf72d8979177145b3e27e04c6afd6f60bee7a35" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 19272
GET H2	200	l use.typekit.net/af/1ade3e/000000000000000000011c39/27/	19 KB 19 KB	40ms 31ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff08 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/qkq4rhw.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 46a69b88df8dce5def5cf781098b96c0748ed4359bfe4e7e9047b4606ba91184 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Origin https://www.cutimes.com Response headers date Sat, 25 Jul 2020 12:48:35 GMT server nginx etag "70dc2d1e85f8b46c0851a31b57494c0bdb743209" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 19068
GET H2	200	l use.typekit.net/af/827015/000000000000000000011c3b/27/	18 KB 18 KB	23ms 15ms	Font application/font-woff2	2a01:4a0:1338:28::c38a:ff08 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/qkq4rhw.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software nginx / Resource Hash 94ff1886b75337d9ecd8fd6c1ea51aee392e6013ac927b81a01fa62d7b79d08b Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Origin https://www.cutimes.com Response headers date Sat, 25 Jul 2020 12:48:35 GMT server nginx etag "fa20d38ca87af1153085d9146b698f2bb93b7223" status 200 content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 18468
GET H2	200	nav-icon-search-white.png www.cutimes.com/assets/master-template/images/market-images/	350 B 569 B	19ms 19ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d836affe5971294b1b43a2a39334836f2519478468c94e43545a9582e749e670 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 11478 cf-polished origFmt=png, origSize=3368 x-cache MISS status 200 backend templates_newlaw_director content-disposition inline; filename="nav-icon-search-white.webp" cf-bgj imgq:100,h2pri content-length 350 cf-request-id 04279db35e0000d6c1b5169200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"3368-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85fefefd7ad6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	social-fb-white.png www.cutimes.com/assets/master-template/images/market-images/	164 B 454 B	33ms 17ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af416120f43bfee84e300f2a0c359310087a64f1b4f19b39f1f8cd65ce0c84ab Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 5546 cf-polished origFmt=png, origSize=1222 x-cache HIT 1 status 200 backend templates_newlaw_director content-disposition inline; filename="social-fb-white.webp" cf-bgj imgq:100,h2pri content-length 164 cf-request-id 04279db36e0000d6c1b516d200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"1222-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85feff1db8d6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	social-tw-white.png www.cutimes.com/assets/master-template/images/market-images/	354 B 519 B	40ms 25ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 648e79ebde6cf1350cfa7568f8f5a582d599281cb3245aeef278465cbe3ffeb3 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 11478 cf-polished origFmt=png, origSize=1583 x-cache HIT 1 status 200 backend templates_newlaw_director content-disposition inline; filename="social-tw-white.webp" cf-bgj imgq:100,h2pri content-length 354 cf-request-id 04279db3700000d6c1b516e200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"1583-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85feff1dbed6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	social-li-white.png www.cutimes.com/assets/master-template/images/market-images/	256 B 420 B	28ms 25ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 5546 cf-polished origFmt=png, origSize=1413 x-cache HIT 1 status 200 backend templates_newlaw_director content-disposition inline; filename="social-li-white.webp" cf-bgj imgq:100,h2pri content-length 256 cf-request-id 04279db3700000d6c1b516f200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"1413-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85feff1dbfd6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	nav-icon-sign-in-white.png www.cutimes.com/assets/master-template/images/market-images/	240 B 414 B	22ms 19ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c859e723244f19a63ee035e282a20cca525b0d102cf4c68a14c46063fe39ef14 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 11478 cf-polished origFmt=png, origSize=3131 x-cache HIT 1 status 200 backend templates_newlaw_director content-disposition inline; filename="nav-icon-sign-in-white.webp" cf-bgj imgq:100,h2pri content-length 240 cf-request-id 04279db3700000d6c1b5170200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"3131-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85feff1dc1d6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	arrow-open.png www.cutimes.com/assets/master-template/images/market-images/	134 B 346 B	29ms 26ms	Image image/webp	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cutimes.com/assets/master-template/images/market-images/arrow-open.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT vary Accept, Accept-Encoding cf-cache-status HIT age 11478 cf-polished origFmt=png, origSize=2986 x-cache HIT 1 status 200 backend templates_newlaw_director content-disposition inline; filename="arrow-open.webp" cf-bgj imgq:100,h2pri content-length 134 cf-request-id 04279db3700000d6c1b5171200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare etag W/"2986-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 5b85feff1dc2d6c1-FRA x-vnode 21 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H/1.1	200 OK	Cookie set dest5.html alm.demdex.net/ Frame 8394	0 0	231ms 60ms	Document text/html	63.32.143.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://alm.demdex.net/dest5.html?d_nsid=0 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.32.143.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Host alm.demdex.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie demdex=91901746725369473920204364653861545000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers Accept-Ranges bytes Cache-Control max-age=21600 Content-Encoding gzip Content-Type text/html Expires Thu, 01 Jan 1970 00:00:00 GMT Last-Modified Tue, 07 Jul 2020 07:46:41 GMT P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Set-Cookie demdex=91901746725369473920204364653861545000;Path=/;Domain=.demdex.net;Expires=Thu, 21-Jan-2021 12:48:35 GMT;Max-Age=15552000;Secure;SameSite=None Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding, User-Agent X-TID c9/JJyd2Se8= Content-Length 2785 Connection keep-alive
GET H2	200	id Show response b.law.com/	48 B 479 B	236ms 30ms	XHR application/x-javascript	15.236.9.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b.law.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=81996246030566862080907168147360197224&ts=1595681315744 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS Software jag / Resource Hash 343ef452e3a0dc0225f9f85c6c213871751ce6cf7cf1a9f8c493ca3c082f2071 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers status 200 date Sat, 25 Jul 2020 12:48:35 GMT x-content-type-options nosniff server jag xserver anedge-7447d85976-xsxcm vary Origin x-c master-1315.Ia06625.M0-426 p3p CP="This is not a P3P policy" access-control-allow-origin https://www.cutimes.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-type application/x-javascript;charset=utf-8 content-length 48 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=XxwqIwAABIVi9xTJ dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=91901746725369473920204364653861545000 https://dpm.demdex.net/ibs:dpid=411&dpuuid=XxwqIwAABIVi9xTJ	42 B 915 B	62ms 61ms	Image image/gif	54.76.175.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=XxwqIwAABIVi9xTJ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.175.152 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers DCS dcs-prod-irl1-v075-0cf6c94bd.edge-irl1.demdex.com 5.74.0.20200706134429 1ms (+0ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-TID fF7rypNURaE= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Sat, 25 Jul 2020 12:48:35 GMT Server AMO-cookiemap/1.1 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=XxwqIwAABIVi9xTJ Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=15,max=100 Content-Length 0
GET H2	200	font-awesome.min.css Show response www.cutimes.com/assets/master-template/css/release/	21 KB 5 KB	44ms 30ms	XHR text/css	2606:4700::6812:1e95 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cutimes.com/assets/master-template/css/release/font-awesome.min.css Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e95 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f65fd65a1d67e0fa53270a158ccaa8cbae87234ae14a10dda02c9b70699f02f9 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding br cf-cache-status HIT age 11489 x-cache MISS status 200 backend templates_newlaw_director cf-request-id 04279db3ba0000d6c1b5177200000001 last-modified Thu, 23 Jul 2020 10:59:44 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"21246-1595501984000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public, max-age=14400 cf-ray 5b85feff9ed7d6c1-FRA x-vnode 145 expires Sat, 25 Jul 2020 16:48:35 GMT
GET H2	200	p.gif p.typekit.net/	35 B 178 B	25ms 7ms	Image image/gif	2a02:26f0:10:385::19fd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://p.typekit.net/p.gif?s=1&k=qkq4rhw&ht=tk&h=www.cutimes.com&f=139.169.175.5474.25136.14541.14546.14548&a=702529&js=1.19.2&app=typekit&e=js&_=1595681315822 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10:385::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT last-modified Thu, 25 Jun 2020 00:22:17 GMT server nginx etag "5ef3ee39-23" content-type image/gif status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 35
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	48 KB 16 KB	48ms 48ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.87.js?utv=ut4.39.202007222226 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c5e5742593fb85b25251acdb96a2f0d31ee17b2eb8b6b8c737714ea1efc56a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "581 / 768 of 1000 / last-modified: 1595628830" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 16533 x-xss-protection 0 expires Sat, 25 Jul 2020 12:48:35 GMT
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	36 KB 14 KB	34ms 8ms	Script application/x-javascript	2600:9000:2057:3800:18:1fcd:34e:d2a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202003232302 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:3800:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:34:51 GMT content-encoding gzip last-modified Fri, 24 Apr 2020 01:13:41 GMT server nginx age 823 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=7200 x-amz-cf-pop FRA6-C1 x-amz-cf-id ao9bb7qWtdIKUV3URqoc9B1_chjKcp2CJ9kn01G0Uuz_nSvEhBaBdg== via 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront) expires Sat, 25 Jul 2020 14:34:51 GMT
GET H2	200	i.gif datacloud.tealiumiq.com/vdata/ Redirect Chain https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=01738604997e009d79e829d77f7000078009107000b08&tealium_account=alm&tealium_profile=main https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=01738604997e009d79e829d77f7000078009107000b08&tealium_account=alm&tealium_profile=main&goog... https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01738604997e009d79e829d77f7000078009107000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEFDEBJIxrz8G2g...	43 B 971 B	51ms 20ms	Image image/gif	52.59.116.27 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01738604997e009d79e829d77f7000078009107000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEFDEBJIxrz8G2gDLIWs-epc&google_cver=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.116.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT vary Origin x-serverid uconnect_i-0d33e87245ed6b37c x-tid 01738604997e009d79e829d77f7000078009107000b08 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS" status 200 x-region eu-central-1 x-acc alm:main:2:vdata content-length 43 pragma no-cache x-did 01738604997e009d79e829d77f7000078009107000b08 content-type image/gif x-ulver f9fee1d59477ef91bdabcf38237ad62049ca4469-SNAPSHOT cache-control no-transform,private,no-cache,no-store,max-age=0,s-maxage=0 x-uuid fd2264cc-700b-4d30-8f75-e2aea9d19ab3 expires Sat, 25 Jul 2020 12:48:36 GMT Redirect headers pragma no-cache date Sat, 25 Jul 2020 12:48:35 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=01738604997e009d79e829d77f7000078009107000b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEFDEBJIxrz8G2gDLIWs-epc&google_cver=1 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 437 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	aquant.js Show response secure.quantserve.com/	22 KB 8 KB	27ms 12ms	Script application/x-javascript	2620:116:800d:21:36a9:ecb:e518:b308 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT content-encoding gzip last-modified Sat, 25-Jul-2020 12:48:35 GMT etag M0-2a172724 vary Accept-Encoding content-type application/x-javascript status 200 cache-control private, no-transform, max-age=604800 strict-transport-security max-age=86400 content-length 8060 expires Sat, 01 Aug 2020 12:48:35 GMT
GET H2	200	spm.v1.min.js Show response ak.sail-horizon.com/spm/	119 KB 42 KB	139ms 30ms	Script application/javascript	143.204.201.8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ak.sail-horizon.com/spm/spm.v1.min.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.115.js?utv=ut4.39.202006181642 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.201.8 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 47687598392d1e8218af4b23a2d281c73e8eeb93e09e0d2e4ba53a79142f7c33 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:45:05 GMT content-encoding gzip last-modified Mon, 20 Jul 2020 19:12:47 GMT server AmazonS3 age 211 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=600; must-revalidate x-amz-cf-pop FRA53-C1 x-amz-cf-id _6aa1mVS8_kVMatybX8f_IvfebdjdwGP2DeRhrZ7r63K3KrChctGIA== via 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
POST H2	200	i.gif Show response collect.tealiumiq.com/alm/main/2/	43 B 751 B	114ms 42ms	XHR image/gif	52.59.116.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://collect.tealiumiq.com/alm/main/2/i.gif Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.116.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryqOi6lb0pOQT45WKH Response headers date Sat, 25 Jul 2020 12:48:36 GMT x-serverid uconnect_i-09ef5b9d28f3826ec x-tid 01738604997e009d79e829d77f7000078009107000b08 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS" status 200 x-region eu-central-1 x-acc alm:main:2:datacloud content-length 43 pragma no-cache x-did 01738604997e009d79e829d77f7000078009107000b08 vary Origin content-type image/gif access-control-allow-origin https://www.cutimes.com access-control-expose-headers X-Region cache-control no-transform,private,no-cache,no-store,max-age=0,s-maxage=0 access-control-allow-credentials true x-ulver f9fee1d59477ef91bdabcf38237ad62049ca4469-SNAPSHOT x-uuid e92d85bd-7843-4c5b-bc1f-4e8941707441 expires Sat, 25 Jul 2020 12:48:36 GMT
GET H/1.1	200 OK	tag.aspx Show response ml314.com/	26 KB 12 KB	211ms 52ms	Script application/javascript	34.240.148.251 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?256 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c293a28e23c66b27bd04bc1742f3aab0ebf6c382961c1e83140f035a08ea5e5d Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 25 Jul 2020 12:48:35 GMT Content-Encoding gzip Last-Modified Sat, 25 Jul 2020 11:23:22 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=81286 Connection keep-alive Content-Length 11932 Expires Sun, 26 Jul 2020 11:23:22 GMT
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 202 B	93ms 92ms	Script application/x-javascript	23.37.38.214 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202007222226&cb=1595681315939 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.214 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:35 GMT last-modified Thu, 14 Apr 2016 16:57:51 GMT server AkamaiNetStorage etag "7bc0ee636b3b83484fc3b9348863bd22:1460653071" content-type application/x-javascript status 200 cache-control max-age=600 accept-ranges bytes content-length 2 expires Sat, 25 Jul 2020 12:58:35 GMT
GET H/1.1	200 OK	index.php Show response a.dpmsrv.com/dpmpxl/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=785406113196087521&pixelIndex=0&_=1595681315142 https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=785406113196087521&pixelIndex=0&_=1595681315142&google_gid=CAESED8_jbOSGs0sMBFiQpLdhLY&google_cver=1	0 598 B	122ms 120ms	Script text/javascript	34.192.142.95 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=785406113196087521&pixelIndex=0&_=1595681315142&google_gid=CAESED8_jbOSGs0sMBFiQpLdhLY&google_cver=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Access-Control-Max-Age 10 Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type text/javascript Access-Control-Allow-Headers content-type, accept Content-Length 0 Expires 0 Redirect headers pragma no-cache date Sat, 25 Jul 2020 12:48:35 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=785406113196087521&pixelIndex=0&_=1595681315142&google_gid=CAESED8_jbOSGs0sMBFiQpLdhLY&google_cver=1 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 367 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	451	423396.gif idsync.rlcdn.com/	0 42 B	150ms 150ms	Image text/plain	35.244.245.222 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/423396.gif?partner_uid=785406113196087521 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.245.222 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 451 date Sat, 25 Jul 2020 12:48:36 GMT via 1.1 google alt-svc clear content-length 0
GET H2	200	ping ping.chartbeat.net/	43 B 168 B	385ms 133ms	Image image/gif	54.172.203.45 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=cutimes.com&p=%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F&u=B9XeCqB6_fDRB_bSPl&d=cutimes.com&g=46802&g0=%7C%7C&g1=Mike%20Scarcella&n=1&f=00001&c=0&x=0&m=0&y=4404&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Ft.co%2F&b=3341&t=CRSWhxDHmUeaC1NQlwDlMfuICZ3nn9&V=120&i=Phishing%20Schemes%20Top%20COVID-19%20Digital%20Frauds%2C%20TransUnion%20Survey%20Says%20%7C%20Credit%20Union%20Times&tz=-120&sn=1&sv=BUaheHNRVJBCvKjzxBx-dy2DTYcRd&sr=https%3A%2F%2Ft.co%2F&sd=1&im=066b2e73&_ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.172.203.45 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 pragma no-cache date Sat, 25 Jul 2020 12:48:36 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 expires 0
GET H2	200	rules-p-tet4NLTPxSXJn.js Show response rules.quantcount.com/	3 KB 1 KB	28ms 7ms	Script application/x-javascript	2600:9000:2057:ae00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-tet4NLTPxSXJn.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:44:42 GMT content-encoding gzip last-modified Thu, 09 Mar 2017 01:28:01 GMT server AmazonS3 age 235 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=300 x-amz-cf-pop FRA6-C1 x-amz-cf-id xWdEZdVMwOT6gazTLFMW_W-6wi7qVPsKY22QVs2OCwJDKiK8XdRTgA== via 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 168 B	15ms 15ms	Script application/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.cutimes.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 168 B	16ms 14ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.cutimes.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:36 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020072001.js Show response securepubads.g.doubleclick.net/gpt/	253 KB 89 KB	37ms 36ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 Jul 2020 13:10:24 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91349 x-xss-protection 0 expires Sat, 25 Jul 2020 12:48:36 GMT
GET H2	200	s88859625722859 b.law.com/b/ss/almcut,almglobal/1/JS-1.6/	43 B 244 B	43ms 33ms	Image image/gif	15.236.9.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://b.law.com/b/ss/almcut,almglobal/1/JS-1.6/s88859625722859?AQB=1&ndh=1&pf=1&t=25%2F6%2F2020%2014%3A48%3A36%206%20-120&mid=81996246030566862080907168147360197224&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=cut%3Aarticle%3Aheg45ejmmim&g=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&r=https%3A%2F%2Ft.co%2F&cc=USD&ch=cut%3Aarticle%3Ablog&server=cut&v0=share_twitter&events=event4%2Cevent1%2Cevent3&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&l1=D%3Dc73&c7=undefined%20%7C%20undefined&c10=coronavirus%7C&v10=D%3Dc10&c11=heg45ejmmim&v11=D%3Dc11&c12=Phishing%20Schemes%20Top%20COVID-19%20Digital%20Frauds%2C%20TransUnion%20Survey%20Says&v12=D%3Dc12&c14=Mike%20Scarcella&v14=D%3Dc14&c15=CUT&v15=D%3Dc15&c16=registered&v16=D%3Dc16&v24=cut&c30=article&v30=D%3Dc30&c31=false&v31=false&c33=article%3Aregistered&v33=D%3Dc33&c40=22&c41=8%3A30am&v41=D%3Dc41&c42=saturday&v42=D%3Dc42&c50=413-169959&v50=413-169959&c51=Phishing%20Schemes%20Top%20COVID-19%20Digital%20Frauds%2C%20TransUnion%20Survey%20Says&v51=D%3Dc51&c61=2020-07-24&v61=D%3Dc61&c62=33&v62=33&c67=ACCESSBYFREEWREG&v67=D%3Dc67&c73=Analysis%7CCybersecurity%20and%20Privacy&v73=D%3Dc73&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT x-content-type-options nosniff x-c master-1315.Ia06625.M0-426 p3p CP="This is not a P3P policy" status 200 content-length 43 x-xss-protection 1; mode=block pragma no-cache last-modified Sun, 26 Jul 2020 12:48:36 GMT server jag xserver anedge-7447d85976-swdcl etag 3426699533614415872-4614331985522516195 vary * content-type image/gif;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private expires Fri, 24 Jul 2020 12:48:36 GMT
GET H/1.1	200 OK	01738604997e009d79e829d77f7000078009107000b08 Show response visitor-service-eu-central-1.tealiumiq.com/alm/main/	27 B 324 B	113ms 22ms	Script application/javascript	35.156.59.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://visitor-service-eu-central-1.tealiumiq.com/alm/main/01738604997e009d79e829d77f7000078009107000b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1595681316127 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.59.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Version 2102b23187ef247cb7ff05459f63de9dd5c2c899-SNAPSHOT Strict-Transport-Security max-age=31536000; includeSubdomains X-Region eu-central-1 Connection keep-alive Content-Length 27 X-NodeId i-03815725896ecb72c Content-Type application/javascript; charset=utf-8
GET H2	200	pixel;r=1891186389;labels=ALM%20Financial.Credit%20Union%20Times;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-... pixel.quantserve.com/	35 B 371 B	12ms 7ms	Image image/gif	2620:116:800d:21:36a9:ecb:e518:b308 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=1891186389;labels=ALM%20Financial.Credit%20Union%20Times;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832;ref=https%3A%2F%2Ft.co%2F;fpan=1;fpa=P0-282000917-1595681316135;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;d=cutimes.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1595681316135;tzo=-120;ogl=type.article%2Ctitle.Phishing%20Schemes%20Top%20COVID-19%20Digital%20Frauds%252C%20TransUnion%20Survey%20Says%20%7C%20Credit%20Un%2Csite_name.Credit%20Union%20Times%2Curl.https%3A%2F%2Fwww%252Ecutimes%252Ecom%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-%2Cimage.https%3A%2F%2Fimages%252Ecutimes%252Ecom%2Fcontrib%2Fcontent%2Fuploads%2Fsites%2F413%2F2020%2F07%2Fcybersecuri%2Cdescription.A%20new%20survey%20shows%20fraudsters%20are%20increasingly%20trying%20to%20take%20advantage%20of%20this%20 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:36 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" status 200 cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
POST H2	202	pageview Show response api.sail-track.com/v1/track/event/	120 B 348 B	122ms 119ms	Fetch application/json	75.2.104.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-track.com/v1/track/event/pageview Requested by Host: ak.sail-horizon.com URL: https://ak.sail-horizon.com/spm/spm.v1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.104.6 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 56360bbaadc3a40d439910fe5cb6834465cb1eecef9b5576852adad12e8b4bb4 Request headers Accept application/json Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 X-Lib-Version v1.0.1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Bearer bbe35466469593b785eef4ab32700018 Content-Type application/json Response headers date Sat, 25 Jul 2020 12:48:36 GMT allowedorigins * status 202 content-type application/json access-control-allow-origin * access-control-allow-credentials true allowedheaders Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin content-length 120 allowedmethods GET,OPTIONS
GET H2	200	initialize Show response api.sail-personalize.com/v1/personalize/	92 B 333 B	143ms 142ms	Fetch application/json	99.83.154.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0&page=cmp%3Dshare_twitter&page=slreturn%3D20200625084832 Requested by Host: ak.sail-horizon.com URL: https://ak.sail-horizon.com/spm/spm.v1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.154.140 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a49cee57880eae82ae465f9c660b1d26531425a54295175eec53e085d88d3a61 Request headers accept application/json Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 x-lib-version v1.0.1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 x-referring-url https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 authorization Bearer bbe35466469593b785eef4ab32700018 content-type application/json Response headers date Sat, 25 Jul 2020 12:48:36 GMT allowedorigins * status 200 vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-allow-credentials true allowedheaders Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin content-length 92 allowedmethods GET,OPTIONS
POST H2	202	pageview Show response api.sail-track.com/v1/track/event/	120 B 348 B	119ms 117ms	Fetch application/json	75.2.104.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-track.com/v1/track/event/pageview Requested by Host: ak.sail-horizon.com URL: https://ak.sail-horizon.com/spm/spm.v1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.104.6 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 169d1d1636e16ad9c891515de97e3c3e906d0b07387ff80c93e61adc4523c9fa Request headers Accept application/json Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 X-Lib-Version v1.0.1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Bearer 2ade0f4fc48d975844a60d5bcb4e9650 Content-Type application/json Response headers date Sat, 25 Jul 2020 12:48:36 GMT allowedorigins * status 202 content-type application/json access-control-allow-origin * access-control-allow-credentials true allowedheaders Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin content-length 120 allowedmethods GET,OPTIONS
GET H2	200	initialize Show response api.sail-personalize.com/v1/personalize/	92 B 333 B	141ms 141ms	Fetch application/json	99.83.154.140 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.sail-personalize.com/v1/personalize/initialize?pageviews=2&isMobile=0&page=cmp%3Dshare_twitter&page=slreturn%3D20200625084832 Requested by Host: ak.sail-horizon.com URL: https://ak.sail-horizon.com/spm/spm.v1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.154.140 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 04fe05b597d980e9236259453d06c078498fbcd81bd7ba6bd6c9fc7a4237c318 Request headers accept application/json Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 x-lib-version v1.0.1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 x-referring-url https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 authorization Bearer 2ade0f4fc48d975844a60d5bcb4e9650 content-type application/json Response headers date Sat, 25 Jul 2020 12:48:36 GMT allowedorigins * status 200 vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-allow-credentials true allowedheaders Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin content-length 92 allowedmethods GET,OPTIONS
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 869 B	50ms 49ms	XHR application/json	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:36 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.105:80 AN-X-Request-Uuid 6bbee0c9-e069-4e6a-aeb3-ff8c42cda620 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.cutimes.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	/ Show response ghb.adtelligent.com/v2/auction/	2 B 242 B	176ms 50ms	XHR application/json	62.149.23.112 COLOCALL Internet...
General Check archive.org Show headers Download Go to Full URL https://ghb.adtelligent.com/v2/auction/ Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA), Reverse DNS Software VertaMedia 1.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:35 GMT Access-Control-Allow-Credentials true Server VertaMedia 1.0 Content-Length 2 Content-Type application/json; charset=UTF-8
POST H/1.1	200 OK	/ Show response colossusssp.com/	2 B 227 B	469ms 237ms	XHR application/json	88.214.194.64 NATCOWEB
General Check archive.org Show headers Download Go to Full URL https://colossusssp.com/?c=o&m=multi Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:36 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Content-Type application/json
POST H2	200	adreq Show response ads.servenobid.com/	110 B 380 B	146ms 50ms	XHR application/json	52.31.203.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=5339 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.203.53 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f8ffb5cb071f59ed2aacdaee2e14067f68e3b74db6a7f5ca17ab4096a5d21590 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding gzip amp-access-control-allow-source-origin * status 200 vary accept-encoding content-type application/json access-control-allow-origin https://www.cutimes.com access-control-expose-headers AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials true
POST H2	200	adreq Show response ads.servenobid.com/	110 B 380 B	167ms 75ms	XHR application/json	52.31.203.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=9583 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.203.53 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f8ffb5cb071f59ed2aacdaee2e14067f68e3b74db6a7f5ca17ab4096a5d21590 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding gzip amp-access-control-allow-source-origin * status 200 vary accept-encoding content-type application/json access-control-allow-origin https://www.cutimes.com access-control-expose-headers AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials true
POST H/1.1	200 OK	/ Show response colossusssp.com/	2 B 227 B	471ms 246ms	XHR application/json	88.214.194.64 NATCOWEB
General Check archive.org Show headers Download Go to Full URL https://colossusssp.com/?c=o&m=multi Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:36 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Content-Type application/json
POST H/1.1	200 OK	/ Show response ghb1.adtelligent.com/v2/auction/	2 B 242 B	158ms 47ms	XHR application/json	62.149.23.112 COLOCALL Internet...
General Check archive.org Show headers Download Go to Full URL https://ghb1.adtelligent.com/v2/auction/ Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA), Reverse DNS Software VertaMedia 1.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:35 GMT Access-Control-Allow-Credentials true Server VertaMedia 1.0 Content-Length 2 Content-Type application/json; charset=UTF-8
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 869 B	86ms 41ms	XHR application/json	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:36 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80 AN-X-Request-Uuid 3d97fb85-1694-42bb-8cc2-d3c091fa5ccb Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.cutimes.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	adreq Show response ads.servenobid.com/	110 B 380 B	121ms 46ms	XHR application/json	52.31.203.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=10689 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.203.53 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f8ffb5cb071f59ed2aacdaee2e14067f68e3b74db6a7f5ca17ab4096a5d21590 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding gzip amp-access-control-allow-source-origin * status 200 vary accept-encoding content-type application/json access-control-allow-origin https://www.cutimes.com access-control-expose-headers AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials true
POST H/1.1	200 OK	/ Show response ghb2.adtelligent.com/v2/auction/	2 B 242 B	175ms 48ms	XHR application/json	62.149.23.112 COLOCALL Internet...
General Check archive.org Show headers Download Go to Full URL https://ghb2.adtelligent.com/v2/auction/ Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA), Reverse DNS Software VertaMedia 1.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:35 GMT Access-Control-Allow-Credentials true Server VertaMedia 1.0 Content-Length 2 Content-Type application/json; charset=UTF-8
POST H/1.1	200 OK	/ Show response colossusssp.com/	2 B 227 B	461ms 241ms	XHR application/json	88.214.194.64 NATCOWEB
General Check archive.org Show headers Download Go to Full URL https://colossusssp.com/?c=o&m=multi Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:36 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Content-Type application/json
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 869 B	68ms 37ms	XHR application/json	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:36 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80 AN-X-Request-Uuid 69ca4b35-ac66-4068-95d1-4e7e64a8ab2f Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.cutimes.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	/ Show response colossusssp.com/	2 B 227 B	467ms 241ms	XHR application/json	88.214.194.64 NATCOWEB
General Check archive.org Show headers Download Go to Full URL https://colossusssp.com/?c=o&m=multi Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:36 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Content-Type application/json
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 869 B	107ms 50ms	XHR application/json	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:36 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.147:80 AN-X-Request-Uuid 012a85df-8713-4921-95ca-b234d2bfb734 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.cutimes.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	adreq Show response ads.servenobid.com/	110 B 380 B	83ms 50ms	XHR application/json	52.31.203.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=6470 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.203.53 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f8ffb5cb071f59ed2aacdaee2e14067f68e3b74db6a7f5ca17ab4096a5d21590 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding gzip amp-access-control-allow-source-origin * status 200 vary accept-encoding content-type application/json access-control-allow-origin https://www.cutimes.com access-control-expose-headers AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials true
POST H/1.1	200 OK	/ Show response ghb.adtelligent.com/v2/auction/	2 B 242 B	154ms 52ms	XHR application/json	62.149.23.112 COLOCALL Internet...
General Check archive.org Show headers Download Go to Full URL https://ghb.adtelligent.com/v2/auction/ Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA), Reverse DNS Software VertaMedia 1.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:35 GMT Access-Control-Allow-Credentials true Server VertaMedia 1.0 Content-Length 2 Content-Type application/json; charset=UTF-8
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	5 KB 2 KB	77ms 67ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=position%3Dfooter&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316555&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=5672&adks=2371063288&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5762&msz=1600x90&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 815924e02da0b4c418791810e12ae5478fa08798a9cd7b45bce3aa400db40380 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2360 x-xss-protection 0 google-lineitem-id 4594036698 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138226581719 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 4fdfc4907535713eb7dd139b7a91a2dc.safeframe.googlesyndication.com/safeframe/1-0-37/html/	0 0	42ms 13ms	Other text/html	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://4fdfc4907535713eb7dd139b7a91a2dc.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	6ms 5ms	Other text/html	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	415 B 322 B	62ms 62ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=position%3Dinterstitial&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316587&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=0&adks=419292006&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5762&msz=1600x1&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 424b140775bf46978ac4f3d60b2b07b9f070958f1641a9eaab9acefeb1401b31 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 218 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	5 KB 3 KB	66ms 62ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=645x300&prev_scp=position%3Dd_footer&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316592&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=210&adys=5136&adks=1173035932&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x300&msz=1180x300&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fa577efee71a323335a65ed0ddf0db42ad1b8535a6ccda8b0f6e89543bb71fca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2755 x-xss-protection 0 google-lineitem-id 4598612399 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138226921347 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	5 KB 2 KB	63ms 62ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x450&prev_scp=position%3Dd_right_rail&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316598&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=1071&adys=1930&adks=1353272240&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=318x450&msz=318x450&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 98220a09e926ceb4c4cf458b0b72f8d764892d2d5a7e13ce75875740a20ba5b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2411 x-xss-protection 0 google-lineitem-id 4583767874 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138225750724 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	419 B 305 B	65ms 62ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1400x320&prev_scp=position%3Dsuper_hero&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316606&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=100&adys=1&adks=3433077344&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x320&msz=1600x320&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40bcc3c4789e562878cfd55e9b5054dcc6fe4626df73fbde9d0c7ec768986e9f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 219 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	419 B 302 B	58ms 57ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=640x480%7C728x600&prev_scp=position%3Dscroll&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316613&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=283&adys=2550&adks=2016818812&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=773x660&msz=773x480&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 76ca04fc24d7ee51993b8c67bb38a8de4cea0c98717c98e01ad09f81854dfd93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 219 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	6 KB 3 KB	62ms 60ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x2&prev_scp=position%3Dnative_single1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316626&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=286&adys=3938&adks=4226360967&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=723x2&msz=723x2&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7182b33493441a1e969b207f0b1e41ac4c4016fa4f5a334de67bdc479e231552 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3285 x-xss-protection 0 google-lineitem-id 5429561948 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138318142570 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	418 B 306 B	55ms 55ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1090x95&prev_scp=position%3Des_pushdown&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316639&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=255&adys=552&adks=653238662&ucis=8&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5762&msz=1600x95&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 374218083b748c347cfcb0afcd0ab6600b9a236429fa8cc98b74d5873b5f32e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 220 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	415 B 318 B	60ms 58ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&prev_scp=position%3Des_logo_pushdown&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316644&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=260&adys=511&adks=1671947513&ucis=9&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5762&msz=1080x31&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 45a244f1b334046090fe6351324e66de78f5c11b4a3db55d7ec0555f79c1ee91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 216 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	419 B 309 B	56ms 55ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x400&prev_scp=position%3Des_rr_module&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316702&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=1071&adys=1479&adks=3456095965&ucis=a&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=318x431&msz=318x400&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2cc922cf0d90cfdbe5f14944aa6169586db704e0f99c2ab2fe770133e756661c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 223 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	415 B 302 B	61ms 60ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&prev_scp=position%3Des_logo_rr&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316722&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=1071&adys=1448&adks=153506413&ucis=b&ifi=11&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=318x431&msz=318x31&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 65b797f7d2e440a5110903340ea150371f14afc5f7e5a3de9f9d6f516814a4c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 215 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	415 B 302 B	55ms 53ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&prev_scp=position%3Des_sponsorship_logo&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1595681316&dt=1595681316738&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=210&adys=707&adks=988877506&ucis=c&ifi=12&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x282&msz=1180x31&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b13f50e2f283734b5fa39ef75356f852c5df12591098db8e456f658da11f13f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 217 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	utsync.ashx Show response ml314.com/	644 B 1 KB	46ms 45ms	Script application/javascript	34.240.148.251 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&pv=1595681316754_ueb4fuhei&bl=en-us&cb=6084288&return=&ht=&d=&dc=&si=1595681316754_ueb4fuhei&cid=Analysis%7CCybersecurity%20and%20Privacy&s=1600x1200&rp=https%3A%2F%2Ft.co%2F Requested by Host: ml314.com URL: https://ml314.com/tag.aspx?256 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b941ffc6bb69b77adbf78c1cb93cf590d695204705c119255e52b474c71068ca Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:36 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control private Connection keep-alive Content-Type application/javascript; charset=utf-8 Content-Length 468 Expires 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	26ms 23ms	XHR application/json	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a20613c5b43cf15e809fcd273440cc63e09eb078b85044b0a2abf474e2abd2e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:36 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5714 x-xss-protection 0
POST H2	200	adreq Show response ads.servenobid.com/	110 B 380 B	57ms 56ms	XHR application/json	52.31.203.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=5560 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.203.53 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f8ffb5cb071f59ed2aacdaee2e14067f68e3b74db6a7f5ca17ab4096a5d21590 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Sat, 25 Jul 2020 12:48:36 GMT content-encoding gzip amp-access-control-allow-source-origin * status 200 vary accept-encoding content-type application/json access-control-allow-origin https://www.cutimes.com access-control-expose-headers AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials true
POST H/1.1	200 OK	/ Show response ghb1.adtelligent.com/v2/auction/	2 B 242 B	61ms 60ms	XHR application/json	62.149.23.112 COLOCALL Internet...
General Check archive.org Show headers Download Go to Full URL https://ghb1.adtelligent.com/v2/auction/ Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA), Reverse DNS Software VertaMedia 1.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:36 GMT Access-Control-Allow-Credentials true Server VertaMedia 1.0 Content-Length 2 Content-Type application/json; charset=UTF-8
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 714 B	45ms 45ms	XHR application/json	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:36 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80 AN-X-Request-Uuid d03877c7-19e1-43ea-a502-8ab8b76408fe Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.cutimes.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	/ Show response colossusssp.com/	2 B 227 B	167ms 167ms	XHR application/json	88.214.194.64 NATCOWEB
General Check archive.org Show headers Download Go to Full URL https://colossusssp.com/?c=o&m=multi Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:37 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Content-Type application/json
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	49 KB 11 KB	444ms 424ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Dtop&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie=ID%3Deb656e40ec4095eb%3AT%3D1595681316%3AS%3DALNI_MZdcd2CjkE_AJ5WuIiCFk3dYd9PzQ&bc=31&abxe=1&lmt=1595681316&dt=1595681316948&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=210&adys=210&adks=504350775&ucis=d&ifi=13&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x150&msz=1180x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0c97374c3c21942148a9436aaae4ca24a4c48b7b4cd06fe23f25f4708866b953 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11397 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	/ Show response ghb2.adtelligent.com/v2/auction/	2 B 242 B	53ms 51ms	XHR application/json	62.149.23.112 COLOCALL Internet...
General Check archive.org Show headers Download Go to Full URL https://ghb2.adtelligent.com/v2/auction/ Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA), Reverse DNS Software VertaMedia 1.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:36 GMT Access-Control-Allow-Credentials true Server VertaMedia 1.0 Content-Length 2 Content-Type application/json; charset=UTF-8
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 714 B	43ms 42ms	XHR application/json	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:37 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.41:80 AN-X-Request-Uuid 86443ed3-5b1a-4ed3-b724-80b856e92a14 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.cutimes.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	adreq Show response ads.servenobid.com/	110 B 371 B	69ms 44ms	XHR application/json	52.31.203.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=9393 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.203.53 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f8ffb5cb071f59ed2aacdaee2e14067f68e3b74db6a7f5ca17ab4096a5d21590 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip amp-access-control-allow-source-origin * status 200 vary accept-encoding content-type application/json access-control-allow-origin https://www.cutimes.com access-control-expose-headers AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials true
POST H/1.1	200 OK	/ Show response colossusssp.com/	2 B 227 B	163ms 160ms	XHR application/json	88.214.194.64 NATCOWEB
General Check archive.org Show headers Download Go to Full URL https://colossusssp.com/?c=o&m=multi Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.cutimes.com Date Sat, 25 Jul 2020 12:48:37 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Content-Type application/json
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	12 KB 6 KB	604ms 599ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Dtop1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie=ID%3Deb656e40ec4095eb%3AT%3D1595681316%3AS%3DALNI_MZdcd2CjkE_AJ5WuIiCFk3dYd9PzQ&bc=31&abxe=1&lmt=1595681317&dt=1595681317042&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=210&adys=3287&adks=3614650665&ucis=e&ifi=14&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=57&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x150&msz=1180x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9315475a3fbbbf98b979c44f95e55e5a73b043905d2557dbfb18195f2c2628a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5676 x-xss-protection 0 google-lineitem-id 5175869470 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138288014266 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame A122	0 0	72ms 71ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSBtUv3WMeDbBpD2E_0QgYsSdmEoiAznwDkt6_j94IBaNN21WF--S7SPsO4LRdkCy4NyM8mnNu9c1QKO8860BXZA3LgNbymgH4WmIUvm9Daj_41VGH-gB2lY12G1omrfztpZoAWa3FcGAvnQQS-Ab3PLiGBJ_qD8Z2ZdCak8Y5Cqo7Cu2owbY3Ca9y6tQfDSZDO7SZXouxj8Oh0fVc_Q_YSElm2FhVXUvenkK0NsOzAfEhC3pjCIMP_3dQO5HmlMHGNxe7FYIgxXz73Uw5vruJsI85&sig=Cg0ArKJSzMc_-Yn1fkr5EAE&urlfix=1&adurl= Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:37 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame A122	73 KB 28 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1595419060626807" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28380 x-xss-protection 0 expires Sat, 25 Jul 2020 12:48:37 GMT
GET H2	200	moatad.js Show response z.moatads.com/almdfp680616975594/ Frame A122	284 KB 97 KB	88ms 87ms	Script application/x-javascript	92.122.255.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/almdfp680616975594/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AmazonS3 / Resource Hash 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip last-modified Fri, 10 Jul 2020 17:53:59 GMT server AmazonS3 x-amz-request-id 51925B4670AE0FCB etag "d2ef9f7d6daa54e46dc7e01ff0592da6" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=32386 accept-ranges bytes content-length 98432 x-amz-id-2 KxHHJXCEyrcmqpZELTfpDZnSCcciKdaMGpmyUBcCPY64IeJbiSSuOuLuGurSg5K/DdggpZUrfZo=
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	72 KB 27 KB	59ms 55ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1595419060626807" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27216 x-xss-protection 0 expires Sat, 25 Jul 2020 12:48:37 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 95A7	0 0	67ms 63ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK6YlcguwO1R32y4c_t33p54-hvSL6Y-gfkL46RZCRmrCQWfIawixgiGHkHZryYW4e3vx61Db-saf2Hj_jUWO96e2kD06KckSS15sFXArpazJ0egZypL5Xy2q5I10f_DryPCPqrQw5FTv7SsDXNANvPv8MMMuoP1fD6KR_7Eeh3uVrDGihYnGec24rh0r3hy1xBcclFsA5wsG20CsstS-fl0NnclUY3GyOgbCkKotCpPdSQrh4lj2RzUVRPsEp9FSgbozneBvCILAbK8N2mTNmjBBS&sig=Cg0ArKJSzMMA-gSji1YjEAE&urlfix=1&adurl= Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:37 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	smart_cutimes.epl www.dianomi.com/ Frame 3FA9	0 0	150ms 84ms	Document text/html	104.18.22.230 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832 Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.dianomi.com :scheme https :path /smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers status 200 date Sat, 25 Jul 2020 12:48:37 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d36d329a6db215ce9e241f128124a64381595681317; expires=Mon, 24-Aug-20 12:48:37 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax x-content-type-options nosniff x-xss-protection 1; mode=block access-control-allow-origin * access-control-allow-credentials true expires now pragma no-cache cache-control no-cache,no-store,private link </img/a/pss/2232/12.css>;rel=preload;as=style cf-cache-status DYNAMIC cf-request-id 04279db93b0000cc3e492a0200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5b85ff085f97cc3e-ZRH content-encoding br cf-h2-pushed </img/a/pss/2232/12.css>
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 95A7	73 KB 28 KB	50ms 50ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1595419060626807" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28380 x-xss-protection 0 expires Sat, 25 Jul 2020 12:48:37 GMT
GET H2	200	moatad.js Show response z.moatads.com/almdfp680616975594/ Frame 95A7	284 KB 97 KB	40ms 39ms	Script application/x-javascript	92.122.255.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/almdfp680616975594/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AmazonS3 / Resource Hash 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip last-modified Fri, 10 Jul 2020 17:53:59 GMT server AmazonS3 x-amz-request-id 51925B4670AE0FCB etag "d2ef9f7d6daa54e46dc7e01ff0592da6" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=49663 accept-ranges bytes content-length 98432 x-amz-id-2 KxHHJXCEyrcmqpZELTfpDZnSCcciKdaMGpmyUBcCPY64IeJbiSSuOuLuGurSg5K/DdggpZUrfZo=
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DEBD	0 0	8ms 6ms	Document text/html	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /safeframe/1-0-37/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html timing-allow-origin * content-length 2973 date Sat, 25 Jul 2020 11:49:49 GMT expires Sun, 25 Jul 2021 11:49:49 GMT last-modified Thu, 21 Nov 2019 16:01:11 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 3528 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame A152	0 0	77ms 60ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHPNkBf1AVnv9vEnwA8roesEM1rFhgudCBPe8f3EombCZ-FJRQOidrpjet91rFJi8CvVavJkflPN7P9A2SL8PCKsrGGQ8fcnrT1-UMZdjz_NfGNpijQd-QxorgIXfu5ARuIabZC9_F5LKVlfSpKTq1Z7At4B0lP0X0ZqG63EWpdyyRqP5J3zIaAjSMnX8U7ev1Ucrm8hPoPgIamcng4Vom_Ds2y3qEUVEdbKYH75Rj45RO_ce44Vz8EOIlRJeiiYdhFebu0ekmvCdWkvqnZ7fJdcAlDw&sig=Cg0ArKJSzEtQgPyBZmjOEAE&urlfix=1&adurl= Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:37 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	creative.js Show response static.polarcdn.com/creative/ Frame A152	334 KB 125 KB	140ms 51ms	Script application/javascript	2606:4700::6813:f77e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.polarcdn.com/creative/creative.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:f77e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b050fe43a5b0f1d2ef7358b0f5ac5d0c5fa1c31fefb08fe220b642b03e13acd Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip cf-cache-status HIT age 961 cf-ray 5b85ff08faea074a-FRA status 200 content-type application/javascript content-length 127325 cf-request-id 04279db99f0000074a67b79200000001 access-control-allow-origin * last-modified Fri, 24 Jul 2020 21:32:30 GMT server cloudflare cache-control max-age=10800 etag W/"5f1b536e-5365b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS x-varnish 567946961 567946953 via 1.1 varnish access-control-expose-headers CF-IPCountry cf-ipcountry DE access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Sat, 25 Jul 2020 15:32:36 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame A152	73 KB 28 KB	60ms 43ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1595419060626807" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28380 x-xss-protection 0 expires Sat, 25 Jul 2020 12:48:37 GMT
GET H2	200	moatad.js Show response z.moatads.com/almdfp680616975594/ Frame A152	284 KB 97 KB	52ms 36ms	Script application/x-javascript	92.122.255.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/almdfp680616975594/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AmazonS3 / Resource Hash 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip last-modified Fri, 10 Jul 2020 17:53:59 GMT server AmazonS3 x-amz-request-id 51925B4670AE0FCB etag "d2ef9f7d6daa54e46dc7e01ff0592da6" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=32386 accept-ranges bytes content-length 98432 x-amz-id-2 KxHHJXCEyrcmqpZELTfpDZnSCcciKdaMGpmyUBcCPY64IeJbiSSuOuLuGurSg5K/DdggpZUrfZo=
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	12 KB 6 KB	434ms 432ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3Dmiddle&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie=ID%3De001b9b72a225c34%3AT%3D1595681316%3AS%3DALNI_MZumfhXltclNmsRxRSzeJggWvhuWA&bc=31&abxe=1&lmt=1595681317&dt=1595681317224&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=1071&adys=1010&adks=1517191711&ucis=f&ifi=15&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=58&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=318x250&msz=318x250&psts=AGkb-H8Exnmy-WsLh9OUMxq-fKwsIdUnSOusUt-fMjCWirpBmweZ2tr9YbqJBXa4ynl6tcZ2HoXocoHH4d07MafVAnX_9g%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_GFBdQcXO6Yd4dV9_6HKrLF63ty-Fo3hGvtJS-bkbta1yBNW0YIYgOBml27t_CMfsI2RXFOoDHFdBSFc-HDF3P3Q%2CAGkb-H93lPy0FyvX5vumeywyi_jDRNokbryCcouNjUHV7661ojVDy3hTPhViewfquLIzyfE1IvWZCzbWHdlc5YNNCiCAUg%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_AKiPzMoQBplps4m15kkaXIxttFTEjuk8j3qmlwBR4zmB8VTQYTlDUycFMRuMToX6MPi0VGKtObo03YOWWJQHWrg%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fa9ca04a8e5e4d2822f76acf3f8c3104533c95b2b219ed0e57ed466e8db891b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5507 x-xss-protection 0 google-lineitem-id 5223456239 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138299068990 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	42 KB 11 KB	614ms 586ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2293835535520357&correlator=3419206167750927&output=ldjh&impl=fifs&adsid=NT&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200725&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=position%3Dmiddle1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26source%3DCUT%26id%3Dheg45ejmmim%26topic%3Dcoronavirus%252C%26ref_url%3Dt.co%252F%26page_number%3D1&cookie=ID%3De001b9b72a225c34%3AT%3D1595681316%3AS%3DALNI_MZumfhXltclNmsRxRSzeJggWvhuWA&bc=31&abxe=1&lmt=1595681317&dt=1595681317246&dlt=1595681314061&idt=2256&frm=20&biw=1600&bih=1200&oid=3&adxs=1071&adys=1290&adks=1040541319&ucis=g&ifi=16&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&ref=https%3A%2F%2Ft.co%2F&dssz=58&icsg=705641664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=318x250&msz=318x250&psts=AGkb-H8Exnmy-WsLh9OUMxq-fKwsIdUnSOusUt-fMjCWirpBmweZ2tr9YbqJBXa4ynl6tcZ2HoXocoHH4d07MafVAnX_9g%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_GFBdQcXO6Yd4dV9_6HKrLF63ty-Fo3hGvtJS-bkbta1yBNW0YIYgOBml27t_CMfsI2RXFOoDHFdBSFc-HDF3P3Q%2CAGkb-H93lPy0FyvX5vumeywyi_jDRNokbryCcouNjUHV7661ojVDy3hTPhViewfquLIzyfE1IvWZCzbWHdlc5YNNCiCAUg%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_AKiPzMoQBplps4m15kkaXIxttFTEjuk8j3qmlwBR4zmB8VTQYTlDUycFMRuMToX6MPi0VGKtObo03YOWWJQHWrg%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=481219967.1595681317&ga_sid=1595681317&ga_hid=1759520745&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 054b1454e12c5fc31a9aa428607e11a3ecc0c2325d096830e4429f4f6ad8921d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10565 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.cutimes.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 6 KB	66ms 44ms	Script text/javascript	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Sat, 25 Jul 2020 12:48:37 GMT
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Redirect Chain https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3611937282197553224&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3611937282197553224&redir=	42 B 915 B	46ms 46ms	Image image/gif	54.76.175.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3611937282197553224&redir= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.175.152 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers DCS dcs-prod-irl1-v075-0c7df2bdc.edge-irl1.demdex.com 5.74.0.20200706134429 1ms (+1ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-TID yEJCyOObTu8= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID 6DoEHEHtR8s= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3611937282197553224&redir= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://idsync.rlcdn.com/395886.gif?partner_uid=3611937282197553224 https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMTkzNzI4MjE5NzU1MzIyNBAAGg0IpdTw-AUSBQjoBxAAQgBKAA https://ml314.com/csync.ashx?fp=c05053054c259f0890c448bf244a3bd7177d2bbfba1a3a9f943f3955baeacec3f4cb09cee1a4f8eb&person_id=3611937282197553224&eid=50082	43 B 312 B	42ms 42ms	Image image/gif	34.240.148.251 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=c05053054c259f0890c448bf244a3bd7177d2bbfba1a3a9f943f3955baeacec3f4cb09cee1a4f8eb&person_id=3611937282197553224&eid=50082 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 25 Jul 2020 12:48:37 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Sun, 26 Jul 2020 08:48:38 GMT Redirect headers date Sat, 25 Jul 2020 12:48:37 GMT via 1.1 google status 307 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ml314.com/csync.ashx?fp=c05053054c259f0890c448bf244a3bd7177d2bbfba1a3a9f943f3955baeacec3f4cb09cee1a4f8eb&person_id=3611937282197553224&eid=50082 cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET H/1.1	200 OK	utsync.ashx ml314.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 https://ml314.com/utsync.ashx?eid=53819&et=0&fp=e241e8d8-fd32-4de0-a27d-1d4b7fc2d90a	43 B 816 B	44ms 43ms	Image image/gif	34.240.148.251 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/utsync.ashx?eid=53819&et=0&fp=e241e8d8-fd32-4de0-a27d-1d4b7fc2d90a Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:37 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Cache-Control private Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0,Sun, 26 Jul 2020 08:48:37 GMT Redirect headers pragma no-cache date Sat, 25 Jul 2020 12:48:37 GMT x-aspnet-version 4.0.30319 status 302 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://ml314.com/utsync.ashx?eid=53819&et=0&fp=e241e8d8-fd32-4de0-a27d-1d4b7fc2d90a cache-control private,no-cache, must-revalidate content-type text/html content-length 199
GET H/1.1	200 OK	csync.ashx ml314.com/ Redirect Chain https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3611937282197553224 https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3611937282197553224 https://ml314.com/csync.ashx?fp=27f1062f559652f1c328ffbf76025bd6&eid=50146&person_id=3611937282197553224	43 B 312 B	100ms 44ms	Image image/gif	34.240.148.251 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=27f1062f559652f1c328ffbf76025bd6&eid=50146&person_id=3611937282197553224 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.148.251 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 25 Jul 2020 12:48:37 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type image/gif Cache-Control private Connection keep-alive Content-Length 43 Expires Sun, 26 Jul 2020 08:48:37 GMT Redirect headers pragma no-cache date Sat, 25 Jul 2020 12:48:37 GMT status 302 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://ml314.com/csync.ashx?fp=27f1062f559652f1c328ffbf76025bd6&eid=50146&person_id=3611937282197553224 cache-control no-cache x-server 10.45.18.204 content-length 0 expires 0
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2OoTxh3nNclEu35LYYv7S9inEpRN3paJYZQTBrXIzOV8&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p... https://ml314.com/csync.ashx?fp=2OoTxh3nNclEu35LYYv7S9inEpRN3paJYZQTBrXIzOV8&person_id=3611937282464940125&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre... https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20	70 B 440 B	26ms 21ms	Image image/gif	18.184.216.10 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 25 Jul 2020 12:48:38 GMT Content-Type image/gif Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Date Sat, 25 Jul 2020 12:48:37 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type text/html; charset=utf-8 Location https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20 Cache-Control private Connection keep-alive Content-Length 193 Expires Sun, 26 Jul 2020 08:48:38 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 95A7	0 61 B	77ms 65ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBAUrqUDBQjpQ7HwC8TET2PPKu4JfUg1Jm5Fl0V71rGyFLsw7FYEUe2ifSR9o9e2M21RTqPfuudFAb6t3IiFvPPm2Ca3Idm4H4phWMfIgQzyPagbYIHftYCDcfF6wUaHtKBrbFKa9PzDcfEHS2LFLWgdxzHUmWHFxR2829-PI4i9ue60yMdKtM9s2leCGkaeEXKYd9ww061s7WqN5LtQkiZzZ8wBQ1Xm2t9pHTXXqenpQUHd72Xm4kQTEAPArtuxJcHWbS4E1aKgRjbnDG51sSdExVzYo&sig=Cg0ArKJSzKJQmiIUOwVkEAE&urlfix=1&adurl= Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:37 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	37ms 36ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=https%3A%2F%2Ft.co&t=1595681317527&de=936231552213&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=2&cb=0&ym=0&cu=1595681317527&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4481724681%3A2255325031%3A4594036698%3A138226581719&zMoatMData=1&zMoatPS=footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3379%3A3379%3A3342%3A2579&tz=footer&iq=na&tt=na&tu=1&fs=182630&na=1022010293&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:37 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:37 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame A122	0 61 B	61ms 58ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBAAVPOUETdMbFkOAIJ0N_UgKmxUF_VTux5jK0cxIZtTdNfHgrOJ_FWeScuQe3JuMPBEF2wEy3PMRAfQzkvDeLekbaE1_lvqOz0MeZrHGyWLZCNl7pvNENOZLnxRQJ6_yoZdPp_1zJcDY07hmkV_H9y3CdJmCoiJ97_TS2CyTxUA1o0jiYdVUmqJV8eW12LqDvqmJvFFz1E2vdPTrmJRglkEiSDLumfc1VK1_dW6xxdteqkVMWfcUmVdhlzICKcR5xtci4Wqj0B0_bYBzq1rhBG1KOSUU&sig=Cg0ArKJSzK09hDRN30E1EAE&urlfix=1&adurl= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:37 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 95A7	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8987acfab4d39aa0386d988a07e955cf5f66b3316e9b8049869902008a613bdc Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012007102309000/ Frame 4984	206 KB 56 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d719a7b7ef17ad476a644a196c6130ed955f5ab06f7bac34632f44d4772bfe5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 13501 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57400 x-xss-protection 0 server sffe date Sat, 25 Jul 2020 09:03:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "83969d63ffc70a02" accept-ranges bytes timing-allow-origin * expires Sun, 25 Jul 2021 09:03:36 GMT
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/012007102309000/v0/ Frame 4984	16 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/v0/amp-ad-exit-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c37a95b0e695cc2780bf005cba745b7b2ca2215765981eba876c61116a667a51 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 195783 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5907 x-xss-protection 0 server sffe date Thu, 23 Jul 2020 06:25:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "86843ca20da1a159" accept-ranges bytes timing-allow-origin * expires Fri, 23 Jul 2021 06:25:34 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012007102309000/v0/ Frame 4984	96 KB 29 KB	14ms 12ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de2181a33594f9109e9e48ecf4d5431585340ad5d9a3ba7ab57939f5afe90d32 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 13498 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29729 x-xss-protection 0 server sffe date Sat, 25 Jul 2020 09:03:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "b208119f1c2c4cc7" accept-ranges bytes timing-allow-origin * expires Sun, 25 Jul 2021 09:03:39 GMT
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/012007102309000/v0/ Frame 4984	4 KB 2 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/v0/amp-fit-text-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ed2a44dca895d6c3965597e27ffdd09e0c29c8b9838dc85f29c6fa1deb9c8b2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 195783 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1786 x-xss-protection 0 server sffe date Thu, 23 Jul 2020 06:25:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "641cef4d262e64f8" accept-ranges bytes timing-allow-origin * expires Fri, 23 Jul 2021 06:25:34 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/rtv/012007102309000/v0/ Frame 4984	48 KB 15 KB	19ms 18ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/v0/amp-form-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b418161b0e10186a59983122d30a87aca45be8909d6df20f5a3085ce0c529da Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 195783 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14999 x-xss-protection 0 server sffe date Thu, 23 Jul 2020 06:25:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "3ca767f11aa3e2dd" accept-ranges bytes timing-allow-origin * expires Fri, 23 Jul 2021 06:25:34 GMT
GET H2	200	css fonts.googleapis.com/ Frame 4984	5 KB 761 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 25 Jul 2020 12:15:46 GMT server ESF date Sat, 25 Jul 2020 12:48:37 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 25 Jul 2020 12:48:37 GMT
GET DATA	200 OK	truncated / Frame 4984	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62d09cd8c876b21996846a1e9f21c49e31b73aed7e324b92aa0472092050178e Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4984	2 KB 3 KB	16ms 5ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 11:08:58 GMT x-content-type-options nosniff server cafe age 5979 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Sun, 26 Jul 2020 11:08:58 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4984	295 B 365 B	16ms 6ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 08:18:35 GMT x-content-type-options nosniff server cafe age 16202 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sun, 26 Jul 2020 08:18:35 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 4984	0 0	22ms 15ms	Image text/html	2a00:1450:4001:817::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKsHLE_sGUuMbvUWKdxg1WsBSmZiuq4leP1Tz3JdkaJWzDBGYzBcY8in06mtsibvkHD83s6VfS2bQL4y-Nk1zVO21o3g Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4984	0 0	62ms 58ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CO5y9JSocX5O8A5KDjuwPwNSc-AX_08LhXfSt-8fkCsCNtwEQASCb9O1rYPWVzoHgBKABmJWKxgLIAQGpAgD4YmpmObI-4AIAqAMByAMKqgTmAk_QWbfqoW7y-e6uj5p8Q1mx6gaGZZ8f_IYrQWLhWNLvCZ0UhZLiUBaODsLKXnRv9bMbug_reba2uFQErR31t3XUZjWmhLOC2cuDr9FX9JKesXlD_kYLe5Z_yrIlli-VntwCCpt11BQG_-urYqNrPdvQc4bGWgrfvMjCa_4cjrFo4Yb910EDXXIaAiDaeY__d7zBZKkghwOkY-BoWtYEUxj-BsrSOt2hphi9b_EDj6bj2wxroqxFeYeUTDvlz27b3n_3ezbwBb0sUlMXw_jPWa7evatV48p-ldl0QYPZti6SJJVA1n0kSxDva8ZUsbaSryTQTmXPf-jVedD3sqSykSfYLMcsB6Xr-1YBbWCjfjE2odC1g8vuMJupBk_F4lX3tHx02wHDxYAPK4YKckd_xPk5qQXDy52SIcoFA-7TwaFLdy-xhQc23uO3Nrxlzcsui2PwiZ8RHPRxKQ935_P4fq9d-WnSQPDABOLZ19XQAuAEAZIFBAgEGAGSBQQIBRgEoAZmgAfQ6vW5AagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCovFDSCAcIgGEQARgdgAoDyAsB2BMKiBQC&sigh=1mZ6P6WG51U&tpd=AGWhJmu1H9XSzOygqEBffmmutj1d0U8RYd2sZpQoJ0L9f98kbw Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	wt Show response polarcdn-pentos.com/ Frame A152	3 B 643 B	84ms 29ms	XHR application/octet-stream	104.17.193.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-pentos.com/wt?e=1&n=3&p=UNKNOWN&s=1&u=00779f63-9e34-4487-9736-79588a264621&v=1%2F374ef97&w=1.198.0&y=w&z=v1.7.5&pas=asa-web-dfp&pag1=default&pag2=%2F21665826759%2Fcutimes%2Farticledisplay&padau=21686825641&padav=4885392841&pado=2707950611&padli=5429561948&padc=138318142570&padpm=false&paddait=&paddlat=&pai=f3b36&d=www.cutimes.com&l=&pajs=&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&cu=65f670294059a035e51e17503eda4d59&t=arx&parcid=9bff5&parid=f9101&parin=1&partm=1&par=s&maxts=0.038&pvhref=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&pvr=https%3A%2F%2Ft.co%2F&_=1595681317744 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.193.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7 Request headers Accept text/plain, */*; q=0.01 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 1085 cf-ray 5b85ff0cbfffcc3a-ZRH status 200 content-length 3 x-amz-id-2 n0XGJlr3Rxt/2mP+xPCKsEOrN7/7u1TVY3zjO4PuSiCx70aIywBrnf/+jN8q7LGpFnQJuecZO9o= last-modified Mon, 09 Jul 2018 17:31:51 GMT server cloudflare etag "28e4477bb454eb35226fe56082545e13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 access-control-allow-methods GET x-amz-request-id 9D67EA9E9F88BA5C access-control-allow-origin * cache-control public, max-age=604800 cf-request-id 04279dbbf50000cc3a36990200000001 accept-ranges bytes content-type application/octet-stream
GET H2	200	247888b460864619be28848b4b663f46 Show response polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/www.cutimes.com/creative/ Frame A152	74 KB 11 KB	1397ms 1370ms	XHR application/json	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/www.cutimes.com/creative/247888b460864619be28848b4b663f46 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0cc28abd8a9800ad071fb493f1d09e0bc99d321ec94a329b7aedb74315cb79f Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:39 GMT content-encoding gzip server cloudflare status 200 etag W/"5d758a4d03a6d587ebbf9f75b9c3e894" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Country, CF-Ray cache-control max-age=900 x-country DE cf-ray 5b85ff0c895f1756-FRA cf-request-id 04279dbbd10000175694bb2200000001
GET DATA	200 OK	truncated / Frame A152	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2f6558a48afd03a13dca46cc0b0551ebc121ca0ba0977e0b9fda8e9a84892280 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame A152	0 58 B	58ms 57ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUo-FyuU9Lia_g1t0V1h0sfiHI_Y_vSQdeO03vqkRYQ2mszlFqwY2lKokB7ay6canA1W-ZHLTGoEpCQeWZ0MZ3A0IorjlE2SVHvX06alY6aIlVZ_wRrE8wY422qZsa_KSZQDIGYxngeUq3B0Jhxk8GgYKpVTX54KSL7Z3U6IcxUYfqCnKj6DtpZC1S60mlom2uZjHeH069jTqNLa4fOS7kMXNTNjNvb6ewmuoRMs45NvzYWO2xqeA2SC4qscoT-CD3lPp1axu_ksXQNisueyyDGIbhfsex&sig=Cg0ArKJSzLLDnbMH8Zq_EAE&urlfix=1&adurl= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:37 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame BAAD	0 0	59ms 56ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstF1E_1uixDUzbkohN-LWfNPOBWdCPDW93MM-bQipk1VbxMrN7YxQgSaYltuKfV6KQgz7KCytibQey5emNCE7dwxJGUQ0fmfxC9-455o0rzXjEBsllSYr8R-pmvb-GV-gcNjgHOCuyIlxw4ad8PWNBRKyCmQ_nOcVCWf9pHbCnIMmv2EXRiwcU6F5wi20ONio0Nx2DgZu3slefklSmG4mrP_N0mujXy9rNjkUCNg7N0Fnx9PjYAHgckao_vOwV8FRo-_SXkscUGGM_vVUDQgAqF&sig=Cg0ArKJSzNwPJGy5hoD9EAE&adurl= Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:37 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/ Frame BAAD	2 KB 1 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/window_focus_fy2019.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 02:23:50 GMT content-encoding gzip x-content-type-options nosniff age 210287 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 8966445102869121928 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 06 Aug 2020 02:23:50 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame BAAD	73 KB 28 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1595419060626807" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28380 x-xss-protection 0 expires Sat, 25 Jul 2020 12:48:37 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame BAAD	0 0	17ms 15ms	Image text/html	2a00:1450:4001:817::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSY0FSwD4B1r0rhrvC0plYR8949gT-bkeYyxk2oGN1VvxycDaZSCRqeLsUuMelLZJXfe2GBPrK8cKcTf0RHmZL3X9iFSQ Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	moatad.js Show response z.moatads.com/almdfp680616975594/ Frame BAAD	284 KB 97 KB	37ms 36ms	Script application/x-javascript	92.122.255.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/almdfp680616975594/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AmazonS3 / Resource Hash 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip last-modified Fri, 10 Jul 2020 17:53:59 GMT server AmazonS3 x-amz-request-id 51925B4670AE0FCB etag "d2ef9f7d6daa54e46dc7e01ff0592da6" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=32386 accept-ranges bytes content-length 98432 x-amz-id-2 KxHHJXCEyrcmqpZELTfpDZnSCcciKdaMGpmyUBcCPY64IeJbiSSuOuLuGurSg5K/DdggpZUrfZo=
GET H2	200	2178699734731539155 tpc.googlesyndication.com/simgad/ Frame BAAD	57 KB 57 KB	9ms 7ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2178699734731539155 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ccbd5cc32673a888beb973dbc038e381b729328bda152613cc45866955e4c10e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 23:55:48 GMT x-content-type-options nosniff age 1428769 x-dns-prefetch-control off status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 58723 x-xss-protection 0 last-modified Tue, 17 Sep 2019 14:01:30 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 08 Jul 2021 23:55:48 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/ Frame 4984	11 KB 11 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Origin https://www.cutimes.com Response headers date Thu, 09 Jul 2020 02:32:55 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:48 GMT server sffe age 1419342 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11056 x-xss-protection 0 expires Fri, 09 Jul 2021 02:32:55 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v20/ Frame 4984	11 KB 11 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Origin https://www.cutimes.com Response headers date Fri, 12 Jun 2020 20:41:36 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:50 GMT server sffe age 3686821 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11016 x-xss-protection 0 expires Sat, 12 Jun 2021 20:41:36 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 55BC	0 0	70ms 68ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIiIZWe0rWZHK507ueaZejRLlciC7UHZsJRdrkLsQmsOwfi8vrr4fgu_6-gDDrntxR_0JW_06Kz00fbvIW7_BA_-cTrIrR2TZKXEMlEvLhsfl8PIHsnQlKHbfO9I1Ze_qW0aAU0_pXwhPGPfC2v1AnUrg1ardkDhdCPJoyGe3VZIKirDgT25ZDJHQPZUEDJ1I4rQkkQHpINthbOWKifZHjyqXfq9FE6KEOWVdwynTBYXPPNUTZzqqrW5leuwTWRNg1VZMEOxeuuvatzFIyiLnV2nBvEA&sig=Cg0ArKJSzDvugfMatE-NEAE&adurl= Requested by Host: t.co URL: https://t.co/c2aDXPyhan Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:37 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/ Frame 55BC	2 KB 1 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20200723/r20110914/client/window_focus_fy2019.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 23 Jul 2020 02:23:50 GMT content-encoding gzip x-content-type-options nosniff age 210287 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 8966445102869121928 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 06 Aug 2020 02:23:50 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 55BC	73 KB 28 KB	43ms 41ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1595419060626807" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28380 x-xss-protection 0 expires Sat, 25 Jul 2020 12:48:37 GMT
GET H2	200	moatad.js Show response z.moatads.com/almdfp680616975594/ Frame 55BC	284 KB 97 KB	38ms 37ms	Script application/x-javascript	92.122.255.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/almdfp680616975594/moatad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AmazonS3 / Resource Hash 64f6ab1fda7bca7943cc6c97326985af07c350f92a3cf15a6e79377673c606aa Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:37 GMT content-encoding gzip last-modified Fri, 10 Jul 2020 17:53:59 GMT server AmazonS3 x-amz-request-id 51925B4670AE0FCB etag "d2ef9f7d6daa54e46dc7e01ff0592da6" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=32386 accept-ranges bytes content-length 98432 x-amz-id-2 KxHHJXCEyrcmqpZELTfpDZnSCcciKdaMGpmyUBcCPY64IeJbiSSuOuLuGurSg5K/DdggpZUrfZo=
GET H2	200	14052303974320016552 tpc.googlesyndication.com/simgad/ Frame 55BC	30 KB 30 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/14052303974320016552 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1bfb19d425ac91e5e43bcc78f4fb32e046e1b9f0ddd8267ca85ee4d1bfe185c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 06 Jul 2020 16:06:23 GMT x-content-type-options nosniff age 1629734 x-dns-prefetch-control off status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30718 x-xss-protection 0 last-modified Wed, 12 Jun 2019 17:34:58 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 06 Jul 2021 16:06:23 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame 803A	0 0	6ms 5ms	Document text/html	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Sat, 25 Jul 2020 11:54:10 GMT expires Sun, 25 Jul 2021 11:54:10 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3267 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	37ms 36ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=https%3A%2F%2Ft.co&t=1595681317560&de=39522237936&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=5&cb=0&ym=0&cu=1595681317560&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&zMoatMData=1&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3379%3A3379%3A3342%3A2579&tz=d_footer&iq=na&tt=na&tu=1&fs=182630&na=612561094&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:37 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:37 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012007102309000/ Frame EB8F	206 KB 56 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d719a7b7ef17ad476a644a196c6130ed955f5ab06f7bac34632f44d4772bfe5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 13501 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57400 x-xss-protection 0 server sffe date Sat, 25 Jul 2020 09:03:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "83969d63ffc70a02" accept-ranges bytes timing-allow-origin * expires Sun, 25 Jul 2021 09:03:36 GMT
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/012007102309000/v0/ Frame EB8F	16 KB 6 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/v0/amp-ad-exit-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c37a95b0e695cc2780bf005cba745b7b2ca2215765981eba876c61116a667a51 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 195783 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5907 x-xss-protection 0 server sffe date Thu, 23 Jul 2020 06:25:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "86843ca20da1a159" accept-ranges bytes timing-allow-origin * expires Fri, 23 Jul 2021 06:25:34 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012007102309000/v0/ Frame EB8F	96 KB 29 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de2181a33594f9109e9e48ecf4d5431585340ad5d9a3ba7ab57939f5afe90d32 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 13498 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29729 x-xss-protection 0 server sffe date Sat, 25 Jul 2020 09:03:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "b208119f1c2c4cc7" accept-ranges bytes timing-allow-origin * expires Sun, 25 Jul 2021 09:03:39 GMT
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/012007102309000/v0/ Frame EB8F	4 KB 2 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/v0/amp-fit-text-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ed2a44dca895d6c3965597e27ffdd09e0c29c8b9838dc85f29c6fa1deb9c8b2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 195783 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1786 x-xss-protection 0 server sffe date Thu, 23 Jul 2020 06:25:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "641cef4d262e64f8" accept-ranges bytes timing-allow-origin * expires Fri, 23 Jul 2021 06:25:34 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/rtv/012007102309000/v0/ Frame EB8F	48 KB 15 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012007102309000/v0/amp-form-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b418161b0e10186a59983122d30a87aca45be8909d6df20f5a3085ce0c529da Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 195783 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14999 x-xss-protection 0 server sffe date Thu, 23 Jul 2020 06:25:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "3ca767f11aa3e2dd" accept-ranges bytes timing-allow-origin * expires Fri, 23 Jul 2021 06:25:34 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB8F	2 KB 3 KB	8ms 8ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 11:08:58 GMT x-content-type-options nosniff server cafe age 5979 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Sun, 26 Jul 2020 11:08:58 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB8F	295 B 360 B	12ms 6ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 08:18:35 GMT x-content-type-options nosniff server cafe age 16202 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sun, 26 Jul 2020 08:18:35 GMT
GET DATA	200 OK	truncated / Frame EB8F	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 819a8ced5e128d785a19531625d03c10d473ab2d71e5bf36ca10bf64996312df Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	8388273772740215813 tpc.googlesyndication.com/daca_images/simgad/ Frame EB8F	132 KB 132 KB	13ms 7ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/8388273772740215813 Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2465de560635f9db25b7f891863ba8931f8b47f788c663b4db8c41ce5dd5eee8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 19:31:35 GMT x-content-type-options nosniff age 1444622 x-dns-prefetch-control off status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 135382 x-xss-protection 0 last-modified Fri, 22 May 2020 04:06:39 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 08 Jul 2021 19:31:35 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame EB8F	0 0	35ms 29ms	Image text/html	2a00:1450:4001:817::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRm3NCQ3jlzC5uuyIGRYZ4MXRyVH9Sls1wyxRP5qmRR-erzIWaXk3RTM9RaR_Hoc9p76j2rTL-XklUDOhpM06H9BbSBuA Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame EB8F	0 0	63ms 58ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CdJezJSocX5CkJ8br3wOrqorYB7ayzfJcuIyV7KoMv-EeEAEgm_Tta2D1lc6B4ASgAeyfq9ICyAEC4AIAqAMByAMIqgTjAk_QTcTaNJA3QThPAwNdzFF9SyhrMIqaUmh_9vgIlUENzlJ1l8j-nEgBonOAE1F9-5Qqii70bWlgfgsY_5o-gAIFzwMdmoujwMhdJTXVKDmRPCKU-SuXVmVu1xaDf39iposrpe3QaWUN8K2PLhAIz1S18wNBOdExRJEqaEYcnLVrzHvf7POO4yFgzU1wlgcQVjtJYyxyGiQphj8gp4snQeSNAqL-iAHjTN2Aa_yW81x6iatN5KXSZKXxN74uto4VZVVRVcJB5FMcCegKyY6xdABZevoKx_DHvWMvf19o9dCm225JIXD4acinrjN3xyiEw4iJpK404cwLmF-5l1KGqwHNLesPJYL18sI8jUNjSu8uDTQein0cwYeLUbUzB7AQJ3x21KtEoysqOEgXG64j5sNk1laS0raBuNu5yUJRYaAmSaOV81a1OWwAZJmwviW0oa00Vk-JG-g1ppkOhI6ngTY6bkbABLSFst_LAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAf839StAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCd1DfSCAcIgGEQARgdgAoDyAsB2BMM&sigh=O16OD0pnxZA&tpd=AGWhJmtY6Amg2pdJ3GBEqU6TkGPQXgz6avdLOj2j0ml00IoRiQ Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame BAAD	0 62 B	57ms 57ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtY8wcvoUZcfxhPOPBPr6gd_eS69escyCh8Rij40TnVSqIIDh2r1rQ5c_8jM5v46NzMERc0cbakn4OfPR2QJ7MiYBsUaFXiYyLdgcvPFQHBVAVsn3kkTjqGwOvGlMQdVW2FI5yYJABPaKh7JXhGtjDXOGj3B0RI5acVOiTInqN_1vhh3NSqOMlStZMpg7swx7kBno_yp0Ng22xBtgfGTJrxTQeuj8HrwaQA63j7Usq_QDBjGxG5md4--pI4l3abULfKqwaNxLkNQuWt8yMgQVSxcI&sig=Cg0ArKJSzL18f0RrNBlDEAE&adurl= Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:38 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 55BC	0 56 B	57ms 57ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgobr4EJyCG6bVzJPy82E6AzLyDHqbqDlc9kWfqvqz0uLEEF2XttTn9oPTg9NTSNTkEakz89k2T5HiCsVOgvQSs4yd8fzqHV1_5S8lFsuCDVob5Law7K9xaDWVCwKn9CD36Jnqc8JiIliB9nrcbFEo2hNGUKeWM_eqR3a42UzKdJCUBRpSUDoF5tg9F2S6pMHafr5gZQMYHfXiSkbdP_EQSKbgMcoRp-ElB7WorlFI_MLTwf9VR4gQzj_qNccWWmlr_cDGLJs4V3iqOGvMEfkFQcQAQEA-&sig=Cg0ArKJSzFOi9BLL1DfuEAE&adurl= Requested by Host: www.cutimes.com URL: https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 12:48:38 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame BAAD	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b0bd78184f8bf28ccbf3152bb03809c10c1cf18eec50cc37b606b6fc4fe02188 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 55BC	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 482e654d14b07723ec0008ad0776c49fa33b2781b1db135bd195e3d5feaa4d02 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 4984 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	14ms 14ms	Image text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers date Sat, 25 Jul 2020 12:48:38 GMT x-content-type-options nosniff server safe status 302 content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 246 x-xss-protection 0
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	37ms 37ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=18&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.dianomi.com%2Fsmart_cutimes.epl%3Fid%3D3420%26url%3Dhttps%253A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%253Fcmp%253Dshare_twitter%2526slreturn%253D20200625084832&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1595681317560&de=39522237936&cu=1595681317560&m=41&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4864&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3379%3A3379%3A3342%3A2579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8&cd=0&ah=8&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21686825641&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&zMoatMData=1&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_footer&iq=na&tt=na&tu=1&tc=0&fs=182630&na=782904268&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:38 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:38 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4984	2 KB 3 KB	6ms 5ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 11:08:58 GMT x-content-type-options nosniff server cafe age 5980 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Sun, 26 Jul 2020 11:08:58 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4984	295 B 369 B	10ms 10ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 08:18:35 GMT x-content-type-options nosniff server cafe age 16203 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sun, 26 Jul 2020 08:18:35 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame EB8F Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	16ms 15ms	Image text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers date Sat, 25 Jul 2020 12:48:38 GMT x-content-type-options nosniff server safe status 302 content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 246 x-xss-protection 0
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	37ms 37ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=https%3A%2F%2Ft.co&t=1595681317820&de=101417251015&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=8&cb=0&ym=0&cu=1595681317820&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4885392841%3A2707950611%3A5429561948%3A138318142570&zMoatMData=1&zMoatPS=native_single1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3379%3A3379%3A3342%3A2579&tz=native_single1&iq=na&tt=na&tu=1&fs=182630&na=1836972529&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:38 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:38 GMT
GET H2	200	8388273772740215813 tpc.googlesyndication.com/daca_images/simgad/ Frame EB8F	132 KB 132 KB	6ms 5ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/8388273772740215813 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2465de560635f9db25b7f891863ba8931f8b47f788c663b4db8c41ce5dd5eee8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 19:31:35 GMT x-content-type-options nosniff age 1444623 x-dns-prefetch-control off status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 135382 x-xss-protection 0 last-modified Fri, 22 May 2020 04:06:39 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 08 Jul 2021 19:31:35 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB8F	2 KB 3 KB	8ms 7ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 11:08:58 GMT x-content-type-options nosniff server cafe age 5980 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Sun, 26 Jul 2020 11:08:58 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB8F	295 B 364 B	7ms 7ms	Image image/png	2a00:1450:4001:819::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012007102309000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sat, 25 Jul 2020 08:18:35 GMT x-content-type-options nosniff server cafe age 16203 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sun, 26 Jul 2020 08:18:35 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 57 B	40ms 39ms	Image image/gif	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072001&jk=2293835535520357&bg=!oqGloblYKvrSO9EaccICAAAAelIAAAAUCgAte7agGAhlsgmeOFXQz5HFzoQHaAkNqY7KxaMvPeXclggARaxsri6UYNG8Uej1mQGGHuowEh6gl0P4W50gVMgNMbjtrGGLim12taIgRkMZbs7GgHzlRvNA_feSs69irfu1RzvVTs549EH0nyQOCC0-2e0-S5kM-sQEP04blPfFf45-ag2FIRPUCk4r_t-2DZKr-idG8IqaDKp_m3mQPSZtjYokGN8aTVvBifyBnIZk9Or3hNy69JrrSifXjjNYADhyfsRk0ERfbQle2GBCI11bVKgOAmhwYOPJEuGFo_aCln1Ozf3Z4yNfszAGj1MRT7sQ_tSUp21h4rY35sNr-nDgSIrW6Bl1PadHc3DODgJNL4brRoyMhbSTlHXewekBIffoA0nBfMVN0iMxzEheiHiaqL9KXcl2Ebpcex9vMKv1rjr9Tz3Svgp77JYyLkmH1F11PNFF5_7JjwpTOqNz_ziVPWBU6PNNPBGin66G2OJwPbU1JS8gvKD5M6PlI4mCjOAvFEX11luXnSFon_fwpe8PY6IqwPYP1XwQO2DRCQt65cV1-szzt2yHj_J24qQs6wB-Pq4Xrj2c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	40ms 36ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=https%3A%2F%2Ft.co&t=1595681318096&de=811758695254&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=11&cb=0&ym=0&cu=1595681318096&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138288014266&zMoatMData=1&zMoatPS=top1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3379%3A3379%3A3342%3A2579&tz=top1&iq=na&tt=na&tu=1&fs=182630&na=1690699748&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:38 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:38 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	37ms 37ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=18&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F2178699734731539155&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1595681318096&de=811758695254&cu=1595681318096&m=13&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5024&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3379%3A3379%3A3342%3A2579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138288014266&bo=21664827602&bd=21686825641&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&zMoatMData=1&zMoatPS=top1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=top1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=699482615&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:38 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:38 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	36ms 36ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=https%3A%2F%2Ft.co&t=1595681318114&de=756103149659&m=0&ar=da8ed23e15-clean&iw=1f29a1c&q=14&cb=0&ym=0&cu=1595681318114&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4667555407%3A2625814314%3A5223456239%3A138299068990&zMoatMData=1&zMoatPS=middle&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3379%3A3379%3A3342%3A2579&tz=middle&iq=na&tt=na&tu=1&fs=182630&na=276980570&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:38 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:38 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	37ms 36ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=18&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14052303974320016552&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1595681318114&de=756103149659&cu=1595681318114&m=18&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5024&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=12&vx=12%3A-%3A-&pe=1%3A3379%3A3379%3A3342%3A2579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&pg=12&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4667555407%3A2625814314%3A5223456239%3A138299068990&bo=21664827602&bd=21686825641&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&zMoatMData=1&zMoatPS=middle&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tz=middle&iq=na&tt=na&tu=1&tc=0&fs=182630&na=839238448&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:38 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:38 GMT
GET H2	200	/ polarcdn-terrax.com/privacy/v1.0.0/html/optout/readwrite/ Frame 1B35	0 0	15ms 15ms	Document text/html	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-terrax.com/privacy/v1.0.0/html/optout/readwrite/ Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority polarcdn-terrax.com :scheme https :path /privacy/v1.0.0/html/optout/readwrite/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Sat, 25 Jul 2020 12:48:39 GMT content-type text/html; charset=utf-8 content-length 1291 set-cookie __cfduid=dd047280e0adb7beac817613912fbbf221595681319; expires=Mon, 24-Aug-20 12:48:39 GMT; path=/; domain=.polarcdn-terrax.com; HttpOnly; SameSite=Lax vary Accept-Encoding access-control-allow-headers Authorization access-control-expose-headers CF-IPCountry, X-Country, CF-Ray cache-control max-age=900 access-control-allow-origin * access-control-allow-methods GET timing-allow-origin * content-encoding gzip x-varnish 2299238786 2299220708 age 127 via 1.1 varnish cf-cache-status HIT accept-ranges bytes cf-request-id 04279dc1a800001f1d5824e200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5b85ff15df0f1f1d-FRA
GET H2	200	wt Show response polarcdn-pentos.com/ Frame A152	3 B 230 B	21ms 21ms	XHR application/octet-stream	104.17.193.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polarcdn-pentos.com/wt?e=2&n=3&p=NA-CREDUNIOTIME-11239181&s=1&u=00779f63-9e34-4487-9736-79588a264621&v=1%2F374ef97&w=1.198.0&y=w&z=v1.7.5&pas=asa-web-dfp&pag1=default&pag2=%2F21665826759%2Fcutimes%2Farticledisplay&padau=21686825641&padav=4885392841&pado=2707950611&padli=5429561948&padc=138318142570&padpm=false&paddait=&paddlat=&pai=f3b36&d=www.cutimes.com&l=+%5BHomepage+2nd+Article%5D&pajs=body&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&pecy=DE&c=247888b460864619be28848b4b663f46&t=i&pasp=49aacd5babed457cb7c7356eba261ef9&papss=a&pvhref=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&pvr=https%3A%2F%2Ft.co%2F&_=1595681317745 Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.193.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7 Request headers Accept text/plain, */*; q=0.01 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:39 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 1087 cf-ray 5b85ff155dc3cc3a-ZRH status 200 content-length 3 x-amz-id-2 n0XGJlr3Rxt/2mP+xPCKsEOrN7/7u1TVY3zjO4PuSiCx70aIywBrnf/+jN8q7LGpFnQJuecZO9o= last-modified Mon, 09 Jul 2018 17:31:51 GMT server cloudflare etag "28e4477bb454eb35226fe56082545e13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 access-control-allow-methods GET x-amz-request-id 9D67EA9E9F88BA5C access-control-allow-origin * cache-control public, max-age=604800 cf-request-id 04279dc15b0000cc3a369d4200000001 accept-ranges bytes content-type application/octet-stream
GET H2	200	moatad.js Show response z.moatads.com/polar822lQSh10/ Frame A152	276 KB 94 KB	38ms 37ms	Script application/x-javascript	92.122.255.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/polar822lQSh10/moatad.js?moatClientLevel1=NA-CREDUNIOTIME-11239181&moatClientLevel2=COOK%20SECURITY%20GROUP%20&moatClientLevel3=Single%20Creative&moatClientLevel4=How%20Credit%20Unions%20are%20balancing%20between%20Digital%20%26%20Traditional%20banking%2C%20Contactless%20vs.%20Physical%20branches&moatClientSlicer1=%20%5BHomepage%202nd%20Article%5D Requested by Host: static.polarcdn.com URL: https://static.polarcdn.com/creative/creative.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AmazonS3 / Resource Hash c53ca30481441065f8fb1fadf4faed737328be0db01ce75876f5aabb55b7555e Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:39 GMT content-encoding gzip last-modified Tue, 07 Jul 2020 17:16:40 GMT server AmazonS3 x-amz-request-id 28CAC69B3687FAED etag "661666d0fc61b4c753bdf35bcbb93544" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=25905 accept-ranges bytes content-length 95366 x-amz-id-2 yUFL7kM6GpfDfNpBNxTXXoFc2TbKpo+e0P2mCaW7/R/gO23Pt1ch4ftWCdosX99/Jh/Mr1fspEE=
GET H2	200	5f1896d2fc70759534ae0772 polarcdn-terrax.com/image/v1.0.0/bin/ Frame A152	289 B 398 B	52ms 37ms	Image image/jpeg	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://polarcdn-terrax.com/image/v1.0.0/bin/5f1896d2fc70759534ae0772?v=5e3aa&h=2&w=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ae9cd16c95764d6b8b22ad09b609f1135ef2479f4bbe4a9d79e0f0d66fa00ae Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:39 GMT via 1.1 varnish cf-cache-status HIT age 178650 status 200 access-control-max-age 432000 content-type image/jpeg content-length 289 cf-request-id 04279dc16b00001f1d58239200000001 timing-allow-origin * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET x-varnish 2293318212 2293306157 access-control-allow-origin * cache-control public, max-age=432000 accept-ranges bytes cf-ray 5b85ff157e211f1d-FRA
GET H2	200	5f1896d248e3edcb2315af2e polarcdn-terrax.com/image/v1.0.0/bin/ Frame A152	302 B 402 B	52ms 36ms	Image image/jpeg	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://polarcdn-terrax.com/image/v1.0.0/bin/5f1896d248e3edcb2315af2e?v=177e1&h=2&w=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f026340bfeceb4d8a9f3b6775de85fff35b723923b62ff41ecc73bb77ccb6ef Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:39 GMT via 1.1 varnish cf-cache-status HIT age 178650 status 200 access-control-max-age 432000 content-type image/jpeg content-length 302 cf-request-id 04279dc16b00001f1d5823c200000001 timing-allow-origin * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET x-varnish 877125502 access-control-allow-origin * cache-control public, max-age=432000 accept-ranges bytes cf-ray 5b85ff157e281f1d-FRA
GET H2	200	5f1896d248e3edcb2315af2f polarcdn-terrax.com/image/v1.0.0/bin/ Frame A152	295 B 773 B	42ms 27ms	Image image/jpeg	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://polarcdn-terrax.com/image/v1.0.0/bin/5f1896d248e3edcb2315af2f?v=f5e74&h=2&w=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0810aeab3073f709b2bd743754cc1ce2e2100844908b466af0eee61eb486eba Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:39 GMT via 1.1 varnish cf-cache-status HIT age 178650 status 200 access-control-max-age 432000 content-type image/jpeg content-length 295 cf-request-id 04279dc16b00001f1d5823a200000001 timing-allow-origin * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET x-varnish 877125501 access-control-allow-origin * cache-control public, max-age=432000 accept-ranges bytes cf-ray 5b85ff157e231f1d-FRA
GET H2	200	5f18927748e3edcb2315af1c polarcdn-terrax.com/image/v1.0.0/bin/	8 KB 8 KB	45ms 31ms	Image image/jpeg	2606:4700::6811:4132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://polarcdn-terrax.com/image/v1.0.0/bin/5f18927748e3edcb2315af1c?v=63565&w=280 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94df85eef2d8e9cc23591fb317e79f73f20cc7805db0c0374ea4f68220d0dde0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 25 Jul 2020 12:48:39 GMT via 1.1 varnish cf-cache-status HIT age 178650 status 200 access-control-max-age 432000 content-type image/jpeg content-length 8514 cf-request-id 04279dc16b00001f1d5823b200000001 timing-allow-origin * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET x-varnish 877125504 access-control-allow-origin * cache-control public, max-age=432000 accept-ranges bytes cf-ray 5b85ff157e261f1d-FRA
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 4984	42 B 109 B	52ms 51ms	Image image/gif	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYLa6mEXdBj3a83VFzt7Iszqb0xOLkSZlMDO0mI2Mx7dAZbyxzF6irVFpdo6PeTKqFWP6VFaTwPBkBFADtPQDgU3Y32LtpyAC00vB2eYDPjSEWcjjggRq7l1c&sai=AMfl-YTSNo-JlgU1E6V77EJmq8y_bXxLSgImCbTYzGq7FWmJDa5VZtPK9kG1jWgxgd02OLGazAzYAI0JnlculgftrjRD2yzSZvuFfiLe884vNG_VuX2qLWRakkGoesXY&sig=Cg0ArKJSzD-ofEHpP1tJEAE&cid=CAASFeRoDFhOnQRh0FwOoSDyY-jZpyoHbQ&id=ampim&o=315,210&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=287&tls=1288&g=100&h=100&tt=1288&r=v&avms=ampa&adk=504350775 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	38ms 37ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=18&kq=1&lo=4&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fpolarcdn-terrax.com%2Fimage%2Fv1.0.0%2Fbin%2F5f18927748e3edcb2315af1c&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=295&w=723&fy=285.515625&gp=3290.15625&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1595681317820&de=101417251015&cu=1595681317820&m=1524&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3290.15625&lb=5094&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A3379%3A3379%3A3342%3A2579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=188&cd=0&ah=188&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4885392841%3A2707950611%3A5429561948%3A138318142570&bo=21664827602&bd=21686825641&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&zMoatMData=1&zMoatPS=native_single1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&hv=Creative%20API%20-%20Banner&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=native_single1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1984421589&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:39 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:39 GMT
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame AC7F	0 0	110ms 35ms	Document text/html	72.247.225.17 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag "573e714d-3e3" Server nginx/1.9.13 Content-Type text/html Vary Accept-Encoding Access-Control-Allow-Origin * Content-Encoding gzip Content-Length 506 Cache-Control max-age=31536000 Expires Sun, 25 Jul 2021 12:48:40 GMT Date Sat, 25 Jul 2020 12:48:40 GMT Connection keep-alive
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame C871	0 0	123ms 47ms	Document text/html	72.247.225.17 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag "573e714d-3e3" Server nginx/1.9.13 Content-Type text/html Vary Accept-Encoding Access-Control-Allow-Origin * Content-Encoding gzip Content-Length 506 Cache-Control max-age=31536000 Expires Sun, 25 Jul 2021 12:48:40 GMT Date Sat, 25 Jul 2020 12:48:40 GMT Connection keep-alive
GET H2	200	sync.html public.servenobid.com/ Frame 816B	0 0	67ms 23ms	Document text/html	143.204.201.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://public.servenobid.com/sync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 143.204.201.121 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority public.servenobid.com :scheme https :path /sync.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers status 200 content-type text/html last-modified Thu, 23 Jul 2020 21:05:53 GMT server AmazonS3 content-encoding gzip date Sat, 25 Jul 2020 09:46:45 GMT cache-control max-age=86400 vary Accept-Encoding x-cache Hit from cloudfront via 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id 3OvwtHdyabeTCy07-OIIDbMeGcd5BuveXaFrHSQnDS8sNlS6qCILOg== age 10915
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame 932E	0 0	123ms 49ms	Document text/html	72.247.225.17 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag "573e714d-3e3" Server nginx/1.9.13 Content-Type text/html Vary Accept-Encoding Access-Control-Allow-Origin * Content-Encoding gzip Content-Length 506 Cache-Control max-age=31536000 Expires Sun, 25 Jul 2021 12:48:40 GMT Date Sat, 25 Jul 2020 12:48:40 GMT Connection keep-alive
GET H2	200	sync.html public.servenobid.com/ Frame F17A	0 0	65ms 24ms	Document text/html	143.204.201.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://public.servenobid.com/sync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 143.204.201.121 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority public.servenobid.com :scheme https :path /sync.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers status 200 content-type text/html last-modified Thu, 23 Jul 2020 21:05:53 GMT server AmazonS3 content-encoding gzip date Sat, 25 Jul 2020 09:46:45 GMT cache-control max-age=86400 vary Accept-Encoding x-cache Hit from cloudfront via 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id y1B_xlASwsKEki-Ezsik-SmJIwVY-oTzT0F1mgr2002CAUFdx8YtuQ== age 10915
GET H2	200	sync.html public.servenobid.com/ Frame 2CC4	0 0	63ms 24ms	Document text/html	143.204.201.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://public.servenobid.com/sync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 143.204.201.121 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority public.servenobid.com :scheme https :path /sync.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers status 200 content-type text/html last-modified Thu, 23 Jul 2020 21:05:53 GMT server AmazonS3 content-encoding gzip date Sat, 25 Jul 2020 09:46:45 GMT cache-control max-age=86400 vary Accept-Encoding x-cache Hit from cloudfront via 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id KjCwvv7D9rXcpRANYhxjZxLAaae9C_251rmeKISlDf5ZhaFyYToymw== age 10915
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame C6FA	0 0	120ms 43ms	Document text/html	72.247.225.17 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag "573e714d-3e3" Server nginx/1.9.13 Content-Type text/html Vary Accept-Encoding Access-Control-Allow-Origin * Content-Encoding gzip Content-Length 506 Cache-Control max-age=31536000 Expires Sun, 25 Jul 2021 12:48:40 GMT Date Sat, 25 Jul 2020 12:48:40 GMT Connection keep-alive
GET H2	200	sync.html public.servenobid.com/ Frame BD70	0 0	59ms 23ms	Document text/html	143.204.201.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://public.servenobid.com/sync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 143.204.201.121 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority public.servenobid.com :scheme https :path /sync.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers status 200 content-type text/html last-modified Thu, 23 Jul 2020 21:05:53 GMT server AmazonS3 content-encoding gzip date Sat, 25 Jul 2020 09:46:45 GMT cache-control max-age=86400 vary Accept-Encoding x-cache Hit from cloudfront via 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id nlKPKs3Z5CQhM26juHPzxea6OoguijQ0YfAYDfjmr8MZd_KUkTWyRA== age 10915
GET H2	200	sync.html public.servenobid.com/ Frame 5AD5	0 0	58ms 24ms	Document text/html	143.204.201.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://public.servenobid.com/sync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 143.204.201.121 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority public.servenobid.com :scheme https :path /sync.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers status 200 content-type text/html last-modified Thu, 23 Jul 2020 21:05:53 GMT server AmazonS3 content-encoding gzip date Sat, 25 Jul 2020 09:46:45 GMT cache-control max-age=86400 vary Accept-Encoding x-cache Hit from cloudfront via 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id JKQeicsgjuU3QBoe1gaGL8HaEky9m_t7ypp_00ImL58Bm7zbhJ4-1Q== age 10915
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame D22F	0 0	116ms 38ms	Document text/html	72.247.225.17 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: www.cutimes.com URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 Response headers Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag "573e714d-3e3" Server nginx/1.9.13 Content-Type text/html Vary Accept-Encoding Access-Control-Allow-Origin * Content-Encoding gzip Content-Length 506 Cache-Control max-age=31536000 Expires Sun, 25 Jul 2021 12:48:40 GMT Date Sat, 25 Jul 2020 12:48:40 GMT Connection keep-alive
GET H/1.1	200 OK	hms.gif sync.colossusssp.com/ Redirect Chain https://colossusssp.com/?c=o&m=cookie https://sync.colossusssp.com/hms.gif?puid=25799c0a57e0a92ac075bd474e60ded306cd05e1	42 B 485 B	592ms 172ms	Image image/gif	88.214.194.105 NATCOWEB
General Check archive.org Show headers Download Go to Show image Full URL https://sync.colossusssp.com/hms.gif?puid=25799c0a57e0a92ac075bd474e60ded306cd05e1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.214.194.105 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software nginx/1.4.6 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Sat, 25 Jul 2020 13:03:57 GMT Server nginx/1.4.6 (Ubuntu) Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Type image/gif Cache-Control no-cache, no-store, must-revalidate Transfer-Encoding chunked Connection keep-alive Expires 0 Redirect headers Location https://sync.colossusssp.com/hms.gif?puid=25799c0a57e0a92ac075bd474e60ded306cd05e1 Date Sat, 25 Jul 2020 12:48:39 GMT Connection keep-alive Content-Length 0
GET H/1.1	200 OK	01738604997e009d79e829d77f7000078009107000b08 Show response visitor-service-eu-central-1.tealiumiq.com/alm/main/	1 KB 1 KB	24ms 24ms	Script application/javascript	35.156.59.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://visitor-service-eu-central-1.tealiumiq.com/alm/main/01738604997e009d79e829d77f7000078009107000b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1595681322118 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.59.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 9dbdbf6261101b7c60c01c53b8950c774a143620a15c27eb316612e3cf284cc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Version 2102b23187ef247cb7ff05459f63de9dd5c2c899-SNAPSHOT Strict-Transport-Security max-age=31536000; includeSubdomains X-Region eu-central-1 Connection keep-alive Content-Length 1199 X-NodeId i-06add8889491cc6a5 Content-Type application/javascript; charset=utf-8
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	37ms 36ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=18&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1595681317560&de=39522237936&cu=1595681317560&m=5322&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5094&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3379%3A3379%3A3342%3A2579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5115&cd=8&ah=5115&am=8&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21686825641&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&zMoatMData=1&zMoatPS=d_footer&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=d_footer&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1847043961&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:42 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:42 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	38ms 37ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=18&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1595681318096&de=811758695254&cu=1595681318096&m=5292&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5094&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3379%3A3379%3A3342%3A2579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5086&cd=4&ah=5086&am=4&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138288014266&bo=21664827602&bd=21686825641&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&zMoatMData=1&zMoatPS=top1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=top1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1084782878&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:43 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:43 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	36ms 36ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=18&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1595681318114&de=756103149659&cu=1595681318114&m=5277&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5094&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=12&vx=12%3A12%3A-&pe=1%3A3379%3A3379%3A3342%3A2579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=0&pg=12&pf=12&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5065&cd=4&ah=5065&am=4&rf=0&re=1&wb=1&cl=0&at=0&d=4667555407%3A2625814314%3A5223456239%3A138299068990&bo=21664827602&bd=21686825641&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&zMoatMData=1&zMoatPS=middle&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tz=middle&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1113692224&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:43 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:43 GMT
GET H/1.1	200 OK	index.php Show response a.dpmsrv.com/dpmpxl/	5 B 1 KB	364ms 122ms	Script text/javascript	34.192.142.95 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=18252462%2C18600656%2C21243164%2C19033089%2C19032834&cl=1008&pixelIndex=0&r=85981&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=785406113196087521&_=1595681315143 Requested by Host: s.dpmsrv.com URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.192.142.95 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache content-encoding gzip Access-Control-Max-Age 10 Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type text/javascript Access-Control-Allow-Headers content-type, accept Content-Length 31 Expires 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain https://ib.adnxs.com/seg?member=827&add=18252462,18600656,21243164,19033089,19032834 https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D18252462%2C18600656%2C21243164%2C19033089%2C19032834	43 B 1 KB	35ms 35ms	Image image/gif	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D18252462%2C18600656%2C21243164%2C19033089%2C19032834 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.13.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:44 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.243:80 AN-X-Request-Uuid b4b4daf6-c57f-4a90-8211-cb5cf2c77625 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sat, 25 Jul 2020 12:48:44 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.44:80 AN-X-Request-Uuid 2379182e-d399-41af-911d-e4b4ce5b095a Server nginx/1.13.4 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D18252462%2C18600656%2C21243164%2C19033089%2C19032834 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel.gif px.moatads.com/	43 B 260 B	37ms 36ms	Image image/gif	72.247.226.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=18&kq=1&lo=4&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=295&w=723&fy=285.515625&gp=3290.15625&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says%2F%3Fcmp%3Dshare_twitter%26slreturn%3D20200625084832&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1595681317820&de=101417251015&cu=1595681317820&m=6579&ar=da8ed23e15-clean&iw=1f29a1c&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3290.15625&lb=5094&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A3379%3A3379%3A3342%3A2579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5045&cd=188&ah=5045&am=188&rf=0&re=1&wb=1&cl=0&at=0&d=4885392841%3A2707950611%3A5429561948%3A138318142570&bo=21664827602&bd=21686825641&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&zMoatMData=1&zMoatPS=native_single1&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatCURL=cutimes.com%2F2020%2F07%2F24%2Fphishing-schemes-top-covid-19-digital-frauds-transunion-survey-says&zMoatDev=Desktop&hv=Creative%20API%20-%20Banner&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=native_single1&iq=na&tt=na&tu=1&tc=0&fs=182630&na=1441087326&cs=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software AkamaiNetStorage / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.cutimes.com/2020/07/24/phishing-schemes-top-covid-19-digital-frauds-transunion-survey-says/?cmp=share_twitter&slreturn=20200625084832 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 25 Jul 2020 12:48:44 GMT last-modified Fri, 20 May 2016 15:16:00 GMT server AkamaiNetStorage etag "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360" content-type image/gif status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-length 43 expires Sat, 25 Jul 2020 12:48:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

geoip.alm.com

URL

https://geoip.alm.com/json/