r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13045
Expires: Wed, 25 Jan 2023 23:37:05 GMT
Date: Wed, 25 Jan 2023 19:59:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5989
Expires: Wed, 25 Jan 2023 21:39:29 GMT
Date: Wed, 25 Jan 2023 19:59:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11620
Expires: Wed, 25 Jan 2023 23:13:20 GMT
Date: Wed, 25 Jan 2023 19:59:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 19:35:13 GMT
content-type: application/json
age: 1467
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LcKj4WjDVH254v/GvrVl4VejGRc+d3O0zOTrEbrDIhoprX0koj81h59IPJhzfuQk9xtLIfXJ3eo=
x-amz-request-id: AKC497YNKH6BYG4E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 19:19:47 GMT
age: 2393
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:59:40 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 788ea62795b51696e318ae6a2f748e71
4b42fdbfdc83b1334a3396cd86728130cc5a907e
e48474c6ddf7d99b05de7b3c5d9705a7f2e562877838f2e39fd8b521b38403ae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E48474C6DDF7D99B05DE7B3C5D9705A7F2E562877838F2E39FD8B521B38403AE"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Thu, 26 Jan 2023 01:59:30 GMT
Date: Wed, 25 Jan 2023 19:59:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 19:41:40 GMT
age: 1080
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
link.cutimes.com/click/30350181.4529/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wMS8yNC91bnVzdWFsLWF0bS1hY3Rpdml0eS1hdC1jaXRhZGVsLWZjdS1oaXRzLW1lbWJlcnMtYWNjb3VudHMvP2t3PVVudXN1YWwlMjBBVE0lMjBBY3Rpdml0eSUyMGF0JTIwQ2l0YWRlbCUyMEZDVSUyMEhpdHMlMjBNZW1iZXJzJTI3JTIwQWNjb3VudHMmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249ZGFpbHluZXdzYWxlcnQmdXRtX2NvbnRlbnQ9MjAyMzAxMjUmdXRtX3Rlcm09Y3V0/56545195e9a8a2167d8b5246C39737ab5
107.20.71.201302 Found 0 B URL HTTP/1.1 link.cutimes.com/click/30350181.4529/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wMS8yNC91bnVzdWFsLWF0bS1hY3Rpdml0eS1hdC1jaXRhZGVsLWZjdS1oaXRzLW1lbWJlcnMtYWNjb3VudHMvP2t3PVVudXN1YWwlMjBBVE0lMjBBY3Rpdml0eSUyMGF0JTIwQ2l0YWRlbCUyMEZDVSUyMEhpdHMlMjBNZW1iZXJzJTI3JTIwQWNjb3VudHMmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249ZGFpbHluZXdzYWxlcnQmdXRtX2NvbnRlbnQ9MjAyMzAxMjUmdXRtX3Rlcm09Y3V0/56545195e9a8a2167d8b5246C39737ab5
IP 107.20.71.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click/30350181.4529/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wMS8yNC91bnVzdWFsLWF0bS1hY3Rpdml0eS1hdC1jaXRhZGVsLWZjdS1oaXRzLW1lbWJlcnMtYWNjb3VudHMvP2t3PVVudXN1YWwlMjBBVE0lMjBBY3Rpdml0eSUyMGF0JTIwQ2l0YWRlbCUyMEZDVSUyMEhpdHMlMjBNZW1iZXJzJTI3JTIwQWNjb3VudHMmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249ZGFpbHluZXdzYWxlcnQmdXRtX2NvbnRlbnQ9MjAyMzAxMjUmdXRtX3Rlcm09Y3V0/56545195e9a8a2167d8b5246C39737ab5 HTTP/1.1
Host: link.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
date: Wed, 25 Jan 2023 19:59:40 GMT
server: Sailthru
x-robots-tag: noindex
set-cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; expires=Fri, 26-Jan-2024 01:48:26 GMT; Max-Age=31556926; path=/; domain=cutimes.com
sailthru_bid=30350181.4529; expires=Wed, 01-Feb-2023 19:59:40 GMT; Max-Age=604800; path=/; domain=cutimes.com
location: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15604
Expires: Thu, 26 Jan 2023 00:19:44 GMT
Date: Wed, 25 Jan 2023 19:59:40 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7vPCmHXqgVPY/BrP+JP3kQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6i8m+QS94J7tyCwgqMT+ZCvsdYI=
www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut
104.18.2.183302 Found 0 B URL HTTP/2 www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut
IP 104.18.2.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 25 Jan 2023 19:59:41 GMT
content-length: 0
location: https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
cf-ray: 78f39736fb9fb51d-OSL
access-control-allow-origin: *
set-cookie: NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660;expires=Wed, 25-Jan-2023 20:04:41 GMT;path=/;secure;httponly
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
backend: templates_newlaw_director
redirect-reason: SSO (silent login)
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 27
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 46e12bb04b4d3a900e118f72fda1dd26
6e1f03f35fc066b7c277350fb0b23f185e3b50c6
dbaf63ef2f71bd19c32a21f754272992c178ff8c7e45c49cba57ac04f614663a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 25 Jan 2023 19:59:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 25 Jan 2023 01:09:29 GMT
Expires: Thu, 26 Jan 2023 01:09:29 GMT
ETag: "6e1f03f35fc066b7c277350fb0b23f185e3b50c6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6796
Expires: Wed, 25 Jan 2023 21:52:58 GMT
Date: Wed, 25 Jan 2023 19:59:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6796
Expires: Wed, 25 Jan 2023 21:52:58 GMT
Date: Wed, 25 Jan 2023 19:59:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6796
Expires: Wed, 25 Jan 2023 21:52:58 GMT
Date: Wed, 25 Jan 2023 19:59:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6796
Expires: Wed, 25 Jan 2023 21:52:58 GMT
Date: Wed, 25 Jan 2023 19:59:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6796
Expires: Wed, 25 Jan 2023 21:52:58 GMT
Date: Wed, 25 Jan 2023 19:59:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3ceda828750acf5ac7c837612a6e0f
f6364de0805cf3cfe66d19293085da16a2c2f832
baa0cb6e3cec7f840477dfdcea518968f5b72a828dbd346abb09e2d3e3aa3bee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9091
x-amzn-requestid: c5849f51-8fc6-40c0-a1e3-9deb74e06c59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRE7TEzxoAMFmuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d04eae-22d80a0c3e6485dd62f420ef;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:33:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JlD-eXZtA8-dDqRe6gMZSyNbPuksroMQ4J_L2g_NjPQB8KQGgZWpXA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:36:12 GMT
age: 80610
etag: "f6364de0805cf3cfe66d19293085da16a2c2f832"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13891ffe8a0cc240be63b7945e4b7688
958b50e9e7e5e02882d55612a5d6d2402e225390
1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:16:15 GMT
age: 60207
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 22:06:36 GMT
age: 78786
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 44748
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d76c1b1126a3e1b51dcca652cb6727b
b199a381ccac4628f2bfa626b44c71954713ca98
3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:19:27 GMT
age: 56415
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb6c1403a1d3c878c08ccaf17f8b3d0a
7596b783e0da5fba63c49374933eccffc223d729
1524dbef51237950d4a14a0e2e053fad933dd92ee0831e2de5c45513122f1d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6026
x-amzn-requestid: 4b05d7f7-783f-4a79-9eed-bbbeb53bc677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRQ-QHmZIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d061f4-721f473c5c8dadd163ca7689;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 22:55:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uuhyzrUcYv-zqjLZvGNYsUuAhCW2vkKpEhQQKlmfSgHDtKz0jD2PNQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 23:18:31 GMT
age: 74471
etag: "7596b783e0da5fba63c49374933eccffc223d729"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
192.226.82.212302 Found 42 kB URL HTTP/1.1 store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
IP 192.226.82.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (584), with CRLF, LF line terminators
Hash 97ba04ff99af77cbb89822dce4ea87f1
8cee94142a260cae75b0a2224206004277a35d77
444857e62ea1a37f05c48272c5aeb106fffeca1e7c4aa621408397f783c7b392
GET /Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941 HTTP/1.1
Host: store.law.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=52f99d1f-ebc5-44d5-8325-ea34543fcc5f&source=https%3a%2f%2fwww.cutimes.com%2f2023%2f01%2f24%2funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2f%3fkw%3dUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3demail%26utm_medium%3denl%26utm_campaign%3ddailynewsalert%26utm_content%3d20230125%26utm_term%3dcut%26slreturn%3d20230025145941&debug=lawDomainIPWithRefRedirectAnon
Server: Microsoft-IIS/8.5
Content-Security-Policy: default-src https: 'unsafe-inline' 'unsafe-eval'
X-Robots-Tag: noindex, nofollow
X-AspNet-Version: 4.0.30319
Set-Cookie: regSID=e379f931-e3a3-486a-98d7-905c74a4269f; expires=Wed, 25-Jan-2023 20:59:40 GMT; path=/; secure; HttpOnly; SameSite=None
ipAddress=7lQjfsZKEok1pHg0; domain=.law.com; expires=Thu, 26-Jan-2023 07:59:40 GMT; path=/; secure; SameSite=None
UCID=52f99d1f-ebc5-44d5-8325-ea34543fcc5f; domain=.law.com; expires=Sat, 25-Jan-2053 19:59:40 GMT; path=/; secure; SameSite=None
CSRFToken=6oJ_OEwgMqpn4w9dzEM4y4PRtfQAHaBAFz2-xul145E; expires=Thu, 26-Jan-2023 07:59:40 GMT; path=/; secure; HttpOnly; SameSite=None
ActiveDomains=pBFiNZNKRc5v%2fCBl81BBygc%3d; domain=.law.com; expires=Thu, 26-Jan-2023 07:59:40 GMT; path=/; secure; HttpOnly; SameSite=None
X-Powered-By: Server #2
Referrer-Policy: origin-when-cross-origin
Date: Wed, 25 Jan 2023 19:59:39 GMT
Content-Length: 28456
ClientProtocol: https
www.cutimes.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png
104.18.2.183200 OK 58 B URL HTTP/2 www.cutimes.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fe3868f3170a6213ff91f52ed21f598c
d8fbca228b4d70129179374687bf41461a98d204
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
GET /assets/master-template/images/market-images/nav-icon-mini-burger-white.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: image/webp
content-length: 58
cf-ray: 78f39744f994b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
content-disposition: inline; filename="nav-icon-mini-burger-white.webp"
etag: W/"2855-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2855
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png
104.18.2.183200 OK 236 B URL HTTP/2 www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e704c4110fe9919c81117e9f0496fe68
a584395440150c1862999de2a7bf67e3f8a2035a
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
GET /assets/master-template/images/nav-icon-sign-in.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: image/webp
content-length: 236
cf-ray: 78f3974509a0b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
content-disposition: inline; filename="nav-icon-sign-in.webp"
etag: W/"1322-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1322
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/market-images/social-li-white.png
104.18.2.183200 OK 256 B URL HTTP/2 www.cutimes.com/assets/master-template/images/market-images/social-li-white.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cd8c7ccce9584feb1312767a8e0c7ee8
fe72a804798c85b02809ead0668f451ad3f7fe4d
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
GET /assets/master-template/images/market-images/social-li-white.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: image/webp
content-length: 256
cf-ray: 78f39745099fb51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
content-disposition: inline; filename="social-li-white.webp"
etag: W/"1413-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1413
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png
104.18.2.183200 OK 166 B URL HTTP/2 www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c898be2143f6abbc4d87908401b89b63
1851f69963ef27598434a9af723e4874ccdddf27
f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768
GET /assets/master-template/images/market-images/social-fb-white.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: image/webp
content-length: 166
cf-ray: 78f39745099db51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
content-disposition: inline; filename="social-fb-white.webp"
etag: W/"1222-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1222
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/reprints-permission.png
104.18.2.183200 OK 378 B URL HTTP/2 www.cutimes.com/assets/master-template/images/reprints-permission.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2f68442623dc4c311f5bee48beb12a3f
2c340c040f123f041bb87a457798fefaad241049
04bcbf22aed03a8ea72525562e6a2c181a6781c856bf5208f4399a98cf54f02f
GET /assets/master-template/images/reprints-permission.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: image/webp
content-length: 378
cf-ray: 78f3974509a5b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
content-disposition: inline; filename="reprints-permission.webp"
etag: W/"2435-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2435
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/market-images/ALM_Credit_Union_Times_white.png
104.18.2.183200 OK 2.1 kB URL HTTP/2 www.cutimes.com/assets/master-template/images/market-images/ALM_Credit_Union_Times_white.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1a184be7f46dc3d15982d22ab05d3958
8d096e8f9cead02966c2bb977b23ea8200cc5f33
433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076
GET /assets/master-template/images/market-images/ALM_Credit_Union_Times_white.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: image/webp
content-length: 2078
cf-ray: 78f3974509a2b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
content-disposition: inline; filename="ALM_Credit_Union_Times_white.webp"
etag: W/"4365-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4365
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png
104.18.2.183200 OK 354 B URL HTTP/2 www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 86809a8b01c9b32d39725517806da8e2
c5502ad0e7f2b67673e80509bcdefbc3a10c5470
fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f
GET /assets/master-template/images/market-images/social-tw-white.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: image/webp
content-length: 354
cf-ray: 78f39745099eb51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
content-disposition: inline; filename="social-tw-white.webp"
etag: W/"1583-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1583
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png
104.18.2.183200 OK 362 B URL HTTP/2 www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 99e90389218a4244852b2db53899fc1d
1882eef603685275df31aee8b1eaa936c6cf81e8
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
GET /assets/master-template/images/market-images/nav-icon-search-white.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: image/webp
content-length: 362
cf-ray: 78f39745099bb51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
content-disposition: inline; filename="nav-icon-search-white.webp"
etag: W/"3368-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3368
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
use.typekit.net/qkq4rhw.css?2023-01-25-14
23.36.76.122200 OK 906 B URL HTTP/2 use.typekit.net/qkq4rhw.css?2023-01-25-14
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 785651cf08bd19d7cd813043922e4695
af98e2f53748aa4834a0bd5d8f1d667055b282b1
00710c62e554350e541edbe40ddd0beca47a7ddce405f9da3d11468270a7deae
GET /qkq4rhw.css?2023-01-25-14 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 906
date: Wed, 25 Jan 2023 19:59:43 GMT
X-Firefox-Spdy: h2
www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.18.2.183200 OK 3.9 kB URL HTTP/2 www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.18.2.183:0
Hash 44e0083acc6a3786ddd111a3c16f0ead
2e047b8a832289703ecdc957e4ac15418e7e5b3a
90d54b3f430bf67cc306b8b263916b29807721daef88243d532d31cccdffda4d
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-302c"
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f39744f980b51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 27 Jan 2023 19:59:42 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/mini-home-white.png
104.18.2.183200 OK 132 B URL HTTP/2 www.cutimes.com/assets/master-template/images/mini-home-white.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 30e11f30d9e243dad5f4d872b73711c9
a9d76d526f42899dc3827766de66a8682dbe176c
f31d2dfc1978d5fe95f0e110bcd134a79a05c8d420e4df70165fe377b3d691c5
GET /assets/master-template/images/mini-home-white.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: image/webp
content-length: 132
cf-ray: 78f3974509a4b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400
content-disposition: inline; filename="mini-home-white.webp"
etag: W/"2927-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2927
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
www.cutimes.com/assets/build/css/fa-icons-lib.min.css
104.18.2.183200 OK 20 kB URL HTTP/2 www.cutimes.com/assets/build/css/fa-icons-lib.min.css
IP 104.18.2.183:0
File type ASCII text, with very long lines (3923)
Hash 7e083c9a3cef8ec59494f13487b153f9
00097aed1e4d2c89a687fd22ccbd54db32631312
0861a122281f0c37b329660fa575c019f683afc95efb06ac6e48919b133a7e06
GET /assets/build/css/fa-icons-lib.min.css HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: text/css;charset=UTF-8
cf-ray: 78f39744f982b51d-OSL
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
etag: W/"4085-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 145
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
images.cutimes.com/contrib/content/uploads/sites/413/2020/10/ATM-skimming-e1603823784423.jpg
104.18.2.183200 OK 63 kB URL HTTP/2 images.cutimes.com/contrib/content/uploads/sites/413/2020/10/ATM-skimming-e1603823784423.jpg
IP 104.18.2.183:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x414, components 3\012- data
Hash f56fee58266520964155c570922dce1d
4b2669ed5c4df70922a852682b9fb3f0a4122c00
f4aed93287eeb1ddd688c2869c7f368c700175a235bde1cf289205ce510dc749
GET /contrib/content/uploads/sites/413/2020/10/ATM-skimming-e1603823784423.jpg HTTP/1.1
Host: images.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: image/jpeg
content-length: 62945
backend: contribsreimg_prod_director
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=68239, status=webp_bigger
etag: "a46c24-10a8f-5b2ab52ee0cbc"
last-modified: Tue, 27 Oct 2020 18:36:24 GMT
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
cf-cache-status: REVALIDATED
expires: Wed, 25 Jan 2023 23:59:43 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f397455a24b51d-OSL
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/css/market-css/luminaries.css?2023-01-25-14
104.18.2.183200 OK 21 kB URL HTTP/2 www.cutimes.com/assets/master-template/css/market-css/luminaries.css?2023-01-25-14
IP 104.18.2.183:0
File type ASCII text, with very long lines (5237), with no line terminators
Hash ba85a1d776ec4339cbf0163552965d6d
177b53fe7c7983eb0fe705cfd0c4fd4641f5096c
e9fe0dbc9b3f21c4108f29533f1fdf308d6fb8102bd6a9a2e051664347561ca3
GET /assets/master-template/css/market-css/luminaries.css?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: text/css;charset=UTF-8
cf-ray: 78f39744f993b51d-OSL
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
etag: W/"6508-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: minify
cf-polished: origSize=6508
x-cache: HIT 13
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
23.36.76.122200 OK 34 kB URL HTTP/2 use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 33856, version 1.0\012- data
Hash 06990a204d1e1f689a0230f8a5119cdc
0bfef280385120a8b913c048a186f91d9ee55fef
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41
GET /af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 33856
etag: "0373618e2db17cca6330e4b11556968310f08eb7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 25 Jan 2023 19:59:43 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
23.36.76.122200 OK 19 kB URL HTTP/2 use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 19412, version 1.0\012- data
Hash b1e6603ca428678943d0b45d2ae86a6c
4089c3aecb4089d8aa078fc62abdeb053c0a1e9c
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf
GET /af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19412
etag: "70dc2d1e85f8b46c0851a31b57494c0bdb743209"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 25 Jan 2023 19:59:43 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
23.36.76.122200 OK 32 kB URL HTTP/2 use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 32384, version 1.0\012- data
Hash 8aba0d65966ae522c79c6cd9d5fabd29
b1d04e4c4487e562fe96604efe78a5c891c75961
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc
GET /af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 32384
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 25 Jan 2023 19:59:43 GMT
X-Firefox-Spdy: h2
www.cutimes.com/assets/css/falcon-ui.css?2023-01-25-14
104.18.2.183200 OK 33 kB URL HTTP/2 www.cutimes.com/assets/css/falcon-ui.css?2023-01-25-14
IP 104.18.2.183:0
Hash 862cf20ea0f58f3b71fa13cc37729f3b
bd12842b7027dec67014428241595420184b8bd3
9d9fd40c8ba59b7060130592dbdeb28a3a54599642b9a5e487e689529575c7b6
GET /assets/css/falcon-ui.css?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: text/css;charset=UTF-8
cf-ray: 78f39744f98eb51d-OSL
access-control-allow-origin: *
cache-control: public, max-age=14400
etag: W/"771-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
backend: templates_newlaw_director
ntcoent-length: 771
x-cache: HIT 40
x-frame-options: SAMEORIGIN
x-vnode: 27
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.36.76.122200 OK 34 kB URL HTTP/2 use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 33660, version 1.0\012- data
Hash e21953c87f09ca307fea4132455a059a
08b07c629dc5407c6f9dfa375279d53af4bf2727
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
GET /af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 33660
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 25 Jan 2023 19:59:43 GMT
X-Firefox-Spdy: h2
imageserver.amlaw.com/images/ALM-21-422103%20Regulated%20Static%20Modules_CUT_300x250.jpg
104.18.13.90200 OK 110 kB URL HTTP/2 imageserver.amlaw.com/images/ALM-21-422103%20Regulated%20Static%20Modules_CUT_300x250.jpg
IP 104.18.13.90:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2021:06:02 11:30:44], baseline, precision 8, 300x250, components 3\012- data
Size 110 kB (109967 bytes)
Hash 30bfc5446b7d78a45bb5eae88dcbafa6
00177eb2d97116813fdd892b696c110249f770fe
8ee9691fae522eec0400aa4fef2c4ec6ea5c8ba12410d2bfbb1ee8a759a100a7
GET /images/ALM-21-422103%20Regulated%20Static%20Modules_CUT_300x250.jpg HTTP/1.1
Host: imageserver.amlaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: image/jpeg
content-length: 109967
cf-bgj: h2pri
etag: "809fd518a063d81:0"
last-modified: Mon, 09 May 2022 12:27:07 GMT
cf-cache-status: HIT
age: 2321
expires: Wed, 25 Jan 2023 23:59:43 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f3974b6c77b4e8-OSL
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.js?2023-01-25-14
104.17.24.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.js?2023-01-25-14
IP 104.17.24.14:0
File type ASCII text, with very long lines (18138)
Hash 590e04c4613b7d6758cd758eb99b7a1a
66324f29cf1ba9f0481216ae4acfe3b8f0607a37
10a53cd60afd4d4b738a02c45f9060de1ac5af97d7b7b521622208a27591a6bb
GET /ajax/libs/underscore.js/1.11.0/underscore-min.js?2023-01-25-14 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 6463
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f4986fd-48b0"
last-modified: Fri, 28 Aug 2020 22:36:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20116986
expires: Mon, 15 Jan 2024 19:59:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmQdWIjPA6OeWG43fh2MDqqu8DlBzpt7T97t%2BoElV2uZmrhQlGz0o6AnCNfUobJqrMH9%2FX%2FyGzzvezc0bFLLj02RkjIqwC23KYmogX8ukwKFru1hUj%2B7uS6Fpp24%2FYnUeVxPgtPI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78f3974bdd91b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js
104.17.24.14200 OK 3.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (10878)
Hash 6ea2c00839ed36981fbd1b780e595bfb
9ccfa1a9cd5cb950fc6aaf7697e8a0f9445499b8
9264523f67fe6dae44ac10a749711f77eeff71a8296210098d1144f84e01f944
GET /ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 3592
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ef3fc71-2b0b"
last-modified: Thu, 25 Jun 2020 01:22:57 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 569846
expires: Mon, 15 Jan 2024 19:59:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4Qs36%2BrZNsLWAo9cUTawh%2Bl97xmPwchX%2Bn8N1k6UtqNJmLvXS7ujIdoMwnhuU67Raj6vPFzXsDl94GixmnzipwIPh09VfiNZqqrhD7glPSOxv3YjhbAwcaaW5rXyDSGA9hPfuE6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78f3974bdd94b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/css/plc/pagination.css?2023-01-25-14
104.18.2.183200 OK 29 kB URL HTTP/2 www.cutimes.com/assets/master-template/css/plc/pagination.css?2023-01-25-14
IP 104.18.2.183:0
File type ASCII text, with very long lines (3142), with no line terminators
Hash 6f10229e478497e0ff47b56005927484
9517ad474a65f5fbd3622d16edb1cf27b6d00606
3e0758ef6258732ead113fbf13d8a4981a83f8b87c33b4e30e14b393c478eadd
GET /assets/master-template/css/plc/pagination.css?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: text/css;charset=UTF-8
cf-ray: 78f39744f992b51d-OSL
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
etag: W/"4295-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: minify
cf-polished: origSize=4295
x-cache: HIT 10
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/release/bootstrap-master.min.js
104.18.2.183200 OK 97 kB URL HTTP/2 www.cutimes.com/assets/master-template/js/release/bootstrap-master.min.js
IP 104.18.2.183:0
File type ASCII text, with very long lines (25286), with no line terminators
Hash 7b7e593ad49800c3e35e75985d5ca47e
2c071fec26fb644d0b1bdf0cd64f860ab33a3112
3c83dad3fefeedf7d0b31071606f8c3ed723817b21a7e37f0c96e58285eea5a9
GET /assets/master-template/js/release/bootstrap-master.min.js HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bbd1ab51d-OSL
access-control-allow-origin: *
age: 2317
cache-control: public, max-age=14400
etag: W/"25286-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 145
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
142.250.74.138200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 12:23:00 GMT
expires: Wed, 24 Jan 2024 12:23:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 113804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cutimes.com/assets/master-template/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.2.183200 OK 77 kB URL HTTP/2 www.cutimes.com/assets/master-template/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.2.183:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /assets/master-template/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:44 GMT
content-type: font/woff2;charset=UTF-8
content-length: 77160
cf-ray: 78f3974b2c2db51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
etag: W/"77160-1674594876000"
expires: Wed, 01 Feb 2023 19:59:44 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 145
server: cloudflare
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 46e12bb04b4d3a900e118f72fda1dd26
6e1f03f35fc066b7c277350fb0b23f185e3b50c6
dbaf63ef2f71bd19c32a21f754272992c178ff8c7e45c49cba57ac04f614663a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 25 Jan 2023 19:59:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 25 Jan 2023 01:09:29 GMT
Expires: Thu, 26 Jan 2023 01:09:29 GMT
ETag: "6e1f03f35fc066b7c277350fb0b23f185e3b50c6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
store.law.com/Registration/js/overlayForm.js
192.226.82.212200 OK 3.6 kB URL HTTP/1.1 store.law.com/Registration/js/overlayForm.js
IP 192.226.82.212:0
File type Unicode text, UTF-8 (with BOM) text
Hash 108f1ef315de2772c5e7d5ba23e456a1
0f7475d99161c201a093bb8b8e416c61501c5c06
58c154f4d9cfe3a7e2919f5fa4ee31bae741008490bd9f365eba7c649c68e846
GET /Registration/js/overlayForm.js HTTP/1.1
Host: store.law.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public,max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 23:00:00 GMT
Accept-Ranges: bytes
ETag: "058b6197e24d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: Server #1
Referrer-Policy: origin-when-cross-origin
Date: Wed, 25 Jan 2023 19:59:21 GMT
Content-Length: 3647
ClientProtocol: https
www.cutimes.com/assets/master-template/images/hash-0.png
104.18.2.183200 OK 6.6 kB URL HTTP/2 www.cutimes.com/assets/master-template/images/hash-0.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 239feb2b8bc2f3f56b05a13b6be29789
37d8df0e67de05900cc9c5ee45bf4e0b988db4b1
9deee22321901c58c6baa27ad470951c2eff83eb98baa4e7f4d681e4d2905c54
GET /assets/master-template/images/hash-0.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:44 GMT
content-type: image/webp
content-length: 6550
cf-ray: 78f3974afbc5b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400
content-disposition: inline; filename="hash-0.webp"
etag: W/"22074-1674594876000"
expires: Wed, 25 Jan 2023 23:59:44 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=22074
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b1ca3f23c2ac71279bf5949d12c18a6
9b849b3339567586779a9ca1698f03a505575075
704990e78703a96d8536464f4b9cceeec96e19451793f314a42c2dfbb059f3de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704990E78703A96D8536464F4B9CCEEEC96E19451793F314A42C2DFBB059F3DE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15826
Expires: Thu, 26 Jan 2023 00:23:31 GMT
Date: Wed, 25 Jan 2023 19:59:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b1ca3f23c2ac71279bf5949d12c18a6
9b849b3339567586779a9ca1698f03a505575075
704990e78703a96d8536464f4b9cceeec96e19451793f314a42c2dfbb059f3de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704990E78703A96D8536464F4B9CCEEEC96E19451793F314A42C2DFBB059F3DE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17123
Expires: Thu, 26 Jan 2023 00:45:08 GMT
Date: Wed, 25 Jan 2023 19:59:45 GMT
Connection: keep-alive
z.moatads.com/hd09824092/iframe.html
2.18.173.140200 OK 1.4 kB URL HTTP/2 z.moatads.com/hd09824092/iframe.html
IP 2.18.173.140:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (539)
Hash 4a9cbc2e5bc164313dace42a58bef141
63f9afe5f895872194fc483c0fc97705457ffac6
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
GET /hd09824092/iframe.html HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: sElZdp6Lz7oAUVICzCpIG07F4a67hbtti+ixBYfi/8OrkQfAF/G8MqmNh/qQNl33Gb3RJ2bCEsQ=
x-amz-request-id: D03A2F13596F5331
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
unused62: 8096267
cache-control: max-age=2057
date: Wed, 25 Jan 2023 19:59:45 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash d6edc5dfc416ffb4c3ca9019ae3d7fa9
1aee070eb19cba62e380b3ee3d28f9224ad8c57d
363fc3b09f97072dfb31040c0c2e722d41c6c684f9f408047e278afe693b26ad
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149386
Date: Wed, 25 Jan 2023 19:59:45 GMT
Etag: "63d11a0d-1d7"
Expires: Fri, 27 Jan 2023 13:29:31 GMT
Last-Modified: Wed, 25 Jan 2023 12:01:17 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mWPvw5FF0fbTQLI2RL5QyaSL8uGmgfaZzAM7xHY_BMhqVyh9tzU1jw==
Age: 5294
s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
54.230.111.74200 OK 29 kB URL HTTP/1.1 s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
IP 54.230.111.74:0
File type ASCII text, with very long lines (570)
Hash 424d57ccfdd1f43226de60b4b0bebc18
483f836d7aa3278e23444b794e8025ff93355ba9
a0ec2b3f58214da6ea86f7aae4a1b70b54595e182e1f9aaec184fa854dcbc8e9
GET /dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js HTTP/1.1
Host: s.dpmsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 28906
Connection: keep-alive
Date: Wed, 25 Jan 2023 15:40:20 GMT
Last-Modified: Wed, 25 Jan 2023 15:40:12 GMT
ETag: "424d57ccfdd1f43226de60b4b0bebc18"
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h8oc_rIyPL2LGR08ZSz_XfjCdyY59-WW-05_9MvUoais4YThFeKmAA==
Age: 15566
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c885a88c81218f1659f47d035b97ac2
9dbfa64697ac9cbb34914f63e68ed3eada0f17d9
22f89db46a8f7c5c84e766d68752ac14492de952fa7789a618c4bb16d0aece0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22F89DB46A8F7C5C84E766D68752AC14492DE952FA7789A618C4BB16D0AECE0D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11467
Expires: Wed, 25 Jan 2023 23:10:52 GMT
Date: Wed, 25 Jan 2023 19:59:45 GMT
Connection: keep-alive
tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202212141909
23.38.200.249200 OK 3.4 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202212141909
IP 23.38.200.249:0
File type ASCII text, with very long lines (2821)
Hash aa363eea762d21a3df25ea1917aa8270
c7b476b127e8c7891b06a367e30edf413b51d8a6
23b10b4ae41bc01c3b9390376db86719e58d437e7b44bcf83c201461187309b1
GET /utag/alm/main/prod/utag.119.js?utv=ut4.49.202212141909 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "83f7d6e88de795e268c4c15539348337:1668388920.884977"
last-modified: Mon, 14 Nov 2022 01:22:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 3376
X-Firefox-Spdy: h2
telemetries.jeeng.com/api/events/user_visited_page
172.67.38.78204 No Content 0 B URL HTTP/2 telemetries.jeeng.com/api/events/user_visited_page
IP 172.67.38.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/events/user_visited_page HTTP/1.1
Host: telemetries.jeeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:45 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f39752e891b51d-OSL
X-Firefox-Spdy: h2
player.mediafuse.com/prebidlink/465187/hb_302826_14704.js
45.133.44.3200 OK 123 kB URL HTTP/2 player.mediafuse.com/prebidlink/465187/hb_302826_14704.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Size 123 kB (122948 bytes)
Hash d021264d1e0c5437345997bcf2474fac
e20acb9a79740fa35f3e06aa943e23a0baae6263
eba547ea515fc43fc48ad684cbe9985d0ed025e77c2dda82713f5c2d0fc414ca
GET /prebidlink/465187/hb_302826_14704.js HTTP/1.1
Host: player.mediafuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Thu, 10 Nov 2022 13:27:20 GMT
etag: W/"636cfc38-61486"
cache-control: max-age=172800
content-encoding: gzip
expires: Fri, 27 Jan 2023 19:59:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 176824
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
telemetries.jeeng.com/api/events/user_visited_page
172.67.38.78200 OK 15 B URL HTTP/2 telemetries.jeeng.com/api/events/user_visited_page
IP 172.67.38.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0c776997933eb60833b37beaf43814c8
bff63526eb02853c6b414ccfb4d00ac9ca283930
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
POST /api/events/user_visited_page HTTP/1.1
Host: telemetries.jeeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 824
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: application/json; charset=utf-8
content-length: 15
x-powered-by: Express
access-control-allow-origin: *
etag: W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f39753d9e9b51d-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fa7b5c2f50f3b0b9b031eeeeef94bb48
515300e1d356d423dbbfed39fca256483a402640
ed3a0d7008215a0156ad4ee865ecf19d223161572e0a1d46fe8c930110da296f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4147
Cache-Control: max-age=126988
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:45 GMT
Etag: "63d0c70a-1d7"
Expires: Fri, 27 Jan 2023 07:16:13 GMT
Last-Modified: Wed, 25 Jan 2023 06:07:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1674676783271
52.50.220.58302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1674676783271
IP 52.50.220.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1674676783271 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1674676783271
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=74170239085632061970044387070693291138; Max-Age=15552000; Expires=Mon, 24 Jul 2023 19:59:45 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 1lKvrkzZSpQ=
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dda854cb90cda40c6a6dbc19eb186eca
0d23775c5af739aac0a41844d09c704ab850a1bd
7c432d209fcf9dde0ca59bf93f76526d98aab474041f19b2d6fe79942ed3a7e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39378)
Hash f1ca377db35f591f6338f2218f742829
fbb3e386dcfd5edac4a17cb55e9f4d241bf7c5f1
b810966bdf39fbaf625f2b79727a6a97b3c8fe591830c3012ed382f383f7754e
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27707
date: Wed, 25 Jan 2023 19:59:45 GMT
expires: Wed, 25 Jan 2023 19:59:45 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1463 / 91 of 1000 / last-modified: 1674648614"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/B3zWrkPk43o
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/B3zWrkPk43o
IP 142.250.74.131:0
Hash d775d3fe1af1e070c2ed5b392505b08a
c5bcc66e6ac84c22cb184884cf5267743f246541
040d27491281d8f0f1f5cbe9916f95e6308463133abd88c942f55ba4e44ec9be
POST /s/gts1d4/B3zWrkPk43o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f6b10c756f837eabbf766710238d06a
b236f5630dd2996de71d00cd122aeb8db04981dd
4825c05e42a2934107fea3fc088c8af310fed519b6a4794148652c66d0b40ef6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2038
Cache-Control: max-age=85645
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:45 GMT
Etag: "63d02dc8-1d7"
Expires: Thu, 26 Jan 2023 19:47:10 GMT
Last-Modified: Tue, 24 Jan 2023 19:13:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f6b10c756f837eabbf766710238d06a
b236f5630dd2996de71d00cd122aeb8db04981dd
4825c05e42a2934107fea3fc088c8af310fed519b6a4794148652c66d0b40ef6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2038
Cache-Control: max-age=85645
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:45 GMT
Etag: "63d02dc8-1d7"
Expires: Thu, 26 Jan 2023 19:47:10 GMT
Last-Modified: Tue, 24 Jan 2023 19:13:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34c6c87358e04f2487a4fcb466d2ad17
2e99bb20b81b80930471f736676e4dd3a093a9cd
db58d2601ad2308da96f8998b9b5e39c3c48b910c0f141230a757b9985b536fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FHm%24t3c%40cjKBghs%7C%3BNpIu%7CFZjkhMmf3%2B%26Y7%25t_%25BASTl(Kc%2CA%24%3D!%3Ex%3FjcReU9%3CUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-v3J3MSkutXluUmA%2F%2FFnaGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&rs=1-pUX1JxNzs6uFgA%3D%3D&sc=1&os=1-mg%3D%3D&qp=01000&is=BBBBB2BBEY4vGl2BBCBBtBBE1RmsqBBB8BsrBu0rCBE48CRBeeBS2hWTMBBQeQBOn2soYggyUig0CBlWZ0BNpKzisfZBBBBBiOfnE6Bkg7OxibBBBBBBBHCBBBBBBhIcb9YBoBXcBXBR7BiUUsJBCBBBBBBBBJWBBBj3BBBZeGB2BB05MCBBHBBCgEBBBBBB94UMgTdJMtEcpMBBBQBBBniBccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8Bw6BQmIBRBBCzmz1BBCTClBBrbBBC4ehueB57NG9aJeRzBBBBBBBBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1280&qe=939&qh=1280&qg=1024&qm=0&qa=1280&qb=1024&qi=1280&qj=1002&to=000&po=1-0020002000002120&vy=&qr=0&ql=&qo=0&i=ALM_HEADER1&hp=1&wf=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=1&ht=0&dnt=0&bq=11&f=0&j=&t=1674676782885&de=665354956837&rx=931844008419&m=0&ar=3b5b3eaa-clean&iw=0f48ed0&q=1&cb=0&cu=1674676782885&ll=1&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=true&la=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A-%3A4083%3A5035%3A4172&fs=112&na=90672304&cs=0&callback=MoatDataJsonpRequest_21746464
34.241.144.75200 OK 86 B URL HTTP/2 geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FHm%24t3c%40cjKBghs%7C%3BNpIu%7CFZjkhMmf3%2B%26Y7%25t_%25BASTl(Kc%2CA%24%3D!%3Ex%3FjcReU9%3CUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-v3J3MSkutXluUmA%2F%2FFnaGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&rs=1-pUX1JxNzs6uFgA%3D%3D&sc=1&os=1-mg%3D%3D&qp=01000&is=BBBBB2BBEY4vGl2BBCBBtBBE1RmsqBBB8BsrBu0rCBE48CRBeeBS2hWTMBBQeQBOn2soYggyUig0CBlWZ0BNpKzisfZBBBBBiOfnE6Bkg7OxibBBBBBBBHCBBBBBBhIcb9YBoBXcBXBR7BiUUsJBCBBBBBBBBJWBBBj3BBBZeGB2BB05MCBBHBBCgEBBBBBB94UMgTdJMtEcpMBBBQBBBniBccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8Bw6BQmIBRBBCzmz1BBCTClBBrbBBC4ehueB57NG9aJeRzBBBBBBBBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1280&qe=939&qh=1280&qg=1024&qm=0&qa=1280&qb=1024&qi=1280&qj=1002&to=000&po=1-0020002000002120&vy=&qr=0&ql=&qo=0&i=ALM_HEADER1&hp=1&wf=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=1&ht=0&dnt=0&bq=11&f=0&j=&t=1674676782885&de=665354956837&rx=931844008419&m=0&ar=3b5b3eaa-clean&iw=0f48ed0&q=1&cb=0&cu=1674676782885&ll=1&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=true&la=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A-%3A4083%3A5035%3A4172&fs=112&na=90672304&cs=0&callback=MoatDataJsonpRequest_21746464
IP 34.241.144.75:0
File type ASCII text, with no line terminators
Hash 7e558620424cb7227b0f0fd39adfd06d
28776a8e619014cd46149ab9c6dc8b535c0a1e72
cea2ce2a4802cc52239371d888ba98d7805da0ec5e8fc0d05ddff9b18de5e604
GET /n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FHm%24t3c%40cjKBghs%7C%3BNpIu%7CFZjkhMmf3%2B%26Y7%25t_%25BASTl(Kc%2CA%24%3D!%3Ex%3FjcReU9%3CUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-v3J3MSkutXluUmA%2F%2FFnaGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&rs=1-pUX1JxNzs6uFgA%3D%3D&sc=1&os=1-mg%3D%3D&qp=01000&is=BBBBB2BBEY4vGl2BBCBBtBBE1RmsqBBB8BsrBu0rCBE48CRBeeBS2hWTMBBQeQBOn2soYggyUig0CBlWZ0BNpKzisfZBBBBBiOfnE6Bkg7OxibBBBBBBBHCBBBBBBhIcb9YBoBXcBXBR7BiUUsJBCBBBBBBBBJWBBBj3BBBZeGB2BB05MCBBHBBCgEBBBBBB94UMgTdJMtEcpMBBBQBBBniBccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8Bw6BQmIBRBBCzmz1BBCTClBBrbBBC4ehueB57NG9aJeRzBBBBBBBBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1280&qe=939&qh=1280&qg=1024&qm=0&qa=1280&qb=1024&qi=1280&qj=1002&to=000&po=1-0020002000002120&vy=&qr=0&ql=&qo=0&i=ALM_HEADER1&hp=1&wf=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=1&ht=0&dnt=0&bq=11&f=0&j=&t=1674676782885&de=665354956837&rx=931844008419&m=0&ar=3b5b3eaa-clean&iw=0f48ed0&q=1&cb=0&cu=1674676782885&ll=1&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=true&la=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A-%3A4083%3A5035%3A4172&fs=112&na=90672304&cs=0&callback=MoatDataJsonpRequest_21746464 HTTP/1.1
Host: geo.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: text/html; charset=UTF-8
content-length: 86
server: Microsoft-IIS/6.0
cache-control: max-age=900
timing-allow-origin: *
etag: "28776a8e619014cd46149ab9c6dc8b535c0a1e72"
X-Firefox-Spdy: h2
mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FHm%24t3c%40cjKBghs%7C%3BNpIu%7CFZjkhMmf3%2B%26Y7%25t_%25BASTl(Kc%2CA%24%3D!%3Ex%3FjcReU9%3CUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-v3J3MSkutXluUmA%2F%2FFnaGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&rs=1-pUX1JxNzs6uFgA%3D%3D&sc=1&os=1-mg%3D%3D&qp=01000&is=BBBBB2BBEY4vGl2BBCBBtBBE1RmsqBBB8BsrBu0rCBE48CRBeeBS2hWTMBBQeQBOn2soYggyUig0CBlWZ0BNpKzisfZBBBBBiOfnE6Bkg7OxibBBBBBBBHCBBBBBBhIcb9YBoBXcBXBR7BiUUsJBCBBBBBBBBJWBBBj3BBBZeGB2BB05MCBBHBBCgEBBBBBB94UMgTdJMtEcpMBBBQBBBniBccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8Bw6BQmIBRBBCzmz1BBCTClBBrbBBC4ehueB57NG9aJeRzBBBBBBBBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1280&qe=939&qh=1280&qg=1024&qm=0&qa=1280&qb=1024&qi=1280&qj=1002&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&pcode=almheader466656885399&rx=931844008419&callback=MoatNadoAllJsonpRequest_21746464
34.241.144.75200 OK 213 B URL HTTP/2 mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FHm%24t3c%40cjKBghs%7C%3BNpIu%7CFZjkhMmf3%2B%26Y7%25t_%25BASTl(Kc%2CA%24%3D!%3Ex%3FjcReU9%3CUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-v3J3MSkutXluUmA%2F%2FFnaGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&rs=1-pUX1JxNzs6uFgA%3D%3D&sc=1&os=1-mg%3D%3D&qp=01000&is=BBBBB2BBEY4vGl2BBCBBtBBE1RmsqBBB8BsrBu0rCBE48CRBeeBS2hWTMBBQeQBOn2soYggyUig0CBlWZ0BNpKzisfZBBBBBiOfnE6Bkg7OxibBBBBBBBHCBBBBBBhIcb9YBoBXcBXBR7BiUUsJBCBBBBBBBBJWBBBj3BBBZeGB2BB05MCBBHBBCgEBBBBBB94UMgTdJMtEcpMBBBQBBBniBccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8Bw6BQmIBRBBCzmz1BBCTClBBrbBBC4ehueB57NG9aJeRzBBBBBBBBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1280&qe=939&qh=1280&qg=1024&qm=0&qa=1280&qb=1024&qi=1280&qj=1002&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&pcode=almheader466656885399&rx=931844008419&callback=MoatNadoAllJsonpRequest_21746464
IP 34.241.144.75:0
File type ASCII text, with no line terminators
Hash 504135ee96c034fbdc92e3a53b3c93bb
768d8780b8af61c01d9509aa0449c04019b431bd
93a6515d33f2e297dc71388989e60c7308fa2bbfaeb995a057f9810cf0233a73
GET /yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FHm%24t3c%40cjKBghs%7C%3BNpIu%7CFZjkhMmf3%2B%26Y7%25t_%25BASTl(Kc%2CA%24%3D!%3Ex%3FjcReU9%3CUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-v3J3MSkutXluUmA%2F%2FFnaGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&rs=1-pUX1JxNzs6uFgA%3D%3D&sc=1&os=1-mg%3D%3D&qp=01000&is=BBBBB2BBEY4vGl2BBCBBtBBE1RmsqBBB8BsrBu0rCBE48CRBeeBS2hWTMBBQeQBOn2soYggyUig0CBlWZ0BNpKzisfZBBBBBiOfnE6Bkg7OxibBBBBBBBHCBBBBBBhIcb9YBoBXcBXBR7BiUUsJBCBBBBBBBBJWBBBj3BBBZeGB2BB05MCBBHBBCgEBBBBBB94UMgTdJMtEcpMBBBQBBBniBccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8Bw6BQmIBRBBCzmz1BBCTClBBrbBBC4ehueB57NG9aJeRzBBBBBBBBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1280&qe=939&qh=1280&qg=1024&qm=0&qa=1280&qb=1024&qi=1280&qj=1002&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&pcode=almheader466656885399&rx=931844008419&callback=MoatNadoAllJsonpRequest_21746464 HTTP/1.1
Host: mb.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: text/html; charset=UTF-8
content-length: 213
server: Microsoft-IIS/6.0
cache-control: max-age=900
timing-allow-origin: *
etag: "768d8780b8af61c01d9509aa0449c04019b431bd"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/B3zWrkPk43o
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/B3zWrkPk43o
IP 142.250.74.131:0
Hash d775d3fe1af1e070c2ed5b392505b08a
c5bcc66e6ac84c22cb184884cf5267743f246541
040d27491281d8f0f1f5cbe9916f95e6308463133abd88c942f55ba4e44ec9be
POST /s/gts1d4/B3zWrkPk43o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans&display=swap
142.250.74.106200 OK 739 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&display=swap
IP 142.250.74.106:0
Hash e8208f00ba488ef9798692ee63006ebc
4a9e6cfb7ff303ccf75189f6ce64044b5eca2d42
87a543c29a7d117191a95cfcba058f5a4ebd5d49c4af00ce781ad412dd75185c
GET /css?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 25 Jan 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
olytics.omeda.com/olytics/css/v3/p/olytics.css
54.230.111.102200 OK 22 kB URL HTTP/2 olytics.omeda.com/olytics/css/v3/p/olytics.css
IP 54.230.111.102:0
Hash d8fc6402c6c4d7278d68c0d23cde0b60
761dabde342d735d30840733222204d3cbc8aeb2
ac5941204e518989ef90d65ee3bf5ae9cd030cb840be2afac299c6c40d436a6d
GET /olytics/css/v3/p/olytics.css HTTP/1.1
Host: olytics.omeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
last-modified: Fri, 27 Aug 2021 04:05:28 GMT
cache-control: max-age=21600
expires: Tue, 24 Jan 2023 09:43:59 GMT
content-encoding: gzip
server: Apache
date: Wed, 25 Jan 2023 15:44:08 GMT
etag: W/"28820-1630037128000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E8X1FhbpRBgq9_zf5wXnLo_GvxpjZ-bZ476Hpk0CoC2-uH3ob0Zgow==
age: 15339
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/market-images/arrow-open.png
104.18.2.183200 OK 134 B URL HTTP/2 www.cutimes.com/assets/master-template/images/market-images/arrow-open.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 69a1add76a79421d67e1d88e4cac6ce9
93d3de8853fd2db8a8690787df7ca664d8325640
075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10
GET /assets/master-template/images/market-images/arrow-open.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660; utag_main=v_id:0185ea83c8990007b91152748b6600050012300900918$_sn:1$_se:1$_ss:1$_st:1674678583258$ses_id:1674676783258%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com; hbx_lt=none; AMCV_96C4370453295E4C0A490D44%40AdobeOrg=1585540135%7CMCIDTS%7C19383%7CvVersion%7C4.4.0; __cf_bm=dJObNc1gNz6HClFoypM88sL4ru5EqE_5QugC_Xh3U0c-1674676785-0-AXVrE9isEHlBih5/ptcRsRH/3lLHkrL2WI6jCiPAcoTyCQ4Xgvi276ZLNZzAybhdKh5l9NBopwDUwoRXpkUgRTK3+we1utJ/2Kx/8UX71bKcb57CC7Pne47iKfvGqLZiGm5FFQUh841DvlF6Xs7QBzc=; oly_fire_id=3348C6813023A1M; oly_anon_id=a7f1c7a6-02e6-46a9-b556-682e5d59e234; dpm_url_count=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: image/webp
content-length: 134
cf-ray: 78f39757c821b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2312
cache-control: public, max-age=14400
content-disposition: inline; filename="arrow-open.webp"
etag: W/"2986-1674594876000"
expires: Wed, 25 Jan 2023 23:59:45 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2986
x-cache: HIT 3
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png
104.18.2.183200 OK 236 B URL HTTP/2 www.cutimes.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e704c4110fe9919c81117e9f0496fe68
a584395440150c1862999de2a7bf67e3f8a2035a
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
GET /assets/master-template/images/market-images/nav-icon-sign-in-white.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660; utag_main=v_id:0185ea83c8990007b91152748b6600050012300900918$_sn:1$_se:1$_ss:1$_st:1674678583258$ses_id:1674676783258%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com; hbx_lt=none; AMCV_96C4370453295E4C0A490D44%40AdobeOrg=1585540135%7CMCIDTS%7C19383%7CvVersion%7C4.4.0; __cf_bm=dJObNc1gNz6HClFoypM88sL4ru5EqE_5QugC_Xh3U0c-1674676785-0-AXVrE9isEHlBih5/ptcRsRH/3lLHkrL2WI6jCiPAcoTyCQ4Xgvi276ZLNZzAybhdKh5l9NBopwDUwoRXpkUgRTK3+we1utJ/2Kx/8UX71bKcb57CC7Pne47iKfvGqLZiGm5FFQUh841DvlF6Xs7QBzc=; oly_fire_id=3348C6813023A1M; oly_anon_id=a7f1c7a6-02e6-46a9-b556-682e5d59e234; dpm_url_count=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: image/webp
content-length: 236
cf-ray: 78f39757c81fb51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2312
cache-control: public, max-age=14400
content-disposition: inline; filename="nav-icon-sign-in-white.webp"
etag: W/"3131-1674594876000"
expires: Wed, 25 Jan 2023 23:59:45 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3131
x-cache: HIT 2
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202103192340
23.38.200.249200 OK 1.5 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202103192340
IP 23.38.200.249:0
File type ASCII text, with very long lines (1968)
Hash 79f92b4f1a53a36ed4b94ab600d7ad80
5dda65796a465440556db297e844599f06b33df5
aea75cb139d24d89955bc912364e46ee3e96c1d7415d7746b5c272f01c8d6bea
GET /utag/alm/main/prod/utag.26.js?utv=ut4.49.202103192340 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c0950e22ed37b8b60ace798f4912a07:1616197246.557629"
last-modified: Fri, 19 Mar 2021 23:40:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 1525
X-Firefox-Spdy: h2
www.cutimes.com/apple-touch-icon.png
104.18.2.183200 OK 2.6 kB URL HTTP/2 www.cutimes.com/apple-touch-icon.png
IP 104.18.2.183:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b433ba273763a54dfd2e90f992a2d3a
79a67fc9587ba665ee90ab8cff9a0ffc87298f7a
3d9a606ed7229f007b992fc0fc685ea0344b5af9bae85e37ef19f1ae23a2651f
GET /apple-touch-icon.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660; utag_main=v_id:0185ea83c8990007b91152748b6600050012300900918$_sn:1$_se:1$_ss:1$_st:1674678583258$ses_id:1674676783258%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com; hbx_lt=none; AMCV_96C4370453295E4C0A490D44%40AdobeOrg=1585540135%7CMCIDTS%7C19383%7CvVersion%7C4.4.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: image/png;charset=UTF-8
content-length: 2586
cf-ray: 78f397558cb2b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400
content-language: en-US
etag: W/"2586-1674594876000"
expires: Wed, 25 Jan 2023 23:59:45 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 27
server: cloudflare
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.32.js?utv=ut4.49.201909121652
23.38.200.249200 OK 1.4 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.32.js?utv=ut4.49.201909121652
IP 23.38.200.249:0
File type ASCII text, with very long lines (1117)
Hash e5a1484756d11e2bde16bce63e968fef
cea599db1d7673b84b73c05522e3d86b65ffefdb
a454f0cc7eee1d8503aa90d1db7b19fe9854e10b7262ac0d86f57a280503943e
GET /utag/alm/main/prod/utag.32.js?utv=ut4.49.201909121652 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "fb390697366796015697c0162fac7588:1592861216.366485"
last-modified: Mon, 22 Jun 2020 21:26:56 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 1448
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.115.js?utv=ut4.49.202006181642
23.38.200.249200 OK 5.3 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.115.js?utv=ut4.49.202006181642
IP 23.38.200.249:0
Hash 18d13a8d1ba33dde4322dedd2662aade
61e199ab52ea6d3611b917f2460abe8336e80ce2
2540b31f8dddd341e94856ea4bafa8bb023f53bc3c9a38fd12e86d3e76c94181
GET /utag/alm/main/prod/utag.115.js?utv=ut4.49.202006181642 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "965f1682763e76a92cd993fa62bb8feb:1592861213.319632"
last-modified: Mon, 22 Jun 2020 21:26:53 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 3422
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.49.202208041434
23.38.200.249200 OK 1.0 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.49.202208041434
IP 23.38.200.249:0
File type ASCII text, with very long lines (1102)
Hash 28418b72c9bb226c4fd95aa8099d382a
dc4a45dbe03f92c94679e4c68bcb5fbe9b06f180
f1980daac4913765a62aeedeebb4cdbec50cdae0115a5ce64c27f19b157bad5a
GET /utag/alm/main/prod/utag.112.js?utv=ut4.49.202208041434 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "237667acf6557ccb2652f9af3e9f82a8:1589925572.725309"
last-modified: Tue, 19 May 2020 21:59:32 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 1014
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js?2023-01-25-14
104.18.2.183200 OK 2.6 kB URL HTTP/2 www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js?2023-01-25-14
IP 104.18.2.183:0
File type ASCII text, with very long lines (1666)
Hash 02944bd999325bb4c8ebba745320933e
c62e4d6c8010bab271690a3e01bc4da74850b38a
ca6ed1f93dbfdca8bb8ed92255a564ca4be0410fb8a2fe0a6f5587913d83f2bc
GET /assets/master-template/js/prebid/cutimes.prebid.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:44 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bcd4cb51d-OSL
access-control-allow-origin: *
cache-control: public, max-age=14400
etag: W/"1692-1674594876000"
expires: Wed, 25 Jan 2023 23:59:44 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
backend: templates_newlaw_director
cteonnt-length: 1692
x-cache: HIT 35
x-frame-options: SAMEORIGIN
x-vnode: 27
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.116.js?utv=ut4.49.202006181642
23.38.200.249200 OK 3.4 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.116.js?utv=ut4.49.202006181642
IP 23.38.200.249:0
File type ASCII text, with very long lines (1297)
Hash 91e001eaffb51ba998f1cbac4cf93652
eea32ff2815c5b5fad1696da40a4c0681a8ad9f8
38f7f357047759b832d80cb60ab3045c507473c31da1a77567cd25bcf30d969d
GET /utag/alm/main/prod/utag.116.js?utv=ut4.49.202006181642 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "0c36e0bf1ac75d734731c85b9eb62809:1592861210.402313"
last-modified: Mon, 22 Jun 2020 21:26:50 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 3424
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.49.202212130031
23.38.200.249200 OK 4.3 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.49.202212130031
IP 23.38.200.249:0
File type ASCII text, with very long lines (3604)
Hash 69eb224013afb67f06a695d30b6663a9
6533a385f3091de02dd0cf87148c8a7cbb262ed3
cf46ef0bb15dcfb74ae8a7bd1e691d4035fe1bc4aec3e4087709978f2ee018bc
GET /utag/alm/main/prod/utag.110.js?utv=ut4.49.202212130031 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "c4439421a9de53a39a242236b1e5dd22:1670891514.308169"
last-modified: Tue, 13 Dec 2022 00:31:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 4255
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
23.38.200.249200 OK 2.6 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
IP 23.38.200.249:0
File type ASCII text, with very long lines (1117)
Hash 8ce07d50b1a7436e9c5bb3c80d1ec092
d869f6c4033bb0e572e2ebcf87de2f0d64d2fde2
c0c2e3872ba220d6725a7c055a20b9f6e411277a28284df6fe68317b4f4fab69
GET /utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "971f04b006cc919908469e2f3227ef37:1667949163.457898"
last-modified: Tue, 08 Nov 2022 23:12:43 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 2567
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.127.js?utv=ut4.49.202209142209
23.38.200.249200 OK 1.0 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.127.js?utv=ut4.49.202209142209
IP 23.38.200.249:0
File type ASCII text, with very long lines (995)
Hash 12617daa959488db39bc3febd2c232d0
26ae25781075571fab7f0e1e9bee31dab7beee2c
8571cdb6b86e3361d2cc99aea81ada7bc94794f77c7c75c1a7ebd81ce7a05a28
GET /utag/alm/main/prod/utag.127.js?utv=ut4.49.202209142209 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "1cebcabe3bf89e46a8b846418752ce92:1663193392.310285"
last-modified: Wed, 14 Sep 2022 22:09:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 1041
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.49.202301111726
23.38.200.249200 OK 36 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.49.202301111726
IP 23.38.200.249:0
File type ASCII text, with very long lines (12616)
Hash a9d2cf9eabf36c4d1f815b977d84ff54
5333e7c56c87a48e503f190018487471056522e4
7bf83fa47fb1a52793f0d4101273a52f054d29a2d85400a436b8462a333e4ebc
GET /utag/alm/main/prod/utag.78.js?utv=ut4.49.202301111726 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "f17f09a6372f9e152d18f62fc127c1b9:1673457987.14495"
last-modified: Wed, 11 Jan 2023 17:26:27 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 35491
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/alm/main/prod/utag.114.js?utv=ut4.49.202208181401
23.38.200.249200 OK 6.4 kB URL HTTP/2 tags.tiqcdn.com/utag/alm/main/prod/utag.114.js?utv=ut4.49.202208181401
IP 23.38.200.249:0
File type ASCII text, with very long lines (5674)
Hash 0adf37387598b4989344514eb20a7b7a
bb55785c4c18eebb07ce5c40315883ee77c45da7
469fe43a5fac6c1542a205869537bf6322a32358412375e6e97f157c80e1d50c
GET /utag/alm/main/prod/utag.114.js?utv=ut4.49.202208181401 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "a974e4a8d2c8a797b1ffd938437451fc:1660831285.928903"
last-modified: Thu, 18 Aug 2022 14:01:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Thu, 09 Feb 2023 19:59:45 GMT
date: Wed, 25 Jan 2023 19:59:45 GMT
content-length: 6413
X-Firefox-Spdy: h2
www.dianomi.com/img/a/sav2/222437/3/263x200.jpg
172.64.152.105200 OK 13 kB URL HTTP/2 www.dianomi.com/img/a/sav2/222437/3/263x200.jpg
IP 172.64.152.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 263x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9c6d82b7c92a41eaf9a2577c338d343b
20dada444a0482000697108b04a9f3f682e89640
e337b6ff209118ee2af38bb2cb274fe72dd9a2adfeb085ca33d3b0eb492c1df1
GET /img/a/sav2/222437/3/263x200.jpg HTTP/1.1
Host: www.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: image/webp
content-length: 12900
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=2628000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=26195
content-disposition: inline; filename="263x200.webp"
etag: "6653-5f12f686b376b"
last-modified: Sun, 01 Jan 2023 08:13:21 GMT
strict-transport-security: max-age=2592000
vary: Accept
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1520119
expires: Sat, 25 Feb 2023 05:59:46 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 78f39758ed260b45-OSL
X-Firefox-Spdy: h2
www.dianomi.com/img/a/sav2/222436/4/263x200.jpg
172.64.152.105200 OK 21 kB URL HTTP/2 www.dianomi.com/img/a/sav2/222436/4/263x200.jpg
IP 172.64.152.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 263x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 434ed9c1ee4aa30a402c91073a330b1f
8dc13cb4f981535fb90696f833a19b10f8f91755
e1298eeb75edb1d13521b8d53110ec91a15be2ab59ae348be7dafff0493bff7f
GET /img/a/sav2/222436/4/263x200.jpg HTTP/1.1
Host: www.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: image/webp
content-length: 20994
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=2628000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=42378
content-disposition: inline; filename="263x200.webp"
etag: "a58a-5f1314069a17b"
last-modified: Sun, 01 Jan 2023 10:25:19 GMT
strict-transport-security: max-age=2592000
vary: Accept
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 484963
expires: Sat, 25 Feb 2023 05:59:46 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 78f39758ed2a0b45-OSL
X-Firefox-Spdy: h2
www.dianomi.com/img/a/sav2/222440/4/263x200.jpg
172.64.152.105200 OK 14 kB URL HTTP/2 www.dianomi.com/img/a/sav2/222440/4/263x200.jpg
IP 172.64.152.105:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x200, components 3\012- data
Hash 0b6a87974acadac6b7eabfc5e754220c
f481edfd704da58397cf507aa0e9481f14e0fb5b
c3765c800e5f93a24b4ebf90945b65abc6103e53cda80ed41a34aff57c8dd9f1
GET /img/a/sav2/222440/4/263x200.jpg HTTP/1.1
Host: www.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: image/jpeg
content-length: 13545
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=2628000
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=26850, status=webp_bigger
etag: "68e2-5efd761347f45"
last-modified: Thu, 15 Dec 2022 05:46:51 GMT
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 571435
expires: Sat, 25 Feb 2023 05:59:46 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 78f39758ed2c0b45-OSL
X-Firefox-Spdy: h2
www.dianomi.com/img/uploads/VfG99MCoyKoAAGpDgiIAAAAI.png
172.64.152.105200 OK 1.2 kB URL HTTP/2 www.dianomi.com/img/uploads/VfG99MCoyKoAAGpDgiIAAAAI.png
IP 172.64.152.105:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ede92fb55e5fbfa63a000ebed9634b30
310235ea073d370a9ae097d1f72b3787a07e1bb2
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
GET /img/uploads/VfG99MCoyKoAAGpDgiIAAAAI.png HTTP/1.1
Host: www.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: image/webp
content-length: 1164
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=2628000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="VfG99MCoyKoAAGpDgiIAAAAI.webp"
etag: "f64-5ac380c3ca3c0"
last-modified: Thu, 06 Aug 2020 16:33:27 GMT
strict-transport-security: max-age=2592000
vary: Accept
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 881809
expires: Sat, 25 Feb 2023 05:59:46 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 78f39758ed230b45-OSL
X-Firefox-Spdy: h2
www.dianomi.com/img/a/sav2/222442/8/263x200.jpg
172.64.152.105200 OK 9.9 kB URL HTTP/2 www.dianomi.com/img/a/sav2/222442/8/263x200.jpg
IP 172.64.152.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 263x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 988d495b06a9460005b6b079eef7eedd
2a67bcc8f4d301a4da08e7fc4d0d5bf56848982c
cbbb23dcc9949daa4f8789c48cfbe84793bc91fff53851b4985dde77940ac1df
GET /img/a/sav2/222442/8/263x200.jpg HTTP/1.1
Host: www.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: image/webp
content-length: 9866
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=2628000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=19225
content-disposition: inline; filename="263x200.webp"
etag: "4b19-5ed10cffd47cf"
last-modified: Wed, 09 Nov 2022 22:02:28 GMT
strict-transport-security: max-age=2592000
vary: Accept
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1520119
expires: Sat, 25 Feb 2023 05:59:46 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 78f39758ed290b45-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7f50074b2e7c4c1b82d621aeb8cfed3
2e48e65531b05b49920eacb15d752eb3b37b73d7
3bcd4aa59e483b0f4e2e3d11da1d51439c40324d3bddca7b11646e0c858732d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BCD4AA59E483B0F4E2E3D11DA1D51439C40324D3BDDCA7B11646E0C858732D7"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6402
Expires: Wed, 25 Jan 2023 21:46:28 GMT
Date: Wed, 25 Jan 2023 19:59:46 GMT
Connection: keep-alive
www.dianomi.com/img/a/sav2/220921/5/263x200.jpg
172.64.152.105200 OK 7.2 kB URL HTTP/2 www.dianomi.com/img/a/sav2/220921/5/263x200.jpg
IP 172.64.152.105:0
File type JPEG image data, progressive, precision 8, 263x200, components 3\012- data
Hash e4c83f538841c035bd4cf3d10c8004a2
a1a335e8c8207aaa716adcc35bb111d695f8390c
aa47b0e61a9dbdbe083152ea8f13d2fc51a53b0eed3bad59bec900d1718adb33
GET /img/a/sav2/220921/5/263x200.jpg HTTP/1.1
Host: www.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: image/jpeg
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-bgj: imgq:85,h2pri
cf-polished: origSize=8150, status=webp_bigger
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2022 15:59:14 GMT
cf-cache-status: HIT
age: 244251
expires: Wed, 01 Feb 2023 19:59:46 GMT
server: cloudflare
cf-ray: 78f39758ed240b45-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5f8b3e2c04985ad6e6578353ef7d0ba7
63b9e3b8f92fd04db3e6dc89e5d49866efa6d1fb
d8ace29040b6a76577ec883d22b15032e9601645828b27ff0c11ea9210cb7740
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 19:59:46 GMT
Etag: "63d0c9e6-1d7"
Last-Modified: Wed, 25 Jan 2023 19:32:29 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: r0yR6NFjjenpjnz1lTsPSieiEsnzd1NznSuWQPqIBpBfwSzpE_peHw==
Age: 1637
data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x531CFC92075F41F9936CE6B484385507&third_party_tracking=1&consent_string=&smartad_id=3420&partner_id=1012
172.64.152.105200 OK 1.8 kB URL HTTP/2 data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x531CFC92075F41F9936CE6B484385507&third_party_tracking=1&consent_string=&smartad_id=3420&partner_id=1012
IP 172.64.152.105:0
Hash 9223df1d0fb03baab429f4d637f3516f
7a8ee383331fbbe1e1fe05ecb971cb3e7234dd59
95371242052f9304c26dc2176562d6e833adca725437acdc4402f9f87f10e762
GET /frontend/pixeljs?tagname=dianomi_tag_params_0x531CFC92075F41F9936CE6B484385507&third_party_tracking=1&consent_string=&smartad_id=3420&partner_id=1012 HTTP/1.1
Host: data.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/javascript
cache-control: no-cache, no-store
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
set-cookie: session=ee0b1619ce1e2d8d6343e10e87a4250e; Path=/; Domain=dianomi.com; Max-Age=15552000; Secure; SameSite=None
session2=B=&BUID=&L=1&N=1&NT=&R=&RUID=; Path=/; Domain=dianomi.com; Max-Age=15552000; Secure; SameSite=None
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f39758ed2d0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
collect.tealiumiq.com/alm/main/2/i.gif
18.158.189.35200 OK 43 B URL HTTP/2 collect.tealiumiq.com/alm/main/2/i.gif
IP 18.158.189.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
POST /alm/main/2/i.gif HTTP/1.1
Host: collect.tealiumiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------110741432425145014882268763801
Content-Length: 11495
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: image/gif
content-length: 43
x-acc: alm:main:2:datacloud
x-did: 0185ea83c8990007b91152748b6600050012300900918
x-region: eu-central-1
access-control-allow-origin: https://www.cutimes.com
x-serverid: uconnect_i-044b4f9d03fe1b96d
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-tid: 0185ea83c8990007b91152748b6600050012300900918
access-control-allow-credentials: true
x-ulver: d6af4791aa25e7abd6827aaedc4119313cb88d4e-SNAPSHOT
vary: Origin
expires: Wed, 25 Jan 2023 19:59:46 GMT
x-uuid: d0829bf0-35c6-46f5-9582-23436f1655ef
set-cookie: TAPID=alm/main>0185ea83c8990007b91152748b6600050012300900918|; Path=/; Domain=.tealiumiq.com; Expires=Thu, 25-Jan-2024 19:59:46 GMT; Max-Age=31536000; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
104.110.14.155301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
IP 104.110.14.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent= HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
date: Wed, 25 Jan 2023 19:59:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fwww.cutimes.com%2F&can_programmatic=1&geo_country=129&smartad_variant_id=6052&device_type=computer&organization=blix%20group%20as&magnite_site_id=396980&referer=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&geo_state=oslo&publisher_id=1012&adgroup_ids=90471%2C91166%2C91167%2C91168%2C91169&impression_id=Y9GKMTGgXsMcxw87wBO6kAAAADU&adgroup_variant_ids=220921%2C222436%2C222437%2C222440%2C222442&geo_ccod=no&geo_dma=&hosting_facility=0&include_rtb=1&smartad_id=3421
172.64.152.105200 OK 0 B URL HTTP/2 data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fwww.cutimes.com%2F&can_programmatic=1&geo_country=129&smartad_variant_id=6052&device_type=computer&organization=blix%20group%20as&magnite_site_id=396980&referer=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&geo_state=oslo&publisher_id=1012&adgroup_ids=90471%2C91166%2C91167%2C91168%2C91169&impression_id=Y9GKMTGgXsMcxw87wBO6kAAAADU&adgroup_variant_ids=220921%2C222436%2C222437%2C222440%2C222442&geo_ccod=no&geo_dma=&hosting_facility=0&include_rtb=1&smartad_id=3421
IP 172.64.152.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /frontend/pixel?r=https%3A%2F%2Fwww.cutimes.com%2F&can_programmatic=1&geo_country=129&smartad_variant_id=6052&device_type=computer&organization=blix%20group%20as&magnite_site_id=396980&referer=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&geo_state=oslo&publisher_id=1012&adgroup_ids=90471%2C91166%2C91167%2C91168%2C91169&impression_id=Y9GKMTGgXsMcxw87wBO6kAAAADU&adgroup_variant_ids=220921%2C222436%2C222437%2C222440%2C222442&geo_ccod=no&geo_dma=&hosting_facility=0&include_rtb=1&smartad_id=3421 HTTP/1.1
Host: data.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dianomi.com
Connection: keep-alive
Referer: https://www.dianomi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/plain
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: dianomi-force-dmp
access-control-allow-origin: https://www.dianomi.com
cache-control: no-cache, no-store
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=2592000
vary: Origin
x-content-type-options: nosniff
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f397596db00b45-OSL
X-Firefox-Spdy: h2
oqs.omeda.com/oqs/rest/olytics
204.180.130.165200 0 B URL HTTP/1.1 oqs.omeda.com/oqs/rest/olytics
IP 204.180.130.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /oqs/rest/olytics HTTP/1.1
Host: oqs.omeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 600
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type: text/plain
Content-Length: 0
Date: Wed, 25 Jan 2023 19:59:45 GMT
Keep-Alive: timeout=5
Connection: keep-alive
Server: Apache
www.googletagmanager.com/gtag/js?id=AW-826604080
142.250.74.168200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-826604080
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash a524701bf6ad73073f78fa185a0a22ba
c17274d79c23a168d45747be6affcffe1313f203
c601aee544e330b1dfd2c5e069e7cbf60303f66ba112dab8795d8eb508d964f6
GET /gtag/js?id=AW-826604080 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 19:59:46 GMT
expires: Wed, 25 Jan 2023 19:59:46 GMT
cache-control: private, max-age=900
last-modified: Wed, 25 Jan 2023 19:42:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fwww.cutimes.com%2F&can_programmatic=1&geo_country=129&smartad_variant_id=6088&device_type=computer&organization=blix%20group%20as&magnite_site_id=396980&referer=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&geo_state=oslo&publisher_id=1012&adgroup_ids=90471%2C91166%2C91167%2C91168%2C91169&impression_id=Y9GKMXMZ7iXQyxPAyZd5igAAADQ&adgroup_variant_ids=220921%2C222436%2C222437%2C222440%2C222442&geo_ccod=no&geo_dma=&hosting_facility=0&include_rtb=1&smartad_id=3420
172.64.152.105200 OK 0 B URL HTTP/2 data.dianomi.com/frontend/pixel?r=https%3A%2F%2Fwww.cutimes.com%2F&can_programmatic=1&geo_country=129&smartad_variant_id=6088&device_type=computer&organization=blix%20group%20as&magnite_site_id=396980&referer=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&geo_state=oslo&publisher_id=1012&adgroup_ids=90471%2C91166%2C91167%2C91168%2C91169&impression_id=Y9GKMXMZ7iXQyxPAyZd5igAAADQ&adgroup_variant_ids=220921%2C222436%2C222437%2C222440%2C222442&geo_ccod=no&geo_dma=&hosting_facility=0&include_rtb=1&smartad_id=3420
IP 172.64.152.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /frontend/pixel?r=https%3A%2F%2Fwww.cutimes.com%2F&can_programmatic=1&geo_country=129&smartad_variant_id=6088&device_type=computer&organization=blix%20group%20as&magnite_site_id=396980&referer=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&geo_state=oslo&publisher_id=1012&adgroup_ids=90471%2C91166%2C91167%2C91168%2C91169&impression_id=Y9GKMXMZ7iXQyxPAyZd5igAAADQ&adgroup_variant_ids=220921%2C222436%2C222437%2C222440%2C222442&geo_ccod=no&geo_dma=&hosting_facility=0&include_rtb=1&smartad_id=3420 HTTP/1.1
Host: data.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dianomi.com
Connection: keep-alive
Referer: https://www.dianomi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/plain
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: dianomi-force-dmp
access-control-allow-origin: https://www.dianomi.com
cache-control: no-cache, no-store
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=2592000
vary: Origin
x-content-type-options: nosniff
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f397599ddd0b45-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b139ef842e1ece23a2fb6810cbb79f0b
75eb76995244c2e1841e0f3283f126cf13a77b04
7287866e126fff5e98015a2750cfe2889271f4f7e4084668e69e939a951243be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:42:55 GMT
Expires: Wed, 01 Feb 2023 13:42:54 GMT
Etag: "75eb76995244c2e1841e0f3283f126cf13a77b04"
Cache-Control: max-age=581587,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f39759bd6db4f4-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b91214c41abc6070f8905985a850d43e
4dc46f995fde61c6c39b8a7b910373292358f589
3422aa6b3a719dadafebac5d99fa6d3a2afe14710476d6c4471ab1b8393d069a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:46 GMT
Etag: "63d07b1c-1d7"
Server: ECS (amb/6BC5)
Content-Length: 471
idsync.rlcdn.com/425276.gif?partner_uid=ee0b1619ce1e2d8d6343e10e87a4250e
35.244.174.68451 Unavailable For Legal Reasons 0 B URL HTTP/2 idsync.rlcdn.com/425276.gif?partner_uid=ee0b1619ce1e2d8d6343e10e87a4250e
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /425276.gif?partner_uid=ee0b1619ce1e2d8d6343e10e87a4250e HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Wed, 25 Jan 2023 19:59:46 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cutimes.com/assets/multishared/js/sponsorships.js?2023-01-25-14
104.18.2.183200 OK 2.5 kB URL HTTP/2 www.cutimes.com/assets/multishared/js/sponsorships.js?2023-01-25-14
IP 104.18.2.183:0
Hash 82b6ba3ba83007a210561707b55db26b
ad2759715c0c34a9710ee7cab63209238d1ab988
01e5e26d9f95e1abd1371bc7d5c24df37f4c19ae35738f3ef09bde405704d007
GET /assets/multishared/js/sponsorships.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:44 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bbd22b51d-OSL
access-control-allow-origin: *
cache-control: public, max-age=14400
etag: W/"1454-1674594876000"
expires: Wed, 25 Jan 2023 23:59:44 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
backend: templates_newlaw_director
cteonnt-length: 1454
x-cache: HIT 38
x-frame-options: SAMEORIGIN
x-vnode: 27
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dianomi.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Jan 2023 19:59:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
oqs.omeda.com/oqs/rest/olytics
204.180.130.165200 15 B URL HTTP/1.1 oqs.omeda.com/oqs/rest/olytics
IP 204.180.130.165:0
File type ASCII text, with no line terminators
Hash dc09896e80faf884906cc0002b0a5af1
9fc5f604609812395b1773792fac89d3c71e1c03
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
POST /oqs/rest/olytics HTTP/1.1
Host: oqs.omeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 800
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Wed, 25 Jan 2023 19:59:46 GMT
Keep-Alive: timeout=5
Connection: keep-alive
Server: Apache
Transfer-Encoding: chunked
eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent= HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dianomi.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Jan 2023 19:59:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ak.sail-horizon.com/spm/spm.v1.min.js
54.230.111.94200 OK 34 kB URL HTTP/2 ak.sail-horizon.com/spm/spm.v1.min.js
IP 54.230.111.94:0
Hash ec3911752c3af826351c7fd10d0e0777
dba618bf6eae9b2b320e78a5f4679e938d55cfbc
5e2ebec224569e29983fc21cca9b4e20c18c9de49380cfa5a3861c26594c9460
GET /spm/spm.v1.min.js HTTP/1.1
Host: ak.sail-horizon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 25 Jan 2023 19:52:31 GMT
last-modified: Wed, 11 Jan 2023 16:08:40 GMT
etag: W/"be0aea74754407f0a826a84e140dd5ea"
server: AmazonS3
cache-control: max-age=600; must-revalidate
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jRzElORDGQkZOOQcycRflNnJbGpzZtoaeCWOW0suJ10mHW9yc06EdA==
age: 436
X-Firefox-Spdy: h2
cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/a7f1c7a6-02e6-46a9-b556-682e5d59e234
204.180.130.159200 25 B URL HTTP/1.1 cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/a7f1c7a6-02e6-46a9-b556-682e5d59e234
IP 204.180.130.159:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a7ce95e2790b2e71f787e51dea84c155
3f49b2a7d852f9e1be6e0960a6c57744e225c987
2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba
GET /olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/a7f1c7a6-02e6-46a9-b556-682e5d59e234 HTTP/1.1
Host: cdp.omeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache
Content-Type: application/json
Date: Wed, 25 Jan 2023 19:59:46 GMT
Keep-Alive: timeout=5
Connection: keep-alive
Server: Apache
Transfer-Encoding: chunked
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 284c990e9105d867728a8252f4d9e74c
4871867c64bf6b1724e6869ebf87989fe7947084
d45abca9c927f9b0c2678a6167b0c5052865fe820ec7948215e729cb1955bec6
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 01:48:35 GMT
Expires: Mon, 30 Jan 2023 01:48:34 GMT
Etag: "4871867c64bf6b1724e6869ebf87989fe7947084"
Cache-Control: max-age=365927,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3975a6b85b527-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b139ef842e1ece23a2fb6810cbb79f0b
75eb76995244c2e1841e0f3283f126cf13a77b04
7287866e126fff5e98015a2750cfe2889271f4f7e4084668e69e939a951243be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:42:55 GMT
Expires: Wed, 01 Feb 2023 13:42:54 GMT
Etag: "75eb76995244c2e1841e0f3283f126cf13a77b04"
Cache-Control: max-age=581587,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3975aaf0ab4f4-OSL
ghb.hbmp.mediafuse.com/geo/
185.239.173.226200 OK 140 B URL HTTP/1.1 ghb.hbmp.mediafuse.com/geo/
IP 185.239.173.226:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d2adcd2efec13b041df1b20127c50f5c
e8843dc16f06aaba1ddef63cdbf0907854a3347e
a2d808adba6c3641f0cda955271b939e41450381ca78249cbe9aad9fd196e28d
GET /geo/ HTTP/1.1
Host: ghb.hbmp.mediafuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/json
Content-Length: 140
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xC4D802B75DCE4A9EA584227CE4B810D0&third_party_tracking=1&consent_string=&smartad_id=3421&partner_id=1012
172.64.152.105200 OK 1.6 kB URL HTTP/2 data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xC4D802B75DCE4A9EA584227CE4B810D0&third_party_tracking=1&consent_string=&smartad_id=3421&partner_id=1012
IP 172.64.152.105:0
Hash 3f6f0b203b8d4412e065a0ffecd18c77
b41661d2e60c0816af5d16c286cec1df62f54bfb
d00e106c9d8fb0c6856ea2db7fd32c287a9c635a14e211cf6cc4f00488f8fe40
GET /frontend/pixeljs?tagname=dianomi_tag_params_0xC4D802B75DCE4A9EA584227CE4B810D0&third_party_tracking=1&consent_string=&smartad_id=3421&partner_id=1012 HTTP/1.1
Host: data.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/javascript
cache-control: no-cache, no-store
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
set-cookie: session=a5f164ff2ce773843f4d4ba357db9be3; Path=/; Domain=dianomi.com; Max-Age=15552000; Secure; SameSite=None
session2=B=&BUID=&L=1&N=1&NT=&R=&RUID=; Path=/; Domain=dianomi.com; Max-Age=15552000; Secure; SameSite=None
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f397587c960b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 44369a627241523e4c1072642d968ce1
bbc608ce23c6fca27865967858b9a28438ab8b69
69e91b1c46a29147ba3c3dde85e011b5f9834599a98488e47c9b86db8abc8877
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 13:56:49 GMT
Expires: Tue, 31 Jan 2023 13:56:48 GMT
Etag: "bbc608ce23c6fca27865967858b9a28438ab8b69"
Cache-Control: max-age=496021,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3975abfffb4f3-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b139ef842e1ece23a2fb6810cbb79f0b
75eb76995244c2e1841e0f3283f126cf13a77b04
7287866e126fff5e98015a2750cfe2889271f4f7e4084668e69e939a951243be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:42:55 GMT
Expires: Wed, 01 Feb 2023 13:42:54 GMT
Etag: "75eb76995244c2e1841e0f3283f126cf13a77b04"
Cache-Control: max-age=581587,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f39759cbe9b517-OSL
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18573)
Hash 8de52abfb84c99c045ad0c2c29dba60b
52ae5e5ba4a83dd1916591cec6401a30cf1f13c0
5ab68da7049636cf331ab10bd47f8ca83c4861137778d08ac51ae2afdd3c9c28
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=dianomi&endpoint=us-east&gdpr=0&gdpr_consent=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 25 Jan 2023 10:04:55 GMT
Content-Encoding: gzip
Content-Length: 10037
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=50667
Expires: Thu, 26 Jan 2023 10:04:13 GMT
Date: Wed, 25 Jan 2023 19:59:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ghb.hbmp.mediafuse.com/adunit/tracking?event=11&type=0&client_id=302826&site_id=14704&pbjsv=v6.25.1-d&full_page_url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&adid=c3bgeg.r1&features=81952&utm_source=email&utm_medium=enl&vpbv=N097&tte=1100&lifecycle_tte=6162
185.239.173.226200 OK 43 B URL HTTP/1.1 ghb.hbmp.mediafuse.com/adunit/tracking?event=11&type=0&client_id=302826&site_id=14704&pbjsv=v6.25.1-d&full_page_url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&adid=c3bgeg.r1&features=81952&utm_source=email&utm_medium=enl&vpbv=N097&tte=1100&lifecycle_tte=6162
IP 185.239.173.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /adunit/tracking?event=11&type=0&client_id=302826&site_id=14704&pbjsv=v6.25.1-d&full_page_url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&adid=c3bgeg.r1&features=81952&utm_source=email&utm_medium=enl&vpbv=N097&tte=1100&lifecycle_tte=6162 HTTP/1.1
Host: ghb.hbmp.mediafuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Set-Cookie: vmuid=a41d8b6fc0793e82; expires=Fri, 28 Apr 2023 19:59:46 GMT; domain=.hbmp.mediafuse.com; path=/; secure; SameSite
x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
52.59.35.16302 Found 0 B URL HTTP/2 x.bidswitch.net/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
IP 52.59.35.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 25 Jan 2023 19:59:46 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=baabfece-71a3-48d6-8aca-9043247952d1; path=/; expires=Thu, 25-Jan-2024 19:59:46 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674676786; path=/; expires=Thu, 25-Jan-2024 19:59:46 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1674676786; path=/; expires=Thu, 25-Jan-2024 19:59:46 GMT; domain=.bidswitch.net; samesite=none; secure
c=1674676786; path=/; expires=Thu, 25-Jan-2024 19:59:46 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
b.law.com/b/ss/almcut,almglobal/1/JS-1.6/s27339810288463?AQB=1&ndh=1&pf=1&t=25%2F0%2F2023%2019%3A59%3A44%203%200&mid=82647998083348096980633163536480758764&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=cut%3Aarticle%3Aheg45emfdem&g=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26&cc=USD&ch=cut%3Aarticle%3Ablog&server=cut&v0=enl%3Aemail%3Adailynewsalert%3A20230125%3Acut&events=event4%2Cevent1%2Cevent3&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&l1=D%3Dc73&c11=heg45emfdem&v11=D%3Dc11&c12=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts&v12=D%3Dc12&c14=Peter%20Strozniak&v14=D%3Dc14&c15=CUT&v15=D%3Dc15&c16=registered&v16=D%3Dc16&v24=cut&c30=article&v30=D%3Dc30&c31=false&v31=false&c33=article%3Aregistered&v33=D%3Dc33&c40=39&c41=2%3A30pm&v41=D%3Dc41&c42=wednesday&v42=D%3Dc42&c50=413-192019&v50=413-192019&c51=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts&v51=D%3Dc51&c60=false&v60=false&c61=2023-01-24&v61=D%3Dc61&c62=33&v62=33&c67=DENYBOTNOTALLOWED&v67=D%3Dc67&c70=D%3Dv0&v70=D%3Dv0&c73=News%7CFraud%20and%20Enforcement&v73=D%3Dc73&c75=news&v75=news&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=utm_term%3Dcut%26slreturn%3D20230025145941&AQE=1
15.236.125.10200 OK 43 B URL HTTP/2 b.law.com/b/ss/almcut,almglobal/1/JS-1.6/s27339810288463?AQB=1&ndh=1&pf=1&t=25%2F0%2F2023%2019%3A59%3A44%203%200&mid=82647998083348096980633163536480758764&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=cut%3Aarticle%3Aheg45emfdem&g=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26&cc=USD&ch=cut%3Aarticle%3Ablog&server=cut&v0=enl%3Aemail%3Adailynewsalert%3A20230125%3Acut&events=event4%2Cevent1%2Cevent3&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&l1=D%3Dc73&c11=heg45emfdem&v11=D%3Dc11&c12=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts&v12=D%3Dc12&c14=Peter%20Strozniak&v14=D%3Dc14&c15=CUT&v15=D%3Dc15&c16=registered&v16=D%3Dc16&v24=cut&c30=article&v30=D%3Dc30&c31=false&v31=false&c33=article%3Aregistered&v33=D%3Dc33&c40=39&c41=2%3A30pm&v41=D%3Dc41&c42=wednesday&v42=D%3Dc42&c50=413-192019&v50=413-192019&c51=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts&v51=D%3Dc51&c60=false&v60=false&c61=2023-01-24&v61=D%3Dc61&c62=33&v62=33&c67=DENYBOTNOTALLOWED&v67=D%3Dc67&c70=D%3Dv0&v70=D%3Dv0&c73=News%7CFraud%20and%20Enforcement&v73=D%3Dc73&c75=news&v75=news&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=utm_term%3Dcut%26slreturn%3D20230025145941&AQE=1
IP 15.236.125.10:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/almcut,almglobal/1/JS-1.6/s27339810288463?AQB=1&ndh=1&pf=1&t=25%2F0%2F2023%2019%3A59%3A44%203%200&mid=82647998083348096980633163536480758764&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=cut%3Aarticle%3Aheg45emfdem&g=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26&cc=USD&ch=cut%3Aarticle%3Ablog&server=cut&v0=enl%3Aemail%3Adailynewsalert%3A20230125%3Acut&events=event4%2Cevent1%2Cevent3&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&l1=D%3Dc73&c11=heg45emfdem&v11=D%3Dc11&c12=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts&v12=D%3Dc12&c14=Peter%20Strozniak&v14=D%3Dc14&c15=CUT&v15=D%3Dc15&c16=registered&v16=D%3Dc16&v24=cut&c30=article&v30=D%3Dc30&c31=false&v31=false&c33=article%3Aregistered&v33=D%3Dc33&c40=39&c41=2%3A30pm&v41=D%3Dc41&c42=wednesday&v42=D%3Dc42&c50=413-192019&v50=413-192019&c51=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts&v51=D%3Dc51&c60=false&v60=false&c61=2023-01-24&v61=D%3Dc61&c62=33&v62=33&c67=DENYBOTNOTALLOWED&v67=D%3Dc67&c70=D%3Dv0&v70=D%3Dv0&c73=News%7CFraud%20and%20Enforcement&v73=D%3Dc73&c75=news&v75=news&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=utm_term%3Dcut%26slreturn%3D20230025145941&AQE=1 HTTP/1.1
Host: b.law.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 25 Jan 2023 19:59:46 GMT
expires: Tue, 24 Jan 2023 19:59:46 GMT
last-modified: Thu, 26 Jan 2023 19:59:46 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3596341015347003392-4619738162227629390
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ghb.hbmp.mediafuse.com/csyncs?aid1=735395
185.239.173.226200 OK 405 B URL HTTP/1.1 ghb.hbmp.mediafuse.com/csyncs?aid1=735395
IP 185.239.173.226:0
File type JSON data\012- , ASCII text, with very long lines (710)
Hash 30ea96d4c8776b947f5e4a7b88ef7974
33c63a142872dd2ec53115aad0db150674da2976
9d4a78ce1e712516c3172a1c48ad2e6d71253d1d3f9a029eee6dc8d72fcee215
GET /csyncs?aid1=735395 HTTP/1.1
Host: ghb.hbmp.mediafuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 405
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 894e809a43e960f3d76f4d332dcd312a
dcb57b421cf8d538e1f13464206f9b9bb604d291
bffa0b04d3e9915cd170a72dd744a54ab98634f55fef4c618705ce89f743ad4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5046
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:46 GMT
Last-Modified: Wed, 25 Jan 2023 18:35:41 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
www.cutimes.com/favicon-16x16.png
104.18.2.183200 OK 148 B URL HTTP/2 www.cutimes.com/favicon-16x16.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ca0d5396f630c65a50f4b0774cd7f0f8
05cc7a3e6448ac85db1391032534599e46063d46
0dd36986c779a2d5ef973c335f3782a043243a5e386b9fbae2d87be7a34771cf
GET /favicon-16x16.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660; utag_main=v_id:0185ea83c8990007b91152748b6600050012300900918$_sn:1$_se:1$_ss:1$_st:1674678583258$ses_id:1674676783258%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com; hbx_lt=none; AMCV_96C4370453295E4C0A490D44%40AdobeOrg=1585540135%7CMCIDTS%7C19383%7CvVersion%7C4.4.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: image/webp
content-length: 148
cf-ray: 78f397558cb6b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400
content-disposition: inline; filename="favicon-16x16.webp"
content-language: en-US
etag: W/"285-1674594876000"
expires: Wed, 25 Jan 2023 23:59:46 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=285
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 145
server: cloudflare
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
52.59.35.16302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D
IP 52.59.35.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/check_uuid/https%3A%2F%2Fdata.dianomi.com%2Ffrontend%2Fbidswitch%3Fuid%3D%24%7BBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dianomi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 25 Jan 2023 19:59:46 GMT
content-length: 0
location: https://data.dianomi.com/frontend/bidswitch?uid=&cookie_age=
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d8aa9a9e79b3237c7737400910361fe
bb2f65b1897dacd3c0e2ac75550aa2ac8e755a4b
549d004d5cf5211a3cf3474fded1d70c8dc739c5f54863a38eee5a7d4bf4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "549D004D5CF5211A3CF3474FDED1D70C8DC739C5F54863A38EEE5A7D4BF4692B"
Last-Modified: Tue, 24 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8648
Expires: Wed, 25 Jan 2023 22:23:54 GMT
Date: Wed, 25 Jan 2023 19:59:46 GMT
Connection: keep-alive
a.ad.gt/api/v1/u/matches/170
104.22.4.69200 OK 3.7 kB URL HTTP/2 a.ad.gt/api/v1/u/matches/170
IP 104.22.4.69:0
Hash 570e030b80eb90dd0461b29dc369e570
7f585762ff1fa30802cada6396c2508f9244bda3
dccc0d32406fcd9def754eff35cad0b3e1e9edb8c6e5b63606593e2f70788f75
GET /api/v1/u/matches/170 HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: application/javascript
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 210
last-modified: Wed, 25 Jan 2023 19:56:16 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f3975b7e9fb523-OSL
X-Firefox-Spdy: h2
alm.demdex.net/dest5.html?d_nsid=0
52.209.157.185200 OK 2.8 kB URL HTTP/1.1 alm.demdex.net/dest5.html?d_nsid=0
IP 52.209.157.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: alm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 25 Jan 2023 19:59:46 GMT
DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:23 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: Z7sRkbPGT6o=
Content-Length: 2791
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c5ba7bd2f7a14ff292aaad3bf6601d1
6b333a197bf2aa8380f8dbe2ad3ffb37215ef885
a963f7c6c0e20cce941f3f4d734ae5f968d6bedbb4093d3f8333aa932f0866c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A963F7C6C0E20CCE941F3F4D734AE5F968D6BEDBB4093D3F8333AA932F0866C7"
Last-Modified: Tue, 24 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Wed, 25 Jan 2023 21:05:32 GMT
Date: Wed, 25 Jan 2023 19:59:46 GMT
Connection: keep-alive
csync.loopme.me/?pubid=11378&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
35.214.223.115307 Temporary Redirect 0 B URL HTTP/2 csync.loopme.me/?pubid=11378&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
IP 35.214.223.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pubid=11378&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=e5ae832d-e44d-4834-93ad-3867cd1604e2; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Tue, 25-Apr-2023 19:59:46 GMT; SameSite=None
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e5ae832d-e44d-4834-93ad-3867cd1604e2&gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}
content-length: 0
date: Wed, 25 Jan 2023 19:59:46 GMT
server: _
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash cf42ad72781462d99dff6c977d8275b5
365622663278d1dec1763ded9ef5d06bc50ea47a
0a1c737818c44ba86477ec7580cdf57a08ae76b8c304eb3db0b841f81e641f15
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 19:59:46 GMT
Last-Modified: Wed, 25 Jan 2023 19:02:16 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Qjxz56L3ZIMoLC7LjuBlLEm7tFL3Vy4fjTB5ZXvCUdSaX0tN1YVYuQ==
Age: 3450
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d3e691efb5c9d873124914ec1f20c50
fede69c04aaea3d9767a64b45668d6f98ecb34e8
ec8f001e04783ba33ffaf9b361a8a9a11dd8cb3d4d1d15d78b18a5aeb0ae96ae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC8F001E04783BA33FFAF9B361A8A9A11DD8CB3D4D1D15D78B18A5AEB0AE96AE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9240
Expires: Wed, 25 Jan 2023 22:33:46 GMT
Date: Wed, 25 Jan 2023 19:59:46 GMT
Connection: keep-alive
a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
137.74.6.209302 Found 166 B URL HTTP/2 a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
IP 137.74.6.209:0
Hash aa223398f7996540cde19cd949701377
3c2d5e826d7831cd152382d807680dd31b6a1214
85d38e628f0e4461f5b6f3f4073e9e4f57377ba1df13d19e6ba28b8c4eafdecf
GET /ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP/1.1
Host: a4p.adpartner.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/html; charset=utf-8
content-length: 166
location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=6c70c9e5-dfdf-493c-bac0-e7315e59605e
set-cookie: apuid=6c70c9e5-dfdf-493c-bac0-e7315e59605e; Path=/; Expires=Sun, 26 Mar 2023 19:59:46 GMT; Secure; SameSite=None
cache-control: no-store no-transform
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash cf42ad72781462d99dff6c977d8275b5
365622663278d1dec1763ded9ef5d06bc50ea47a
0a1c737818c44ba86477ec7580cdf57a08ae76b8c304eb3db0b841f81e641f15
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 19:59:46 GMT
Last-Modified: Wed, 25 Jan 2023 18:55:07 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ef-iqHj5TVOklHBHvctKGUgFM5SvdD9r93uSyvMKzN82p9E_-T7Fuw==
Age: 3879
api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08
99.83.154.140200 OK 18 B URL HTTP/2 api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08
IP 99.83.154.140:0
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /v1/personalize/initialize?pageviews=1&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b0e4d89ace8cad3a94883282993efae0
f37571bcaa3f0f1f10191af18164c02d5d0cda1f
7634522a0132638c1be8c635e07522453ad4d50c19d2dab7106ed84e0bb0524b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4404
Cache-Control: max-age=152819
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:46 GMT
Etag: "63d12af1-1d7"
Expires: Fri, 27 Jan 2023 14:26:45 GMT
Last-Modified: Wed, 25 Jan 2023 13:13:21 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a5c5830981adbb099bb812c50ed2cda4
3e172fe60a79119c748977a18b14c05cda737d8c
4af7f498f290e43c61c7b1bb003214c7c0eae64724fbcce4440b34f754b7c229
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108425
Date: Wed, 25 Jan 2023 19:59:46 GMT
Etag: "63d079c5-1d7"
Expires: Fri, 27 Jan 2023 02:06:51 GMT
Last-Modified: Wed, 25 Jan 2023 00:37:25 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -lJVre-MPwbDqYDKjQbH31iVsLyKdVcBbkQ6MFWurP-OJKf6r4n1YA==
Age: 5366
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a5c5830981adbb099bb812c50ed2cda4
3e172fe60a79119c748977a18b14c05cda737d8c
4af7f498f290e43c61c7b1bb003214c7c0eae64724fbcce4440b34f754b7c229
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106982
Date: Wed, 25 Jan 2023 19:59:46 GMT
Etag: "63d079c5-1d7"
Expires: Fri, 27 Jan 2023 01:42:48 GMT
Last-Modified: Wed, 25 Jan 2023 00:37:25 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZbPq1NxP-9h87KvzJBLVjeH_FiJQWw7-xavaw9V3ou0IE_UXlhdyCg==
Age: 3923
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 52612170df62797dcc881b2b2668d758
df7fe7b5dd2cd4f71daab9f06e869af1f2576a5d
43eb421f1b630807753ac35f46cc8a7043c31152efe53fd6291865cec8845792
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1259
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:46 GMT
Last-Modified: Wed, 25 Jan 2023 19:38:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
54.239.33.158302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
IP 54.239.33.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: W0H75E2XFJ6WWHPWGECF
Set-Cookie: ad-id=A8w6iCLo2E0SvRQXNbOB3PY|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 19:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a5c5830981adbb099bb812c50ed2cda4
3e172fe60a79119c748977a18b14c05cda737d8c
4af7f498f290e43c61c7b1bb003214c7c0eae64724fbcce4440b34f754b7c229
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106148
Date: Wed, 25 Jan 2023 19:59:46 GMT
Etag: "63d079c5-1d7"
Expires: Fri, 27 Jan 2023 01:28:54 GMT
Last-Modified: Wed, 25 Jan 2023 00:37:25 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: H40vAWQTc8y793ut3FUI52aac6yP_BF_XbSp--bQb-BGyDsQypBCfQ==
Age: 3089
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash f11c8afe8bd2707bad8fc7896920ab5f
a0c0e088c840b55da88c069c81d042f812247b80
fac5ee30f9b23ee5777caf57701160bd777d0a32427352932321579ba18485d1
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 29 Jan 2023 15:44:39 GMT
ETag: "a0c0e088c840b55da88c069c81d042f812247b80"
Last-Modified: Wed, 25 Jan 2023 15:44:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2742
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f3975e0b48b4f9-OSL
pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
69.173.144.165204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=a9us&gdpr=0 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif
token.rubiconproject.com/token?pid=26594&gdpr=0
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=26594&gdpr=0
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=26594&gdpr=0 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
api.sail-personalize.com/v1/personalize/initialize?pageviews=2&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08
99.83.154.140200 OK 18 B URL HTTP/2 api.sail-personalize.com/v1/personalize/initialize?pageviews=2&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08
IP 99.83.154.140:0
File type ASCII text, with no line terminators
Hash cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /v1/personalize/initialize?pageviews=2&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS
X-Firefox-Spdy: h2
token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
69.173.144.138302 Found 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2249&pt=n&gdpr=0 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 08fc1f390a6968c5983b6715b2a92536
Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0
content-length: 0
token.rubiconproject.com/token?pid=25470&gdpr=0
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=25470&gdpr=0
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=25470&gdpr=0 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2974&pt=n&a=1&gdpr=0 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
token.rubiconproject.com/token?pid=36584&gdpr=0
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=36584&gdpr=0
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=36584&gdpr=0 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 08fc1f390a6968c5983b6715b2a92536
token.rubiconproject.com/token?pid=27&a=1&gdpr=0
69.173.144.138204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=27&a=1&gdpr=0
IP 69.173.144.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=27&a=1&gdpr=0 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08
99.83.154.140200 OK 91 B URL HTTP/2 api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08
IP 99.83.154.140:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e6e616b7ebba4e5868eb6b67187966b4
f281150c687ffe6174b1a75cabfe332dd71e3fbc
90fc50a950f1ff236bdad8fcc49f8656895cdfb71e740d62eef98ab496c62a4e
GET /v1/personalize/initialize?pageviews=1&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
authorization: Bearer bbe35466469593b785eef4ab32700018
content-type: application/json
x-lib-version: v1.0.1
x-referring-url: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: application/json
content-length: 91
access-control-allow-origin: *
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
vary: Accept-Encoding
X-Firefox-Spdy: h2
player.adtelligent.com/prebidlink/ex19383/hb_307825_11595.js
45.133.44.4200 OK 85 kB URL HTTP/2 player.adtelligent.com/prebidlink/ex19383/hb_307825_11595.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (65423)
Hash 746422e459b22c69a08621a1d7cc332c
13592a176a0f1f3e6d14e6351bd8956b502f7c86
30c1d33dc258b3b85a1bbe42076e66f106be70ca8ac0364bfec5f37bab2a8834
GET /prebidlink/ex19383/hb_307825_11595.js HTTP/1.1
Host: player.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Thu, 08 Dec 2022 02:28:31 GMT
etag: W/"63914bcf-44059"
cache-control: max-age=172800
content-encoding: gzip
expires: Fri, 27 Jan 2023 19:59:46 GMT
access-control-allow-origin: *
x-proxy-cache: HIT
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
54.239.33.158200 OK 43 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
IP 54.239.33.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: WS7N6W20EP93D4WNF24C
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
api.sail-track.com/v1/track/event/pageview
75.2.104.6200 OK 13 B URL HTTP/2 api.sail-track.com/v1/track/event/pageview
IP 75.2.104.6:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /v1/track/event/pageview HTTP/1.1
Host: api.sail-track.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-lib-version
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
allow: POST,OPTIONS
X-Firefox-Spdy: h2
pixel.rubiconproject.com/token?pid=3&gdpr=0
69.173.144.165204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/token?pid=3&gdpr=0
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=3&gdpr=0 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
match.adsrvr.org/track/cmf/rubicon?gdpr=0
3.33.220.150200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/rubicon?gdpr=0
IP 3.33.220.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/rubicon?gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash cdaa51f6adeac697d477ee0272d7e5c5
00bfe7b9599975097ead77eb9a9b950bde80bb0d
08b19b142b84eb4ebd1607c3e2013d613ddede849eac84257d5c0c9cff5acc2a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 20:00:29 GMT
Expires: Tue, 31 Jan 2023 20:00:28 GMT
Etag: "00bfe7b9599975097ead77eb9a9b950bde80bb0d"
Cache-Control: max-age=517841,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3975e29cbb527-OSL
dmp.brand-display.com/cm/api/rubicon?gdpr=0
34.111.151.213302 Found 121 B URL HTTP/2 dmp.brand-display.com/cm/api/rubicon?gdpr=0
IP 34.111.151.213:0
File type HTML document, ASCII text
Hash dd954408665354458945dbce5f6e7868
c12281a7ba990208d42a8898c04f2744d9caca7a
3b66c3aa0e51d8fdec958e84d74c280c72dd009f80b98c62500b34d6da4db1e2
GET /cm/api/rubicon?gdpr=0 HTTP/1.1
Host: dmp.brand-display.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.1
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/html; charset=utf-8
content-length: 121
access-control-allow-origin: *
cache-control: max-age=3600
location: https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=851b9f8d-b1b8-5f1d-c4ca0d14
p3p: CP='This is not a P3P policy!'
set-cookie: _knxq_=851b9f8d-b1b8-5f1d-c4ca0d14.1674676786.0.1674676786.1674676786; Path=/; Domain=brand-display.com; Max-Age=63072000; Secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
52.46.130.91302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
IP 52.46.130.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: DS1RHTN09X67P7FFFR9E
Set-Cookie: ad-id=A2ljGSoH6klooBbRX6X0H8Q|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 19:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
api.sail-track.com/v1/track/event/pageview
75.2.104.6200 OK 13 B URL HTTP/2 api.sail-track.com/v1/track/event/pageview
IP 75.2.104.6:0
File type ASCII text, with no line terminators
Hash 1424eb76249899d757e4d168341a50dc
42101e71440abd46c8112a96d4d5c0dd445120ce
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
OPTIONS /v1/track/event/pageview HTTP/1.1
Host: api.sail-track.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-lib-version
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
allow: POST,OPTIONS
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=851b9f8d-b1b8-5f1d-c4ca0d14
69.173.144.165204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=851b9f8d-b1b8-5f1d-c4ca0d14
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=538100&nid=5446&put=851b9f8d-b1b8-5f1d-c4ca0d14 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif
api.sail-personalize.com/v1/personalize/initialize?pageviews=2&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08
99.83.154.140200 OK 91 B URL HTTP/2 api.sail-personalize.com/v1/personalize/initialize?pageviews=2&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08
IP 99.83.154.140:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d50ffd51a6b97b2e5f4701b9cc8e106e
8259fac9a08779ca20b3a36315db29c62595dd44
ab9b0ceb64dafe908478125fc1e61e975f0945e2b1ae99f0163baba84f789b3b
GET /v1/personalize/initialize?pageviews=2&isMobile=0&page=kw%3DUnusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&page=utm_source%3Demail&page=utm_medium%3Denl&page=utm_campaign%3Ddailynewsalert&page=utm_content%3D20230125&page=utm_term%3Dcut&page=slreturn%3D20230025145941&userIdKey=hid&userIdValue=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08 HTTP/1.1
Host: api.sail-personalize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
authorization: Bearer 2ade0f4fc48d975844a60d5bcb4e9650
content-type: application/json
x-lib-version: v1.0.1
x-referring-url: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: application/json
content-length: 91
access-control-allow-origin: *
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
vary: Accept-Encoding
X-Firefox-Spdy: h2
ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11595&full_page_url=https%3A%2F%2Fwww.cutimes.com%2F&adid=c3bgud.ws&features=16416&vpbv=N113&lifecycle_tte=557
185.239.173.66200 OK 43 B URL HTTP/1.1 ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11595&full_page_url=https%3A%2F%2Fwww.cutimes.com%2F&adid=c3bgud.ws&features=16416&vpbv=N113&lifecycle_tte=557
IP 185.239.173.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /adunit/tracking?event=11&type=0&client_id=307825&site_id=11595&full_page_url=https%3A%2F%2Fwww.cutimes.com%2F&adid=c3bgud.ws&features=16416&vpbv=N113&lifecycle_tte=557 HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: https://p.jcontentcdn.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Set-Cookie: vmuid=30097e788919ecb8; expires=Fri, 28 Apr 2023 19:59:46 GMT; domain=.adtelligent.com; path=/; secure; SameSite
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ae1b7b9eaa7392b947d6d652b5548172
49f670189f1f02b0434136b78a3d65c47661d58f
910d77617009829a0e6d09fddbd965a6164e92e89cd9b53ba515d4ca21dea640
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 25 Jan 2023 02:26:12 GMT
Expires: Thu, 26 Jan 2023 02:26:12 GMT
ETag: "49f670189f1f02b0434136b78a3d65c47661d58f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdp.omeda.com/olytics/segments/p
204.180.130.159200 0 B URL HTTP/1.1 cdp.omeda.com/olytics/segments/p
IP 204.180.130.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /olytics/segments/p HTTP/1.1
Host: cdp.omeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
vary: access-control-request-method,Access-Control-Request-Headers
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Wed, 25 Jan 2023 19:59:46 GMT
Keep-Alive: timeout=5
Connection: keep-alive
Server: Apache
api.sail-track.com/v1/track/event/pageview
75.2.104.6202 Accepted 120 B URL HTTP/2 api.sail-track.com/v1/track/event/pageview
IP 75.2.104.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9b17f01d45e6d3258a6b63ad11c67cbd
7a699914edce7951079c73f8fb1f0c24490ea101
6bddf953611c14dbf18d350f813bd3e0c4f3346ff4746cc526b2e7164e226afa
POST /v1/track/event/pageview HTTP/1.1
Host: api.sail-track.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Content-Type: application/json
X-Lib-Version: v1.0.1
Authorization: Bearer bbe35466469593b785eef4ab32700018
Origin: https://www.cutimes.com
Content-Length: 567
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: application/json
content-length: 120
access-control-allow-origin: *
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0
142.250.74.66302 Found 291 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b66acbb07c4c55b5d56938cfd34a9c80
40203041954d82d1bf1d0e6b96f358d28c59681e
6c15864e74bd2e9a7be5a6547729ba191c99b1e6ea075fdf93a32bdfeea2d36d
GET /pixel?google_nid=rubicon&google_hm=&gdpr=0 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0&google_tc=
date: Wed, 25 Jan 2023 19:59:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 291
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Jan-2023 20:14:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.sail-track.com/v1/track/event/pageview
75.2.104.6202 Accepted 120 B URL HTTP/2 api.sail-track.com/v1/track/event/pageview
IP 75.2.104.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b0c660de2162abfe9c54fb1440c1a0a
3aed362ef794afa8a4dcb10013434bc4c1e9e6c6
3f3cfa2b88fb206db16c1e044945de0c49d1f876a5cf3ba1b18882eb09b6f6ea
POST /v1/track/event/pageview HTTP/1.1
Host: api.sail-track.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Content-Type: application/json
X-Lib-Version: v1.0.1
Authorization: Bearer 2ade0f4fc48d975844a60d5bcb4e9650
Origin: https://www.cutimes.com
Content-Length: 567
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 25 Jan 2023 19:59:47 GMT
content-type: application/json
content-length: 120
access-control-allow-origin: *
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
allowedorigins: *
allowedmethods: GET,OPTIONS
X-Firefox-Spdy: h2
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
52.46.130.91200 OK 43 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
IP 52.46.130.91:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: D4YJFYKE7V6Q322G1RN0
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash cdaa51f6adeac697d477ee0272d7e5c5
00bfe7b9599975097ead77eb9a9b950bde80bb0d
08b19b142b84eb4ebd1607c3e2013d613ddede849eac84257d5c0c9cff5acc2a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 20:00:29 GMT
Expires: Tue, 31 Jan 2023 20:00:28 GMT
Etag: "00bfe7b9599975097ead77eb9a9b950bde80bb0d"
Cache-Control: max-age=517840,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3975e0b1f0b45-OSL
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0&google_tc=
142.250.74.66200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0&google_tc=
IP 142.250.74.66:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=rubicon&google_hm=&gdpr=0&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Wed, 25 Jan 2023 19:59:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 77d978757d6657d8b60fda5fb85406b6
b30cb7f2022b6d7677fe1ff6e04a632516ef17af
4af31f6250099b795ff34dcef20d30afe42fa5c7073719692429457ed097f51b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 02:15:45 GMT
Expires: Wed, 01 Feb 2023 02:15:44 GMT
Etag: "b30cb7f2022b6d7677fe1ff6e04a632516ef17af"
Cache-Control: max-age=540356,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3975e3c89b4f4-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94776d74a53024fad1f4125184dc518f
cd03dcfc6d62d1b8d21b43bf6ac0e1713c3b612a
c7b9c76fa6cd1f6a8c36d38f0638baa185906bf0a3cd3775d408af092926ab43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4909
Cache-Control: max-age=120514
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Etag: "63d0aac8-1d7"
Expires: Fri, 27 Jan 2023 05:28:21 GMT
Last-Modified: Wed, 25 Jan 2023 04:06:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b0e4d89ace8cad3a94883282993efae0
f37571bcaa3f0f1f10191af18164c02d5d0cda1f
7634522a0132638c1be8c635e07522453ad4d50c19d2dab7106ed84e0bb0524b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4405
Cache-Control: max-age=152819
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Etag: "63d12af1-1d7"
Expires: Fri, 27 Jan 2023 14:26:46 GMT
Last-Modified: Wed, 25 Jan 2023 13:13:21 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ghb.adtelligent.com/geo/
185.239.173.66200 OK 140 B IP 185.239.173.66:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d2adcd2efec13b041df1b20127c50f5c
e8843dc16f06aaba1ddef63cdbf0907854a3347e
a2d808adba6c3641f0cda955271b939e41450381ca78249cbe9aad9fd196e28d
GET /geo/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/json
Content-Length: 140
Access-Control-Allow-Origin: https://p.jcontentcdn.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
p.rfihub.com/cm?in=1&pub=64&gdpr=0
193.0.160.129302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?in=1&pub=64&gdpr=0
IP 193.0.160.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?in=1&pub=64&gdpr=0 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 25 Jan 2023 19:59:47 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjYxt7C0ALIshfgMdUtCAj0szFLcdKuy0gAyBgZ8JQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 19 Feb 2024 19:59:47 GMT; Secure; SameSite=None
eud=H4sIAAAAAAAA_1vFyGtoZm5iZm5mbmFuaGIOAJG5BcYQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 19 Feb 2024 19:59:47 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjYxt7C0ALIshfgMdUtCAj0szFLcdKuy0gAyBgZ8JQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084923478988499&expires=30
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
80.77.87.162204 No Content 0 B URL HTTP/1.1 cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
IP 80.77.87.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 25 Jan 2023 19:59:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: DENY
pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=&gdpr=0
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=&gdpr=0
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3355&partner_device_id=&gdpr=0 HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 25 Jan 2023 19:59:47 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1674676787156;Expires=Sun, 26 Mar 2023 19:59:47 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=433925de-a377-4ba5-983e-b7e36ad55b88;Expires=Sun, 26 Mar 2023 19:59:47 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=&gdpr=0
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4c76de4d02b25f0d82cf1773d9b66c68
9321fb67a378da1e0e96aa0cc7dc7c99eddfbf77
912e99ee14b0a8e9ad5c5740d4c1b73a9b854aed28f604d0fe58a96ce1fa93e4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 01:34:54 GMT
Expires: Mon, 30 Jan 2023 01:34:53 GMT
Etag: "9321fb67a378da1e0e96aa0cc7dc7c99eddfbf77"
Cache-Control: max-age=365105,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3975e9e33b4f3-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 317 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash dbb4f334cdba7e191e368765680b3f83
476c130c71d070d7bac7988925dc5b9a8fc40007
d55a912a11fc404d2eeed267dd9844372878afe040882af4e86082eaf64c4118
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 23:30:38 GMT
Expires: Tue, 31 Jan 2023 23:30:37 GMT
Etag: "476c130c71d070d7bac7988925dc5b9a8fc40007"
Cache-Control: max-age=530449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3975fac5cb527-OSL
pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084923478988499&expires=30
69.173.144.165204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084923478988499&expires=30
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=13490&nid=2596&put=5140084923478988499&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 317 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash dbb4f334cdba7e191e368765680b3f83
476c130c71d070d7bac7988925dc5b9a8fc40007
d55a912a11fc404d2eeed267dd9844372878afe040882af4e86082eaf64c4118
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 23:30:38 GMT
Expires: Tue, 31 Jan 2023 23:30:37 GMT
Etag: "476c130c71d070d7bac7988925dc5b9a8fc40007"
Cache-Control: max-age=530449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3975fbd480b45-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94776d74a53024fad1f4125184dc518f
cd03dcfc6d62d1b8d21b43bf6ac0e1713c3b612a
c7b9c76fa6cd1f6a8c36d38f0638baa185906bf0a3cd3775d408af092926ab43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4909
Cache-Control: max-age=120514
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Etag: "63d0aac8-1d7"
Expires: Fri, 27 Jan 2023 05:28:21 GMT
Last-Modified: Wed, 25 Jan 2023 04:06:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
cdp.omeda.com/olytics/segments/p
204.180.130.159200 20 B URL HTTP/1.1 cdp.omeda.com/olytics/segments/p
IP 204.180.130.159:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b93720099c60e610ed5b6bb2dc63b75d
700f15b121c7a7aaa9d766b320741bce284159d9
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
POST /olytics/segments/p HTTP/1.1
Host: cdp.omeda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Content-Length: 641
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache
Content-Type: application/json
Date: Wed, 25 Jan 2023 19:59:48 GMT
Keep-Alive: timeout=5
Connection: keep-alive
Server: Apache
Transfer-Encoding: chunked
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 4ead65b4b778687db0e236d8ec730497
e54259cdb79a92e2b25d75464dda43f266567e4a
09a6d14b00293ff876b6b8b1a8c03cad7d095afa8200f9a0e05eac29e2b6f1a0
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 25 Jan 2023 08:57:15 GMT
Expires: Thu, 26 Jan 2023 08:57:15 GMT
ETag: "e54259cdb79a92e2b25d75464dda43f266567e4a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=&gdpr=0
35.227.248.159200 OK 95 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=&gdpr=0
IP 35.227.248.159:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /idsync/ex/receive/check?partner_id=3355&partner_device_id=&gdpr=0 HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:47 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0
8.43.72.97204 No Content 0 B URL HTTP/1.1 pixel-us-east.rubiconproject.com/exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0
IP 8.43.72.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=dianomi&gdpr=0&gdpr_consent=&gdpr=0 HTTP/1.1
Host: pixel-us-east.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
Content-Type: image/gif
cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0
72.251.245.179200 OK 43 B URL HTTP/2 cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0
IP 72.251.245.179:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0 HTTP/1.1
Host: cm.adgrx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:47 GMT
content-type: image/gif
content-length: 43
server: Cowboy
x-realserver-nx: ams-delivery-7
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
pragma: no-cache
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.dianomi.com/img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png
172.64.152.105200 OK 1.0 kB URL HTTP/2 www.dianomi.com/img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png
IP 172.64.152.105:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 484b021b6d02bbfa5bcc91776b215446
e291ac9a306865739143c6c0917db330c0e1c570
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
GET /img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png HTTP/1.1
Host: www.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:47 GMT
content-type: image/webp
content-length: 1026
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=2628000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2126
content-disposition: inline; filename="Ufe3LcCoyKoAADivRIsAAAAC.webp"
etag: "84e-5acc31eddb600"
last-modified: Thu, 13 Aug 2020 14:28:40 GMT
strict-transport-security: max-age=2592000
vary: Accept
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 236975
expires: Sat, 25 Feb 2023 05:59:47 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 78f397605e1d0b45-OSL
X-Firefox-Spdy: h2
sync.adtelligent.com/csync?t=a&ep=307558&extuid=6c70c9e5-dfdf-493c-bac0-e7315e59605e
62.149.1.122200 OK 0 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=307558&extuid=6c70c9e5-dfdf-493c-bac0-e7315e59605e
IP 62.149.1.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=307558&extuid=6c70c9e5-dfdf-493c-bac0-e7315e59605e HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Length: 0
Etag: 590b58519dc7d408
Set-Cookie: vmuid=590b58519dc7d408; expires=Tue, 28 Mar 2023 19:59:47 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a307558=6c70c9e5-dfdf-493c-bac0-e7315e59605e; expires=Tue, 28 Mar 2023 19:59:47 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
sync.adtelligent.com/csync?t=a&ep=319130&extuid=e5ae832d-e44d-4834-93ad-3867cd1604e2&gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}
62.149.1.122200 OK 0 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=319130&extuid=e5ae832d-e44d-4834-93ad-3867cd1604e2&gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}
IP 62.149.1.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=319130&extuid=e5ae832d-e44d-4834-93ad-3867cd1604e2&gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR} HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:46 GMT
Content-Length: 0
Etag: 590b58519dc7d408
Set-Cookie: vmuid=590b58519dc7d408; expires=Tue, 28 Mar 2023 19:59:47 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a319130=e5ae832d-e44d-4834-93ad-3867cd1604e2; expires=Tue, 28 Mar 2023 19:59:47 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
match.deepintent.com/usersync/143?gdpr=0
169.197.150.7200 OK 0 B URL HTTP/2 match.deepintent.com/usersync/143?gdpr=0
IP 169.197.150.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync/143?gdpr=0 HTTP/1.1
Host: match.deepintent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Wed, 25 Jan 2023 19:59:46 GMT
server: c
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash b7a5b6f1210ecc6faab49caa3cd9d0f2
84f03fd4521af65b48958b8292560b6346ee0eb0
4c8b35d338f31532b7dd1c09ac6a4f9b164bd57d06d4a676a4b1066b1f6c4634
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 24 Jan 2023 22:41:31 GMT
Expires: Wed, 25 Jan 2023 22:41:31 GMT
ETag: "84f03fd4521af65b48958b8292560b6346ee0eb0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
vi.ml314.com/get?eid=80951&tk=GfRuA1kFT83xUQHkDF2f342bL3qo62byam2QEUWYmUPbh03d&fp=
35.201.104.135200 OK 1.1 kB URL HTTP/2 vi.ml314.com/get?eid=80951&tk=GfRuA1kFT83xUQHkDF2f342bL3qo62byam2QEUWYmUPbh03d&fp=
IP 35.201.104.135:0
File type ASCII text, with no line terminators
Hash df73cdd359edcebbd6af30c0e08121eb
cbf35c84d04592b35ed4294d7ba625930445a058
0d1ae3f91d6aec26a30ed7f63e12caf9b8f55f0b31f19f48a0ad6b8ff13c85f8
GET /get?eid=80951&tk=GfRuA1kFT83xUQHkDF2f342bL3qo62byam2QEUWYmUPbh03d&fp= HTTP/1.1
Host: vi.ml314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
cache-control: private,max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-encoding: br
date: Wed, 25 Jan 2023 19:59:45 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=66189
date: Wed, 25 Jan 2023 19:59:47 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dfdc396af732dc191b35071db2e4ebcb
aa35bca8397d8fb996104a1421db2c2141fc8330
89743556c2278241a79b0beaae3d962639b47880001125fdf8b5e5b32cbc65f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5470
Cache-Control: max-age=101294
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Etag: "63d05d83-1d7"
Expires: Fri, 27 Jan 2023 00:08:01 GMT
Last-Modified: Tue, 24 Jan 2023 22:36:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.cutimes.com/assets/master-template/images/menu-close-btn.png
104.18.2.183200 OK 268 B URL HTTP/2 www.cutimes.com/assets/master-template/images/menu-close-btn.png
IP 104.18.2.183:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6fa4ef242b8b68461d01d094bde01ad8
4ad24486f56467f157ca8598a3430e6362c9a469
fc76428cad5c36631113a653d30ef85dbcfe672934b13630f4fdd2c1f1403f58
GET /assets/master-template/images/menu-close-btn.png HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660; utag_main=v_id:0185ea83c8990007b91152748b6600050012300900918$_sn:1$_se:1$_ss:1$_st:1674678583258$ses_id:1674676783258%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com$dc_visit:1$dc_event:1%3Bexp-session$dcsyncran:1%3Bexp-session$_prevpage:cut%3Aarticle%3Aheg45emfdem%3Bexp-1674680384128$dc_region:eu-central-1%3Bexp-session; hbx_lt=none; AMCV_96C4370453295E4C0A490D44%40AdobeOrg=1585540135%7CMCIDTS%7C19383%7CMCMID%7C82647998083348096980633163536480758764%7CMCAID%7CNONE%7CMCOPTOUT-1674683984s%7CNONE%7CMCAAMLH-1675281584%7C6%7CMCAAMB-1675281584%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C4.4.0; __cf_bm=dJObNc1gNz6HClFoypM88sL4ru5EqE_5QugC_Xh3U0c-1674676785-0-AXVrE9isEHlBih5/ptcRsRH/3lLHkrL2WI6jCiPAcoTyCQ4Xgvi276ZLNZzAybhdKh5l9NBopwDUwoRXpkUgRTK3+we1utJ/2Kx/8UX71bKcb57CC7Pne47iKfvGqLZiGm5FFQUh841DvlF6Xs7QBzc=; oly_fire_id=3348C6813023A1M; oly_anon_id=a7f1c7a6-02e6-46a9-b556-682e5d59e234; dpm_url_count=1; sailthru_pageviews=2; AMCVS_96C4370453295E4C0A490D44%40AdobeOrg=1; _gcl_au=1.1.844756222.1674676784; olytics_dfp_keys=[]; s_sess=%20s_campaign%3Denl%253Aemail%253Adailynewsalert%253A20230125%253Acut%3B%20s_evar50%3D413-192019%3B%20s_prop50%3D413-192019%3B%20s_ppvl%3D%3B%20s_ppv%3Dcut%25253Aarticle%25253Aheg45emfdem%252C23%252C23%252C939%252C1280%252C939%252C1280%252C1024%252C1%252CP%3B; s_pers=%20qpv_v40%3Dcut%253Aarticle%253Aheg45emfdem%7C1674678584433%3B; s_cc=true; dpm_time_site=1.007; sailthru_visitor=e08dde0e-bf21-41f8-bdde-9c7608d90bb9; sailthru_content=8f9f60bc762067256c391493844ba457; almGeoLoc2=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:47 GMT
content-type: image/webp
content-length: 268
cf-ray: 78f397625905b51d-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2313
cache-control: public, max-age=14400
content-disposition: inline; filename="menu-close-btn.webp"
etag: W/"3321-1674594876000"
expires: Wed, 25 Jan 2023 23:59:47 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3321
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.226200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 25 Jan 2023 19:59:47 GMT
expires: Wed, 25 Jan 2023 19:59:47 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 139193627907850772
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49756
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Wed, 25 Jan 2023 19:59:47 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-hel1410021-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/?random=1674676784373&cv=11&fst=1674676784373&bg=ffffff&guid=ON&async=1>m=45be31n0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tiba=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&did=dYmQxMT&gdid=dYmQxMT&auid=844756222.1674676784&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/?random=1674676784373&cv=11&fst=1674676784373&bg=ffffff&guid=ON&async=1>m=45be31n0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tiba=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&did=dYmQxMT&gdid=dYmQxMT&auid=844756222.1674676784&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2671), with no line terminators
Hash d5ce0acda142b9dc957db16dca74c9a9
cab0544c43784436eb90cf17f52325f5bc5d8340
0ed6e6447c078eabbb29b9d1015a0e1793733e5b7f92eba4c8eaa30f893a1487
GET /pagead/viewthroughconversion/826604080/?random=1674676784373&cv=11&fst=1674676784373&bg=ffffff&guid=ON&async=1>m=45be31n0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tiba=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&did=dYmQxMT&gdid=dYmQxMT&auid=844756222.1674676784&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 25 Jan 2023 19:59:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1081
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Jan-2023 20:14:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/EQKo1_W0fFc
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/EQKo1_W0fFc
IP 142.250.74.131:0
Hash b226e67fc5a72928f9af44ada2c75daf
93ecc5ba12cc643315e5d78c859e8eb04a0dc010
c2f2770cd86ccab71160f2e01d7b55b44eb616215f82f2e9ede2b381905a87bb
POST /s/gts1d4/EQKo1_W0fFc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: /q0gvtWQW3Tv2vF4Adpja7Q3Mg9y3b1wXU0s3uJyeIy3MPwUaR+Ak5V5A/Xk68HX0FYmroYD3EmJIzdqJTe7Fg==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 19:59:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ml314.com/tag.aspx?250
34.111.234.236200 OK 10 kB IP 34.111.234.236:0
File type ASCII text, with very long lines (31861)
Hash 5a4dc04989bab2c3df910440ab1a1f9d
43db1468c8d0a53394065a748602575e9999aad8
0c7cc8c3122fb6cee6fa72ccb54555f2018f0525cd1e717e372d9f9822fd78b2
GET /tag.aspx?250 HTTP/1.1
Host: ml314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsw3jpKkRjAh9Ij9Dy1JWCjAhOiWv4OhRqEksuA4oR281gD5SWH71u1jJq9uhh-BnRYJj9NU96q9WKzGRewaulzTV6oP47K
x-goog-generation: 1660081747697868
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 32025
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
x-goog-storage-class: STANDARD
accept-ranges: none
server: UploadServer
vary: Accept-Encoding
content-encoding: br
date: Wed, 25 Jan 2023 19:00:10 GMT
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
etag: W/"fe36d3317b1b052708eb2260e253aa63"
content-type: application/javascript
content-length: 10465
age: 3577
cache-control: public,max-age=3600
x-cache-hit: hit
cache-id: ARN-26bba172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D254560%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F2023%252F01%252F24%252Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%252F%253Fkw%253DUnusual%252520ATM%252520Activity%252520at%252520Citadel%252520FCU%252520Hits%252520Members%252527%252520Accounts%2526utm_source%253Demail%2526utm_medium%253Denl%2526utm_campaign%253Ddailynewsalert%2526utm_content%253D20230125%2526utm_term%253Dcut%2526slreturn%253D20230025145941
185.89.211.132307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D254560%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F2023%252F01%252F24%252Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%252F%253Fkw%253DUnusual%252520ATM%252520Activity%252520at%252520Citadel%252520FCU%252520Hits%252520Members%252527%252520Accounts%2526utm_source%253Demail%2526utm_medium%253Denl%2526utm_campaign%253Ddailynewsalert%2526utm_content%253D20230125%2526utm_term%253Dcut%2526slreturn%253D20230025145941
IP 185.89.211.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D254560%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F2023%252F01%252F24%252Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%252F%253Fkw%253DUnusual%252520ATM%252520Activity%252520at%252520Citadel%252520FCU%252520Hits%252520Members%252527%252520Accounts%2526utm_source%253Demail%2526utm_medium%253Denl%2526utm_campaign%253Ddailynewsalert%2526utm_content%253D20230125%2526utm_term%253Dcut%2526slreturn%253D20230025145941 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D254560%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F2023%25252F01%25252F24%25252Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%25252F%25253Fkw%25253DUnusual%25252520ATM%25252520Activity%25252520at%25252520Citadel%25252520FCU%25252520Hits%25252520Members%25252527%25252520Accounts%252526utm_source%25253Demail%252526utm_medium%25253Denl%252526utm_campaign%25253Ddailynewsalert%252526utm_content%25253D20230125%252526utm_term%25253Dcut%252526slreturn%25253D20230025145941
AN-X-Request-Uuid: 85a9bb10-cf30-43ab-b147-8e83570fc42b
Set-Cookie: uuid2=3024561116174773187; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 25-Apr-2023 19:59:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
visitor-service-eu-central-1.tealiumiq.com/alm/main/0185ea83c8990007b91152748b6600050012300900918?callback=utag.ut%5B%22writevamain%22%5D&rnd=1674676784227
3.64.196.44200 OK 27 B URL HTTP/2 visitor-service-eu-central-1.tealiumiq.com/alm/main/0185ea83c8990007b91152748b6600050012300900918?callback=utag.ut%5B%22writevamain%22%5D&rnd=1674676784227
IP 3.64.196.44:0
File type ASCII text, with no line terminators
Hash e3f5e4914567e4140763f524bc86a871
16f71389fdcbdd35084d2946d234943a00090935
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
GET /alm/main/0185ea83c8990007b91152748b6600050012300900918?callback=utag.ut%5B%22writevamain%22%5D&rnd=1674676784227 HTTP/1.1
Host: visitor-service-eu-central-1.tealiumiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 27
x-region: eu-central-1
x-nodeid: i-0fadc16de9e65de51
x-version: d6af4791aa25e7abd6827aaedc4119313cb88d4e-SNAPSHOT
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dfdc396af732dc191b35071db2e4ebcb
aa35bca8397d8fb996104a1421db2c2141fc8330
89743556c2278241a79b0beaae3d962639b47880001125fdf8b5e5b32cbc65f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5470
Cache-Control: max-age=101294
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Etag: "63d05d83-1d7"
Expires: Fri, 27 Jan 2023 00:08:01 GMT
Last-Modified: Tue, 24 Jan 2023 22:36:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/EQKo1_W0fFc
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/EQKo1_W0fFc
IP 142.250.74.131:0
Hash b226e67fc5a72928f9af44ada2c75daf
93ecc5ba12cc643315e5d78c859e8eb04a0dc010
c2f2770cd86ccab71160f2e01d7b55b44eb616215f82f2e9ede2b381905a87bb
POST /s/gts1d4/EQKo1_W0fFc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 2e649b03f6c5cac7991258a3936756e1
5a87fef652980f0d41ee8adaf70193ca8a65cc77
b0a58d30c52ac89f80b9274d08266abac92faa6699946e0bef25c660988b5d5f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 19:59:47 GMT
Last-Modified: Wed, 25 Jan 2023 18:24:16 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 377C1ENFcsefOxn4uJvdzRMPuUEvqOxMQKd-ev8-HzBvUZK9oP_APw==
Age: 5731
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 782b8a0eaf0d1a4e802525e2d28a64c2
050bbd8423ddea39d46ec41733de4612f973d2db
01b1f1a7510ec920d9240c1a7e0a9880bc89c57019b5e6339fb7284e273f2a8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4921
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Last-Modified: Wed, 25 Jan 2023 18:37:46 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
cm.everesttech.net/cm/dd?d_uuid=90034209775707269460471073593511273900
18.201.4.185302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=90034209775707269460471073593511273900
IP 18.201.4.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=90034209775707269460471073593511273900 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y9GKMwAAAG-gOQOV; Domain=.everesttech.net; Expires=Thu, 25-Jan-2024 19:59:47 GMT; Path=/
everest_session_v2=Y9GKMwAAAG-gOgOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9GKMwAAAG-gOQOV
Server: AMO-cookiemap/1.1
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a524da75ae32c7ec118ba9ccf228a6bf
70856476f5396f5ed3c29ca50be28c3be7597b1f
bbd07597c3aea9e0ba5f9f903218214f43148690c828fd0ccd2c70767bcd2925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5505
Cache-Control: max-age=107081
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Etag: "63d073fb-118"
Expires: Fri, 27 Jan 2023 01:44:28 GMT
Last-Modified: Wed, 25 Jan 2023 00:12:43 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47d71bf163265666c21e2410fb568043
54a4b0f241af261f878967ce058f5885be476cc4
8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.cutimes.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.cutimes.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.cutimes.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 25 Jan 2023 19:59:47 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash db864113912a1e5b4285d3c179dcd6ce
811e8814cce51589ab08ee54600cc508dbfc0d4d
6b0a238b2f42fbbeb293a6eb039c1766c48dafcf4ee04e9350cd3ef957783be4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 24 Jan 2023 21:25:05 GMT
Expires: Wed, 25 Jan 2023 21:25:05 GMT
ETag: "811e8814cce51589ab08ee54600cc508dbfc0d4d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
adservice.google.com/adsid/integrator.js?domain=www.cutimes.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.cutimes.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.cutimes.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 25 Jan 2023 19:59:47 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 04cb7fc8b1e2a65a0b198cc53eb5e5cd
6d04611612d81108e856467f0e4b0479cbb37d33
1c745d8ace7ea6f8e5d7da5e9c067b7b3427ce9c5a5e2c5c35d1c345266de518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
216.52.2.19204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
IP 216.52.2.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 25 Jan 2023 19:59:47 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap4ams1
pi.pardot.com/pd.js
3.215.172.219200 OK 1.9 kB IP 3.215.172.219:0
File type ASCII text, with very long lines (5297)
Hash c9f60ff021727eaffcf6d7bcce44cbc7
a62104686e86bf51494fa530bfaec55500e60a37
bd11307ac746bd34bac63885be9e4600e72c7711b370414b206533ebd076ce1b
GET /pd.js HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: application/javascript
Content-Length: 1946
Connection: keep-alive
last-modified: Wed, 25 Jan 2023 05:26:44 GMT
etag: "1547-gzip"
accept-ranges: bytes
cache-control: max-age=63072000
expires: Fri, 24 Jan 2025 19:59:47 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bdf3a89c952811c3a4ce04eb83dc1d97
3807042e853f28dc46efb630c3c4020e69d06ed9
cbcfb131a8cec69e962ae20a3b43b3efce85a257215595053d0660cde63c8d11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1432
Cache-Control: max-age=145122
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:47 GMT
Etag: "63d1187d-139"
Expires: Fri, 27 Jan 2023 12:18:29 GMT
Last-Modified: Wed, 25 Jan 2023 11:54:37 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
6eb9f23322e79e51214a6a0a7f362d88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.207.193200 OK 2.7 kB URL HTTP/2 6eb9f23322e79e51214a6a0a7f362d88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 6eb9f23322e79e51214a6a0a7f362d88.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Wed, 25 Jan 2023 19:59:47 GMT
expires: Thu, 25 Jan 2024 19:59:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=1a564ccf-968f-44f9-9448-81f9e281a33c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bea17a09-3799-4aa2-91a3-e60c9805f06b&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
104.244.42.5200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=1a564ccf-968f-44f9-9448-81f9e281a33c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bea17a09-3799-4aa2-91a3-e60c9805f06b&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=1a564ccf-968f-44f9-9448-81f9e281a33c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bea17a09-3799-4aa2-91a3-e60c9805f06b&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:47 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=c71e4550-b984-4895-a711-c71b39aa7134; Max-Age=63072000; Expires=Fri, 24 Jan 2025 19:59:47 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 8007e88273385a59
strict-transport-security: max-age=0
x-response-time: 109
x-connection-hash: c9339f78fc0f050f1ff436b59363df8d3eeb5f71511dd5262e223cb1b1dd5097
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D254560%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F2023%25252F01%25252F24%25252Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%25252F%25253Fkw%25253DUnusual%25252520ATM%25252520Activity%25252520at%25252520Citadel%25252520FCU%25252520Hits%25252520Members%25252527%25252520Accounts%252526utm_source%25253Demail%252526utm_medium%25253Denl%252526utm_campaign%25253Ddailynewsalert%252526utm_content%25253D20230125%252526utm_term%25253Dcut%252526slreturn%25253D20230025145941
185.89.211.132302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D254560%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F2023%25252F01%25252F24%25252Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%25252F%25253Fkw%25253DUnusual%25252520ATM%25252520Activity%25252520at%25252520Citadel%25252520FCU%25252520Hits%25252520Members%25252527%25252520Accounts%252526utm_source%25253Demail%252526utm_medium%25253Denl%252526utm_campaign%25253Ddailynewsalert%252526utm_content%25253D20230125%252526utm_term%25253Dcut%252526slreturn%25253D20230025145941
IP 185.89.211.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D254560%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F2023%25252F01%25252F24%25252Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%25252F%25253Fkw%25253DUnusual%25252520ATM%25252520Activity%25252520at%25252520Citadel%25252520FCU%25252520Hits%25252520Members%25252527%25252520Accounts%252526utm_source%25253Demail%252526utm_medium%25253Denl%252526utm_campaign%25253Ddailynewsalert%252526utm_content%25253D20230125%252526utm_term%25253Dcut%252526slreturn%25253D20230025145941 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=0&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=254560&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
AN-X-Request-Uuid: df25b3fa-374e-4e9b-bac7-40330bbafa02
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dpm.demdex.net/ibs:dpid=411&dpuuid=Y9GKMwAAAG-gOQOV
52.50.220.58302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y9GKMwAAAG-gOQOV
IP 52.50.220.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y9GKMwAAAG-gOQOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcscanary-prod-irl1-1-v052-0f73f706c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9GKMwAAAG-gOQOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=34314610093628658851544177472711554568; Max-Age=15552000; Expires=Mon, 24 Jul 2023 19:59:48 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5L2lvHxOTm0=
Content-Length: 0
Connection: keep-alive
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011901&st=env
216.58.207.226200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011901&st=env
IP 216.58.207.226:0
File type JSON data\012- , ASCII text, with very long lines (14902), with no line terminators
Hash 888d2e026761f50ce91135570f28b8b0
8dbca9fede559cdc5d833df31f77043f317293db
0874a088414573cd97496a2d81d759ebf28c7bab9af5c0910b3d2491337ee764
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023011901&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 25 Jan 2023 19:59:48 GMT
server: cafe
content-length: 11251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e53b1d8b1f244c97e073382328e5c650
d1933a186c3b5351a8539f18e3f4f74237aefccc
2b3e14ffcd8e42c946fc8a66a44a97e543849ac1fd3fdefd85f774c86839716e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/tag/js/gpt.js
172.217.21.162200 OK 0 B URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
date: Wed, 25 Jan 2023 19:59:48 GMT
expires: Wed, 25 Jan 2023 19:59:48 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1463 / 631 of 1000 / last-modified: 1674648685"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0185ea83c8990007b91152748b6600050012300900918&tealium_account=alm&tealium_profile=main&google_error=3
18.158.189.35200 OK 43 B URL HTTP/2 datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0185ea83c8990007b91152748b6600050012300900918&tealium_account=alm&tealium_profile=main&google_error=3
IP 18.158.189.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0185ea83c8990007b91152748b6600050012300900918&tealium_account=alm&tealium_profile=main&google_error=3 HTTP/1.1
Host: datacloud.tealiumiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:48 GMT
content-type: image/gif
content-length: 43
x-acc: alm:main:2:vdata
x-did: 0185ea83c8990007b91152748b6600050012300900918
x-region: eu-central-1
x-serverid: uconnect_i-0344054fe2a31f8a3
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-tid: 0185ea83c8990007b91152748b6600050012300900918
x-ulver: d6af4791aa25e7abd6827aaedc4119313cb88d4e-SNAPSHOT
vary: Origin
expires: Wed, 25 Jan 2023 19:59:48 GMT
x-uuid: ffccbc6d-51ea-423d-8b30-0f2d5cf8864e
set-cookie: TAPID=alm/main>0185ea83c8990007b91152748b6600050012300900918|; Path=/; Domain=.tealiumiq.com; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; Secure; HttpOnly; SameSite=None
tcs.google_error=eyJhbG0vbWFpbiI6IjN8MTY3NDY3Njc4ODExNyJ9; Path=/; Domain=.tealiumiq.com; Expires=Wed, 26-Jul-2023 19:59:48 GMT; Max-Age=15724800; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/826604080/?random=1674676784373&cv=11&fst=1674673200000&bg=ffffff&guid=ON&async=1>m=45be31n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tiba=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1291998557&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/826604080/?random=1674676784373&cv=11&fst=1674673200000&bg=ffffff&guid=ON&async=1>m=45be31n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tiba=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1291998557&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/826604080/?random=1674676784373&cv=11&fst=1674673200000&bg=ffffff&guid=ON&async=1>m=45be31n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tiba=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1291998557&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 25 Jan 2023 19:59:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 880d09e5871cbfda08a8e6bcf5180dc5
7c3220f41e8d2b979275ec3f7b4bd99da56110ba
37fdfe94526b52c592260afa38aef65acfd6cf5e591b8ca9ec22a0f2aad88011
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2030
Cache-Control: max-age=100488
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:48 GMT
Etag: "63d067ce-13a"
Expires: Thu, 26 Jan 2023 23:54:36 GMT
Last-Modified: Tue, 24 Jan 2023 23:20:46 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
www.google.com/pagead/1p-user-list/826604080/?random=1674676784373&cv=11&fst=1674673200000&bg=ffffff&guid=ON&async=1>m=45be31n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tiba=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1291998557&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/826604080/?random=1674676784373&cv=11&fst=1674673200000&bg=ffffff&guid=ON&async=1>m=45be31n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tiba=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1291998557&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/826604080/?random=1674676784373&cv=11&fst=1674673200000&bg=ffffff&guid=ON&async=1>m=45be31n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tiba=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1291998557&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 25 Jan 2023 19:59:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9GKMwAAAG-gOQOV
52.50.220.58200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9GKMwAAAG-gOQOV
IP 52.50.220.58:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9GKMwAAAG-gOQOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-083f91df3.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: oaxFAwecR14=
Content-Length: 59
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 92904e34bbb167a9a6b1e7a052f3660a
3c76dd786c27c062f603e7c3fcab253e5d558368
f62dae5ccb09d738958b6af5418e5745b35cf3e80a312637c736cd1a97d772f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
z.moatads.com/almdfp680616975594/moatad.js
2.18.173.140200 OK 4.5 kB URL HTTP/2 z.moatads.com/almdfp680616975594/moatad.js
IP 2.18.173.140:0
File type ASCII text, with very long lines (525)
Hash 53e670667feed89f05f0c2aa49c672ae
62bb4f23cf06675d5cb7b98bc1fc967a86be1366
bcab0ac635d10ca9c63581e31afb9107f7525b38348ed7670ba72244c79d5551
GET /almdfp680616975594/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: nJCcNdZC8i5KVMX6Go5fuC//OJh85o3rgZfVveCTyZ9no+C/vADRKBDaPHfIN3lZ2/wYR/lYS7k=
x-amz-request-id: W8VGPVCSZZBPFHJD
last-modified: Wed, 14 Dec 2022 14:13:37 GMT
etag: "53e670667feed89f05f0c2aa49c672ae"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 4451
vary: Accept-Encoding
cache-control: max-age=22021
date: Wed, 25 Jan 2023 19:59:48 GMT
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1a564ccf-968f-44f9-9448-81f9e281a33c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bea17a09-3799-4aa2-91a3-e60c9805f06b&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1a564ccf-968f-44f9-9448-81f9e281a33c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bea17a09-3799-4aa2-91a3-e60c9805f06b&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=1a564ccf-968f-44f9-9448-81f9e281a33c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bea17a09-3799-4aa2-91a3-e60c9805f06b&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:47 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_mMFQ1QTeVVddtaZs4GjH9Q=="; Max-Age=63072000; Expires=Fri, 24 Jan 2025 19:59:48 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 6ef4aa0a80c9e206
strict-transport-security: max-age=631138519
x-response-time: 104
x-connection-hash: de817b5f21daaf4536f1786c6ba23e5032b09ca3b8a883cb711ff2a56ccc62e1
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2ac107a67cb98ce27703c6dde950695c
385fc713d9c6244f3e50097f5584e6c8c0495c7e
82cc47a1c6104792a89f5cb577e04d14682e38dd743467c5b5571707b4b16559
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5038
Cache-Control: max-age=111277
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:48 GMT
Etag: "63d08633-1d7"
Expires: Fri, 27 Jan 2023 02:54:25 GMT
Last-Modified: Wed, 25 Jan 2023 01:30:27 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
code.jquery.com/jquery-3.5.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:48 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1674676788.dop220.sk1.t,1674676788.cds214.sk1.hn,1674676788.cds208.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6767a8422582f8bce8b6689cedfd7fa2
39f0ac833715a7a4e793d6b039e1020ee3ad7af9
a9dd0195657e0a6eb905cfcf0dd447d4d7be0fb7eca63a2313feec2b267d078e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5746
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:48 GMT
Last-Modified: Wed, 25 Jan 2023 18:24:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ping.chartbeat.net/ping?h=cutimes.com&p=%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F&u=BG0gvZCIyjTKc2Lht&d=cutimes.com&g=46802&g0=%7C%7C&g1=Peter%20Strozniak&n=1&f=00001&c=0&x=0&m=0&y=4048&o=1268&w=939&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&b=5030&_c=dailynewsalert&_m=enl&_x=email&_y=20230125&_z=cut&t=7JRsOBirj81ByJiIACz2emvBD9KYU&V=139&i=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&tz=0&sn=1&sv=CdkpPtDrKNcmDApKbmCybw-dBc7AIh&sd=1&im=066b2e73&_
18.213.117.153200 OK 43 B URL HTTP/2 ping.chartbeat.net/ping?h=cutimes.com&p=%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F&u=BG0gvZCIyjTKc2Lht&d=cutimes.com&g=46802&g0=%7C%7C&g1=Peter%20Strozniak&n=1&f=00001&c=0&x=0&m=0&y=4048&o=1268&w=939&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&b=5030&_c=dailynewsalert&_m=enl&_x=email&_y=20230125&_z=cut&t=7JRsOBirj81ByJiIACz2emvBD9KYU&V=139&i=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&tz=0&sn=1&sv=CdkpPtDrKNcmDApKbmCybw-dBc7AIh&sd=1&im=066b2e73&_
IP 18.213.117.153:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping?h=cutimes.com&p=%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F&u=BG0gvZCIyjTKc2Lht&d=cutimes.com&g=46802&g0=%7C%7C&g1=Peter%20Strozniak&n=1&f=00001&c=0&x=0&m=0&y=4048&o=1268&w=939&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&b=5030&_c=dailynewsalert&_m=enl&_x=email&_y=20230125&_z=cut&t=7JRsOBirj81ByJiIACz2emvBD9KYU&V=139&i=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&tz=0&sn=1&sv=CdkpPtDrKNcmDApKbmCybw-dBc7AIh&sd=1&im=066b2e73&_ HTTP/1.1
Host: ping.chartbeat.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:48 GMT
content-type: image/gif
content-length: 43
cross-origin-resource-policy: cross-origin
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
ghb.adtelligent.com/v2/auction/
185.239.173.66200 OK 250 B URL HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP 185.239.173.66:0
File type JSON data\012- , ASCII text, with very long lines (1407), with no line terminators
Hash c652dceaba7ece8f95e2cf9fcfc5fdb0
b5866c22aabda784648884d389fee399b20f63ad
41fff8ade2a9f6e1b1657a8f8c05b1106c6494dc72ae99a1c7b215cefbc909cd
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2852
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Cookie: vmuid=590b58519dc7d408; a307558=6c70c9e5-dfdf-493c-bac0-e7315e59605e; a319130=e5ae832d-e44d-4834-93ad-3867cd1604e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:47 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 250
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
ib.adnxs.com/ut/v3/prebid
185.89.211.132200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.132:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3750
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.cutimes.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: c19d8fe9-2e3a-4e97-bfe4-1ddbfb89defb
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1531981ef9429a92d7d8b4f1cbfbf422
f8de480a953b7ea586424919c5d7cb0f4850d257
31972e06370f524818209ead030c043155d5271bca62836b9f2ef097607cbc90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 633
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:48 GMT
Last-Modified: Wed, 25 Jan 2023 19:49:15 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1300&account_id=998701&title=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&referrer=&utm_campaign=dailynewsalert&utm_medium=enl&utm_source=email&utm_content=20230125&utm_term=cut
3.215.172.219200 OK 531 B URL HTTP/1.1 pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1300&account_id=998701&title=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&referrer=&utm_campaign=dailynewsalert&utm_medium=enl&utm_source=email&utm_content=20230125&utm_term=cut
IP 3.215.172.219:0
Hash 8e27493784e7a1c72ff84a2bcbe1e475
2b9afa75b9122cf40a0861ba5fec09adbc0c3524
9bed0b88fad0c6141e1a96800a9bccb32c2d9d2ae28ecab545bd075c41042bbc
GET /analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1300&account_id=998701&title=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%E2%80%99%20Accounts%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&referrer=&utm_campaign=dailynewsalert&utm_medium=enl&utm_source=email&utm_content=20230125&utm_term=cut HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 531
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pardot-rsp: 0/0/1
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
visitor_id997701=38022873; expires=Sat, 22-Jan-2033 19:59:48 GMT; Max-Age=315360000; path=/; domain=.pardot.com; secure; SameSite=None
visitor_id997701-hash=6217fa83ce9d522e5d65c7046de789cd57378fcf0c7db604c2233af8f9931c596fad875d5dfe00723d77da865731d919bb944bcd; expires=Sat, 22-Jan-2033 19:59:48 GMT; Max-Age=315360000; path=/; domain=.pardot.com; secure; SameSite=None
lpv997701=aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wMS8yNC91bnVzdWFsLWF0bS1hY3Rpdml0eS1hdC1jaXRhZGVsLWZjdS1oaXRzLW1lbWJlcnMtYWNjb3VudHMvP2t3PVVudXN1YWwlMjBBVE0lMjBBY3Rpdml0eSUyMGF0JTIwQ2l0YWRlbCUyMEZDVSUyMEhpdHMlMjBNZW1iZXJzJTI3JTIwQWNjb3VudHMmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPWVubCZ1dG1fY2FtcGFpZ249ZGFpbHluZXdzYWxlcnQmdXRtX2NvbnRlbnQ9MjAyMzAxMjUmdXRtX3Rlcm09Y3V0JnNscmV0dXJuPTIwMjMwMDI1MTQ1OTQx; expires=Wed, 25-Jan-2023 20:29:48 GMT; Max-Age=1800; path=/; secure; SameSite=None
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
a.dpmsrv.com/dpmpxl/index.php?id=0&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=254560&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
3.212.16.229200 OK 200 B URL HTTP/1.1 a.dpmsrv.com/dpmpxl/index.php?id=0&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=254560&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
IP 3.212.16.229:0
File type ASCII text, with no line terminators
Hash c599ce1072c653e44393c30889e30634
b9eb1173f0451eeb053fc43b8a62dab3b5d3a5eb
69427d4c1e4d34a6d62a46bc28bad8380429c666edbba144fe125a96a7c506ba
GET /dpmpxl/index.php?id=0&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=254560&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941 HTTP/1.1
Host: a.dpmsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cutimes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: content-type, accept
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 10
Cache-Control: no-cache, no-store, must-revalidate
content-encoding: gzip
Content-Type: text/javascript
Expires: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma: no-cache
Set-Cookie: dpm_pxl=95b979fa6cfc00e146ff35cf0ec4f811ddd52197; Max-Age=6999999993; Expires=Thu, 21 Nov 2244 08:26:21 GMT; Path=/; Domain=.dpmsrv.com; Secure; SameSite=None
dpm_pxl_aid=0; Max-Age=6999999993; Expires=Thu, 21 Nov 2244 08:26:21 GMT; Path=/; Domain=.dpmsrv.com; Secure; SameSite=None
Content-Length: 200
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce54c7520a1b8fc1f16f7e91d8e2aecf
014319cba5323d3dc25d8acd788d48c28cb5f5a0
7ae984e51d1346a6d9f232e3036fa3ba8e1515546f2d71b3d835262359ef8d70
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5042
Cache-Control: max-age=90764
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:48 GMT
Etag: "63d0360e-1d7"
Expires: Thu, 26 Jan 2023 21:12:32 GMT
Last-Modified: Tue, 24 Jan 2023 19:48:30 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=66cc3590-a566-4a34-bba9-8716e1404657&l_pb_bid_id=33711a68227dac8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.9522478782732721
69.173.144.140200 OK 342 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=66cc3590-a566-4a34-bba9-8716e1404657&l_pb_bid_id=33711a68227dac8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.9522478782732721
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (342), with no line terminators
Hash b1a8b123298351762904373356689bfb
f244a9220f65b00d79124d41b08a08e546d0c2df
00b3f1922fbab5401d6c262c60bba23d1744d3c714b4f7b2f8ba9868edc9efdd
GET /a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=66cc3590-a566-4a34-bba9-8716e1404657&l_pb_bid_id=33711a68227dac8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.9522478782732721 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/json
Content-Length: 342
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.cutimes.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LDC3BK23-1R-KNQK; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB0BJvh9I1zxd+9DtVM30fCgQvBbQh56JWeShdndTwQSRHJZUWYEM4G4Pv1CeJBev9QcHHmv29zUs0PIHI3a0fHR; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=40227d5a-853e-4fc0-a301-08441f6df6d2&l_pb_bid_id=28a7ec95fd6cdc&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.8444147280430093
69.173.144.140200 OK 342 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=40227d5a-853e-4fc0-a301-08441f6df6d2&l_pb_bid_id=28a7ec95fd6cdc&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.8444147280430093
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (342), with no line terminators
Hash 3eb503c4c28bed5adfb498d260145f9e
2fcd7d862847f173bd4d358cfcf59e990ddf2ca4
0be1c78847ffbd3862df976fc9d22c0242fc401cbc438e73af223645f1132c01
GET /a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=40227d5a-853e-4fc0-a301-08441f6df6d2&l_pb_bid_id=28a7ec95fd6cdc&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.8444147280430093 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/json
Content-Length: 342
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.cutimes.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LDC3BK1X-1H-K1KW; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB2vbxzK0qwkY+9DtVM30fCgQvBbQh56JWeShdndTwQSRHJZUWYEM4G4Pv1CeJBev9QcHHmv29zUs0PIHI3a0fHR; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=9784e75c-875e-426a-969a-641725659538&l_pb_bid_id=45d5dea0428e5c&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.9979338641916495
69.173.144.140200 OK 340 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=9784e75c-875e-426a-969a-641725659538&l_pb_bid_id=45d5dea0428e5c&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.9979338641916495
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (340), with no line terminators
Hash af8ae366dc0b64167ed0de1ace063ec9
97d57ffea330f57d552477d45f98b38d73a668d3
3318986b8f08aea5c913a644dad5f0b5ba3b2d4e4bdc2cf4e3ee8606c418b84c
GET /a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=9784e75c-875e-426a-969a-641725659538&l_pb_bid_id=45d5dea0428e5c&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.9979338641916495 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 25 Jan 2023 19:59:48 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.cutimes.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LDC3BK2S-18-8PLC; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB1XNoO6kWgCi+9DtVM30fCgQvBbQh56JWeShdndTwQSRHJZUWYEM4G4Pv1CeJBev9QcHHmv29zUs0PIHI3a0fHR; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 340
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash b7a5b6f1210ecc6faab49caa3cd9d0f2
84f03fd4521af65b48958b8292560b6346ee0eb0
4c8b35d338f31532b7dd1c09ac6a4f9b164bd57d06d4a676a4b1066b1f6c4634
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 24 Jan 2023 22:41:31 GMT
Expires: Wed, 25 Jan 2023 22:41:31 GMT
ETag: "84f03fd4521af65b48958b8292560b6346ee0eb0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1917
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, must-revalidate
date: Wed, 25 Jan 2023 19:59:46 GMT
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=44af3f52-a9be-40ab-8949-eb7fe76181fc&l_pb_bid_id=5e7431e1fa681a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.8770032021911199
69.173.144.140200 OK 340 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=44af3f52-a9be-40ab-8949-eb7fe76181fc&l_pb_bid_id=5e7431e1fa681a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.8770032021911199
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (340), with no line terminators
Hash 4e4ad327f241d8140b4ca899fc9289d5
f3476baa162ba19fbb0168d9613af1d8ba4fbbd5
e5607ed2153262a0ec1987716b5a7077e5141367f72457976fd4210fb85c1b8b
GET /a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=44af3f52-a9be-40ab-8949-eb7fe76181fc&l_pb_bid_id=5e7431e1fa681a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.8770032021911199 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 25 Jan 2023 19:59:48 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.cutimes.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LDC3BK2H-1Q-1MXB; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB2vbxzK0qwkY+9DtVM30fCgQvBbQh56JWeShdndTwQSRHJZUWYEM4G4Pv1CeJBev9QcHHmv29zUs0PIHI3a0fHR; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 340
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=251&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=f4f9c831-a334-4ad4-81b8-d7cb878785eb&l_pb_bid_id=95ab46d4646da38&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.16571137364346156
69.173.144.140200 OK 110 kB URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=251&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=f4f9c831-a334-4ad4-81b8-d7cb878785eb&l_pb_bid_id=95ab46d4646da38&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.16571137364346156
IP 69.173.144.140:0
File type gzip compressed data, from Unix\012- data
Size 110 kB (110505 bytes)
Hash 78f8794f6c5502716b42dcad3786e77e
660cfb3f9a578c8ad6b5ed8a3e2ae05902f3dcdf
8cc0c2986996d1cf35f96668d57b317e609ea76379d215c9b3a69d5bc2730297
GET /a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=251&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=f4f9c831-a334-4ad4-81b8-d7cb878785eb&l_pb_bid_id=95ab46d4646da38&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.16571137364346156 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/json
Content-Length: 364
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.cutimes.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LDC3BK34-P-ELK9; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB1IhoJyNE1NaO9DtVM30fCgQvBbQh56JWeShdndTwQSRHJZUWYEM4G4Pv1CeJBev9QcHHmv29zUs0PIHI3a0fHR; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
id.hadron.ad.gt/api/v1/hadronid
104.22.5.69200 OK 9.8 kB URL HTTP/2 id.hadron.ad.gt/api/v1/hadronid
IP 104.22.5.69:0
File type ASCII text, with very long lines (55792), with no line terminators
Hash ceb6b400aae6c446e1854e485124fcab
1116b1b6fc130bcd01d1772acb20615139f87452
637a54befb70c9437adb2955b4b32b5e15982b741fcbed68abb10b0beca2c857
GET /api/v1/hadronid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:47 GMT
content-type: text/javascript; charset=UTF-8
origin-trial:
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f397638ad3b51d-OSL
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=251&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=e8cfd19b-87d4-40e6-adb5-530d54b093dc&l_pb_bid_id=830e08ae960845&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.867894388408862
69.173.144.140200 OK 364 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=251&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=e8cfd19b-87d4-40e6-adb5-530d54b093dc&l_pb_bid_id=830e08ae960845&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.867894388408862
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (364), with no line terminators
Hash 76e4aaa6c764675d3decc5b8e5ff898a
2b7b47941d7923a6fb2f5e3204e446d4d539ce09
26019027dedfc8fa37e0c02e79ec5b03ab39f2a5337a7a969d36179d0e52e5fa
GET /a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2502986&size_id=251&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4f2ecf25-661c-4f25-8ded-91e480f13d70%5E1&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&tk_flint=pbjs_lite_v6.25.1-d&x_source.tid=e8cfd19b-87d4-40e6-adb5-530d54b093dc&l_pb_bid_id=830e08ae960845&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay%23gpt-es_sponsorship_logo&slots=1&rand=0.867894388408862 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Wed, 25 Jan 2023 19:59:48 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.cutimes.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LDC3BK2U-4-821W; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB07DKmfwpU/BO9DtVM30fCgQvBbQh56JWeShdndTwQSRHJZUWYEM4G4Pv1CeJBev9QcHHmv29zUs0PIHI3a0fHR; Domain=.rubiconproject.com; Path=/; Expires=Thu, 25-Jan-2024 19:59:48 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 364
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6918e7c5c0b75ec3d110abff38f422f6
51e1f1113581d980e08f688b5f952950fd926aac
1397ce5e580e9a7e94a11b08474db6beb3a856cd41f8a9ea14b290bb939fe9d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1397CE5E580E9A7E94A11B08474DB6BEB3A856CD41F8A9EA14B290BB939FE9D8"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3858
Expires: Wed, 25 Jan 2023 21:04:06 GMT
Date: Wed, 25 Jan 2023 19:59:48 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 04fb584bf5028a3fb1f115ed9f529ace
22f06ccfe863a5c8a695d23de11681dc3d4835e9
c7243dabf66c180561ecc8e8a49ae109768641b51357bff356d0bb5331930b19
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2643
Cache-Control: max-age=146363
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:48 GMT
Etag: "63d1189c-139"
Expires: Fri, 27 Jan 2023 12:39:11 GMT
Last-Modified: Wed, 25 Jan 2023 11:55:08 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4224
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, private, must-revalidate
date: Wed, 25 Jan 2023 19:59:47 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 496
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://p.jcontentcdn.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1445
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.cutimes.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 496
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://p.jcontentcdn.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ef8f4eb4bc19d329c5f7b81880b7914c
f931477e51cc4ef2b1d0aedba3c59f773759307c
371b1ae6b7d2b10ac7da6ec22c7d19eeb779ed80b5c2c725402eecd63252185b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4371
Cache-Control: max-age=113169
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:48 GMT
Etag: "63d09032-1d7"
Expires: Fri, 27 Jan 2023 03:25:57 GMT
Last-Modified: Wed, 25 Jan 2023 02:13:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-d&cb=72468535457
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-d&cb=72468535457
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=6.25.1-d&cb=72468535457 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3409
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:48 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://www.cutimes.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2428
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash f2158c0535ba8a8352c67a52d5bb69de
1d447839bdc2c380e87818b54b3901eaf51cbefe
d8998b6fc248c1bddac676ce883b0fe7600032b53ef0a5182e969aa6dc16e8f2
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 09:59:24 GMT
Expires: Sun, 29 Jan 2023 09:59:23 GMT
Etag: "1d447839bdc2c380e87818b54b3901eaf51cbefe"
Cache-Control: max-age=308974,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3976a0b520b45-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6591cc9f88e0bfd43f6841ead82a407e
604dfdd162a10d285019a9a994bc1cd1a797dedb
c6c0826ae311b429e08aa78baca1a397e45132bd763b3b4b2445da1991aab068
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 11:23:24 GMT
Expires: Mon, 30 Jan 2023 11:23:23 GMT
Etag: "604dfdd162a10d285019a9a994bc1cd1a797dedb"
Cache-Control: max-age=400414,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f3976a0e8cb517-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 6b937523c6623019344584bc638437ac
526ac83be9396c2f9c0fefd47dcf2ad56a091fa6
eebf50e8877333e9a195b13ed7040e6ffaeb738354d75bc960ad407daf62c921
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 19:59:48 GMT
Last-Modified: Wed, 25 Jan 2023 19:21:51 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7d75bdRKBD9_v6Ot1UBH775WGkJ24GyirgnOBqTYgjAI1ImyAy6Y5g==
Age: 2277
cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/token
54.230.111.42200 OK 272 B URL HTTP/2 cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/token
IP 54.230.111.42:0
File type JSON data\012- , ASCII text, with very long lines (878), with no line terminators
Hash a3e2231b584be9a57c4c53eb199d0b4c
78857727a8a61b0023f4b8b944af5acdfa7e9be5
ada67204cfb59dfeacec02b18dcd2994a27e2e66dfb7adf01cd5731b40981784
GET /partner/714530/domain/cutimes.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Wed, 25 Jan 2023 19:50:40 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8kmIcDi2cAk4qas15Ue_rKMc_9vYorN-brA6mDeRiu2lQBfWveT-hg==
age: 548
X-Firefox-Spdy: h2
targeting.unrulymedia.com/unruly_prebid
213.19.147.42204 No Content 0 B URL HTTP/2 targeting.unrulymedia.com/unruly_prebid
IP 213.19.147.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /unruly_prebid HTTP/1.1
Host: targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=86379855951
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=86379855951
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.25.4&cb=86379855951 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://p.jcontentcdn.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 512
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 498
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 511
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 499
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 813e88b6786ea3ea2c655bf4c3be6026
5681790ae2ced979465b6eb2f41d88ca5348e821
3766beb334ccdb6a9c5d810dee1b3eb11d4c3840ae9483f0d2a55ed9eba598da
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 19:45:30 GMT
Expires: Tue, 31 Jan 2023 19:45:29 GMT
Etag: "5681790ae2ced979465b6eb2f41d88ca5348e821"
Cache-Control: max-age=516940,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f39769a894b4f3-OSL
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=1045520370
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=1045520370
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.25.4&cb=1045520370 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 355
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://p.jcontentcdn.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 1f9a7aed0710c95160ab68e866c80a11
aa513e3b4227b4eb4269f0beb767e34bdc2afda1
3181360cb8e4953d0fb37bb3b05bdc26299b8aa6d4cb8ebd86cf71f10184671e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 16:14:51 GMT
Expires: Sun, 29 Jan 2023 16:14:50 GMT
Etag: "aa513e3b4227b4eb4269f0beb767e34bdc2afda1"
Cache-Control: max-age=331501,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f39769bc4cb527-OSL
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 520
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6dbaa82ec86ebbab8549f3cb1c4da858
91f7270a044cfac3feda9e6e0be2926f50496fa4
fa3be2b16bdb1c4ba1ae7eb7bf9c96ba67bff4afad86b1615595f3b9cfa693fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA3BE2B16BDB1C4BA1AE7EB7BF9C96BA67BFF4AFAD86B1615595F3B9CFA693FB"
Last-Modified: Mon, 23 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1532
Expires: Wed, 25 Jan 2023 20:25:20 GMT
Date: Wed, 25 Jan 2023 19:59:48 GMT
Connection: keep-alive
ghb1.adtelligent.com/v2/auction/
185.239.174.234200 OK 254 B URL HTTP/1.1 ghb1.adtelligent.com/v2/auction/
IP 185.239.174.234:0
File type JSON data\012- , ASCII text, with very long lines (1403), with no line terminators
Hash 1ee89b43f93b875c7a0930914f096a25
9faa8d0685536b4bd141db2fa3fcf191dd52b101
17edd2d8983fcaf45851357ceba9463fc14ae9d8c706bbdd2654482a8d579f82
POST /v2/auction/ HTTP/1.1
Host: ghb1.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2782
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Cookie: vmuid=590b58519dc7d408; a307558=6c70c9e5-dfdf-493c-bac0-e7315e59605e; a319130=e5ae832d-e44d-4834-93ad-3867cd1604e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 254
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 472
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.cutimes.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.cutimes.com/cdn-cgi/challenge-platform/h/g/cv/result/78f39742ade8b51d
104.18.2.183200 OK 6 B URL HTTP/2 www.cutimes.com/cdn-cgi/challenge-platform/h/g/cv/result/78f39742ade8b51d
IP 104.18.2.183:0
File type ASCII text, with no line terminators
Hash 7d14c6d06a6075d413d43d381c992eba
49bdfc1145f7c7a7bf870f069b9d23a97966cb30
f48bd14f1f30b485d99a2904d06cbd9fa03ccaa5779105a3d3cf963edb2ac385
POST /cdn-cgi/challenge-platform/h/g/cv/result/78f39742ade8b51d HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12972
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660; utag_main=v_id:0185ea83c8990007b91152748b6600050012300900918$_sn:1$_se:1$_ss:1$_st:1674678583258$ses_id:1674676783258%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com; hbx_lt=none; AMCV_96C4370453295E4C0A490D44%40AdobeOrg=1585540135%7CMCIDTS%7C19383%7CvVersion%7C4.4.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=dJObNc1gNz6HClFoypM88sL4ru5EqE_5QugC_Xh3U0c-1674676785-0-AXVrE9isEHlBih5/ptcRsRH/3lLHkrL2WI6jCiPAcoTyCQ4Xgvi276ZLNZzAybhdKh5l9NBopwDUwoRXpkUgRTK3+we1utJ/2Kx/8UX71bKcb57CC7Pne47iKfvGqLZiGm5FFQUh841DvlF6Xs7QBzc=; path=/; expires=Wed, 25-Jan-23 20:29:45 GMT; domain=.cutimes.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78f397566df2b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 473
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:49 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d10114508bd40d76f497fc5b9c064350
c9b86b2b27063e0a58b0f237d451f9cf05b2122d
a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8252
x-amzn-requestid: c7064a36-7bb0-42c7-9ee8-9ee798ce8cbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEq3UEjVoAMFipg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb582e-5be2ad2a217f9b4b6834a278;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b4EbiS-go4Yy-UcA4CbKj10TbS6qKgQd6ZgqB3XVyd9ieBPszfx_jw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:47:57 GMT
age: 79912
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 575542c99dc91accbb71dd6920e7514b
d9259256dffe73799813533e13e50e82ab7ad40b
12370e6aa9b0c0ecf8a6a08b3b208c808a05b0210f9b430474b61e3fe4191518
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 25 Jan 2023 19:59:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 25 Jan 2023 03:58:40 GMT
Expires: Thu, 26 Jan 2023 03:58:40 GMT
ETag: "d9259256dffe73799813533e13e50e82ab7ad40b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
targeting.unrulymedia.com/unruly_prebid
213.19.147.42204 No Content 0 B URL HTTP/2 targeting.unrulymedia.com/unruly_prebid
IP 213.19.147.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /unruly_prebid HTTP/1.1
Host: targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 5181
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:49 GMT
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
pragma: no-cache
cache-control: private, max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 479
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:49 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 480
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:49 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ghb.adtelligent.com/adunit/mut
185.239.173.66204 No Content 0 B URL HTTP/1.1 ghb.adtelligent.com/adunit/mut
IP 185.239.173.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adunit/mut HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4670
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Cookie: vmuid=590b58519dc7d408; a307558=6c70c9e5-dfdf-493c-bac0-e7315e59605e; a319130=e5ae832d-e44d-4834-93ad-3867cd1604e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:48 GMT
Access-Control-Allow-Origin: https://p.jcontentcdn.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
ghb.hbmp.mediafuse.com/adunit/multitracking
185.239.173.226204 No Content 0 B URL HTTP/1.1 ghb.hbmp.mediafuse.com/adunit/multitracking
IP 185.239.173.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adunit/multitracking HTTP/1.1
Host: ghb.hbmp.mediafuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 24477
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: Adtelligent
Date: Wed, 25 Jan 2023 19:59:49 GMT
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 481
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:49 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 480
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 25 Jan 2023 19:59:49 GMT
access-control-allow-origin: https://p.jcontentcdn.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
colossusssp.com/?c=o&m=multi
8.2.111.124200 OK 2 B URL HTTP/1.1 colossusssp.com/?c=o&m=multi
IP 8.2.111.124:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /?c=o&m=multi HTTP/1.1
Host: colossusssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1310
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 19:59:49 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6d36410535a438f969f490dee9762eaa
7bbbe2da3f47ace7704d95f89626712087527c71
1999afc2eba6bc6afb7eedc29f27c9e362612df6b132aa77baf90ca02176dfe3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2106
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 19:59:49 GMT
Last-Modified: Wed, 25 Jan 2023 19:24:43 GMT
Server: ECS (amb/6BC5)
X-Cache: HIT
Content-Length: 280
www.cutimes.com/assets/js/core/jquery.history.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/js/core/jquery.history.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/js/core/jquery.history.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bbd23b51d-OSL
access-control-allow-origin: *
age: 2317
cache-control: public, max-age=14400
etag: W/"21571-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 10
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/release/common.min.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/js/release/common.min.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/master-template/js/release/common.min.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bbd2ab51d-OSL
access-control-allow-origin: *
age: 2317
cache-control: public, max-age=14400
etag: W/"54571-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 13
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/multishared/css/styles.css
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/multishared/css/styles.css
IP 104.18.2.183:0
GET /assets/multishared/css/styles.css HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: text/css;charset=UTF-8
cf-ray: 78f3974509a9b51d-OSL
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
etag: W/"17394-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
cf-bgj: minify
cf-polished: origSize=17394
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/master-article-functions.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/js/master-article-functions.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/master-template/js/master-article-functions.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bcd49b51d-OSL
access-control-allow-origin: *
age: 2317
cache-control: public, max-age=14400
etag: W/"14150-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 10
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/
104.22.56.174200 OK 0 B URL HTTP/2 users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/
IP 104.22.56.174:0
GET /users/domains/5LgKJnVMkL/sdk/ HTTP/1.1
Host: users.api.jeeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:44 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cache-control: max-age=14400
etag: W/"7bf79-eGpQ5jwx3n/eGMFF3QEqC+2FoNc"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 2319
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f3974c1ceab4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
player.adtelligent.com/exchange_rates/279934/config.json?cb=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
45.133.44.4200 OK 0 B URL HTTP/2 player.adtelligent.com/exchange_rates/279934/config.json?cb=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /exchange_rates/279934/config.json?cb=https%3A%2F%2Fwww.cutimes.com%2F2023%2F01%2F24%2Funusual-atm-activity-at-citadel-fcu-hits-members-accounts%2F%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941 HTTP/1.1
Host: player.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:47 GMT
content-type: application/json
server: nginx
last-modified: Tue, 24 Jan 2023 12:01:12 GMT
etag: W/"63cfc888-2212"
cache-control: max-age=172800
content-encoding: gzip
expires: Fri, 27 Jan 2023 19:59:47 GMT
access-control-allow-origin: https://www.cutimes.com
x-proxy-cache: HIT
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/css/release/markets-lite.min.css?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/css/release/markets-lite.min.css?2023-01-25-14
IP 104.18.2.183:0
GET /assets/master-template/css/release/markets-lite.min.css?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: text/css;charset=UTF-8
cf-ray: 78f39744f984b51d-OSL
access-control-allow-origin: *
age: 2320
cache-control: public, max-age=14400
etag: W/"226146-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 12
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674662400
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674662400
IP 104.18.2.183:0
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674662400 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: application/javascript; charset=UTF-8
x-control-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
server: cloudflare
cf-ray: 78f39752c865b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.cutimes.com%2F
45.133.44.4200 OK 0 B URL HTTP/2 player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.cutimes.com%2F
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.cutimes.com%2F HTTP/1.1
Host: player.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Referer: https://p.jcontentcdn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:48 GMT
content-type: application/json
server: nginx
last-modified: Tue, 24 Jan 2023 12:01:17 GMT
etag: W/"63cfc88d-852"
cache-control: max-age=172800
content-encoding: gzip
expires: Fri, 27 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://p.jcontentcdn.com
x-proxy-cache: HIT
X-Firefox-Spdy: h2
www.dianomi.com/img/a/pss/1972/61.css
172.64.152.105200 OK 0 B URL HTTP/2 www.dianomi.com/img/a/pss/1972/61.css
IP 172.64.152.105:0
GET /img/a/pss/1972/61.css HTTP/1.1
Host: www.dianomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/%3Fkw%3DUnusual%2520ATM%2520Activity%2520at%2520Citadel%2520FCU%2520Hits%2520Members%2527%2520Accounts%26utm_source%3Demail%26utm_medium%3Denl%26utm_campaign%3Ddailynewsalert%26utm_content%3D20230125%26utm_term%3Dcut%26slreturn%3D20230025145941
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: text/css; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=2628000
cf-bgj: minify
cf-polished: origSize=2947
etag: W/"b83-5f270d9af8926"
last-modified: Tue, 17 Jan 2023 07:43:05 GMT
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 275881
expires: Sat, 25 Feb 2023 05:59:45 GMT
server: cloudflare
cf-ray: 78f397531d280b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CUO2I9ST
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUO2I9ST
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CUO2I9ST HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 5285
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:59:49 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
p.jcontentcdn.com/prebidlink/19382/j.html?i=11595
45.133.44.4200 OK 0 B URL HTTP/2 p.jcontentcdn.com/prebidlink/19382/j.html?i=11595
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /prebidlink/19382/j.html?i=11595 HTTP/1.1
Host: p.jcontentcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: text/html; charset=utf-8
server: nginx
last-modified: Tue, 15 Feb 2022 18:17:37 GMT
etag: W/"620bee41-43d"
cache-control: max-age=172800
content-encoding: gzip
expires: Fri, 27 Jan 2023 19:59:46 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css
IP 104.18.2.183:0
GET /assets/master-template/css/release/bootstrap-master-template.min.css HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: text/css;charset=UTF-8
cf-ray: 78f39744f987b51d-OSL
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
etag: W/"107730-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 145
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
static.chartbeat.com/js/chartbeat.js
54.230.219.187200 OK 0 B URL HTTP/2 static.chartbeat.com/js/chartbeat.js
IP 54.230.219.187:0
GET /js/chartbeat.js HTTP/1.1
Host: static.chartbeat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Wed, 25 Jan 2023 02:57:12 GMT
server: nginx
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
cross-origin-resource-policy: cross-origin
expires: Thu, 26 Jan 2023 02:57:12 GMT
cache-control: max-age=86400
content-encoding: gzip
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2d4OuJceGsFa-CqFxzJcAOPkt6IGday4ajhsqoh8g-h0N0aOa0-RoA==
age: 61355
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/olytics_dfp.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/js/olytics_dfp.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/master-template/js/olytics_dfp.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bbd2cb51d-OSL
access-control-allow-origin: *
age: 2317
cache-control: public, max-age=14400
etag: W/"5581-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 13
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ads.servenobid.com/adreq?cb=8905
18.200.146.35200 OK 0 B URL HTTP/2 ads.servenobid.com/adreq?cb=8905
IP 18.200.146.35:0
POST /adreq?cb=8905 HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1284
Origin: https://www.cutimes.com
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:48 GMT
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
IP 104.18.2.183:0
GET /2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: text/html;charset=utf-8
cf-ray: 78f39742ade8b51d-OSL
access-control-allow-origin: *
content-language: en-US
set-cookie: NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660;expires=Wed, 25-Jan-2023 20:04:42 GMT;path=/;secure;httponly
vary: accept-encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 27
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/js/core/jquery.touchSwipe.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/js/core/jquery.touchSwipe.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/js/core/jquery.touchSwipe.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bbd24b51d-OSL
access-control-allow-origin: *
age: 2318
cache-control: public, max-age=14400
etag: W/"67916-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 13
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/release/jquery.stickit.min.js
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/js/release/jquery.stickit.min.js
IP 104.18.2.183:0
GET /assets/master-template/js/release/jquery.stickit.min.js HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bcd46b51d-OSL
access-control-allow-origin: *
age: 2317
cache-control: public, max-age=14400
etag: W/"9949-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 145
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/css/release/article.min.css?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/css/release/article.min.css?2023-01-25-14
IP 104.18.2.183:0
GET /assets/master-template/css/release/article.min.css?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:42 GMT
content-type: text/css;charset=UTF-8
cf-ray: 78f39744f98bb51d-OSL
access-control-allow-origin: *
age: 2321
cache-control: public, max-age=14400
etag: W/"29597-1674594876000"
expires: Wed, 25 Jan 2023 23:59:42 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 11
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/tealium.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/js/tealium.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/master-template/js/tealium.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bbd29b51d-OSL
access-control-allow-origin: *
age: 2318
cache-control: public, max-age=14400
etag: W/"4601-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 10
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/article-share-tools.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/js/article-share-tools.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/master-template/js/article-share-tools.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bcd48b51d-OSL
access-control-allow-origin: *
age: 2317
cache-control: public, max-age=14400
etag: W/"11798-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 11
x-frame-options: SAMEORIGIN
x-vnode: 28
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js
IP 104.18.2.183:0
GET /assets/master-template/js/release/lazyloadXT.min.js HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:43 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bcd4bb51d-OSL
access-control-allow-origin: *
age: 2318
cache-control: public, max-age=14400
etag: W/"2937-1674594876000"
expires: Wed, 25 Jan 2023 23:59:43 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: accept-encoding
cf-cache-status: HIT
access-control-allow-credentials: true
backend: templates_newlaw_director
x-cache: HIT 1
x-frame-options: SAMEORIGIN
x-vnode: 21
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/sbm/luminaries-rmr-tab.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/js/sbm/luminaries-rmr-tab.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/master-template/js/sbm/luminaries-rmr-tab.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:44 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bbd2db51d-OSL
access-control-allow-origin: *
cache-control: public, max-age=14400
etag: W/"2019-1674594876000"
expires: Wed, 25 Jan 2023 23:59:44 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
backend: templates_newlaw_director
cteonnt-length: 2019
x-cache: HIT 39
x-frame-options: SAMEORIGIN
x-vnode: 27
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/master-template/js/bombora-rtvi.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:44 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bcd57b51d-OSL
access-control-allow-origin: *
cache-control: public, max-age=14400
etag: W/"1001-1674594876000"
expires: Wed, 25 Jan 2023 23:59:44 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
backend: templates_newlaw_director
ntcoent-length: 1001
x-cache: HIT 39
x-frame-options: SAMEORIGIN
x-vnode: 27
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
player.mediafuse.com/prebidlink/465187/wrapper_hb_302826_14704.js
45.133.44.3200 OK 0 B URL HTTP/2 player.mediafuse.com/prebidlink/465187/wrapper_hb_302826_14704.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /prebidlink/465187/wrapper_hb_302826_14704.js HTTP/1.1
Host: player.mediafuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:45 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Thu, 17 Nov 2022 19:33:59 GMT
etag: W/"63768ca7-6c9"
cache-control: max-age=172800
content-encoding: gzip
expires: Fri, 27 Jan 2023 19:59:45 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://p.jcontentcdn.com/
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://p.jcontentcdn.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.cutimes.com/assets/sites/sbm/js/hide-article-image.js?2023-01-25-14
104.18.2.183200 OK 0 B URL HTTP/2 www.cutimes.com/assets/sites/sbm/js/hide-article-image.js?2023-01-25-14
IP 104.18.2.183:0
GET /assets/sites/sbm/js/hide-article-image.js?2023-01-25-14 HTTP/1.1
Host: www.cutimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cutimes.com/2023/01/24/unusual-atm-activity-at-citadel-fcu-hits-members-accounts/?kw=Unusual%20ATM%20Activity%20at%20Citadel%20FCU%20Hits%20Members%27%20Accounts&utm_source=email&utm_medium=enl&utm_campaign=dailynewsalert&utm_content=20230125&utm_term=cut&slreturn=20230025145941
Cookie: sailthru_hid=f81eaf8babb255470c6dfc18f0b87cb256545195e9a8a2167d8b5246e32701a81dbfbfbceb9d3d1273079c08; sailthru_bid=30350181.4529; NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e00a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:44 GMT
content-type: application/javascript;charset=UTF-8
cf-ray: 78f3974bbd31b51d-OSL
access-control-allow-origin: *
cache-control: public, max-age=14400
etag: W/"731-1674594876000"
expires: Wed, 25 Jan 2023 23:59:44 GMT
last-modified: Tue, 24 Jan 2023 21:14:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
backend: templates_newlaw_director
ntcoent-length: 731
x-cache: HIT 28
x-frame-options: SAMEORIGIN
x-vnode: 27
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
p.jcontentcdn.com/prebidlink/y19382/hbw_master_307825_11595.js
45.133.44.4200 OK 0 B URL HTTP/2 p.jcontentcdn.com/prebidlink/y19382/hbw_master_307825_11595.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /prebidlink/y19382/hbw_master_307825_11595.js HTTP/1.1
Host: p.jcontentcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://p.jcontentcdn.com/prebidlink/19382/j.html?i=11595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 19:59:46 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 20 Jan 2023 16:23:01 GMT
etag: W/"63cabfe5-14c90"
cache-control: max-age=172800
content-encoding: gzip
expires: Fri, 27 Jan 2023 19:59:46 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.3.30200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.3.30:0
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://p.jcontentcdn.com/
Origin: https://p.jcontentcdn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 19:59:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://p.jcontentcdn.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2