ouo.press Open in urlscan Pro
2606:4700:10::6816:3bfb  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_cnv_n-Outbrain HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_cnv_n-Outbrain&dcc=t

Request Chain 58

• https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
• https://s.amazon-adsystem.com/ecm3?id=803B1BAD1485436ABFE1A0E19DC80B24&ex=simpli.fi&status=ok

Request Chain 59

• https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
• https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4b74ba707bc51214&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGayclF-yEBAMZHo5lAAAAAAA&expiration=1647156653&is_secure=true

Request Chain 73

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

• https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=0&topUrl=ouo.press&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=JATYpXx1dVhDSTROOTlzV0NsbTRjRWkrOFNJWmJrekxaRTlyZEYrellrQWVRRFV4MnJwWGdMVzlEU29LRVdKcGN2ekE2dTEzQUtmQXRpbi9ySTlXbFAvQm5IYWtsOXBTM2lZdHpRbXpLVHdnaytnRHEreVVFdW45ZDJNR3d0OTU2UEdLeFZVa3o4bUIrRGg3Y3YweW1UVUorejJaWTBIQ21mUTU2SENzVkZhQmVodnFOWTF3aW94S0s2NjU2Q3BpZkdNQlRCenVLMStnejY3SXh2Tld4UmZhakcxa2pmWTJMd2RjK1RjQmZUSDBNSitvMjN1cFJuelpVNE5GVWl5Qi9Jc3JyNUp4dHB6dmEzTEN5ZU5Qa25DZ1Z0UT09fA&cppv=2

Request Chain 86

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBQip6p1gk1BW3ivrBgxAG8&google_cver=1

Request Chain 87

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/EaZOn-iMlVsze8COIJ686w?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8574701324227558603

Request Chain 88

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0NJ3P2Y-N-A19X

Request Chain 90

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bZGhYzYIRIagLGXfcqYO1Q&rk=usync-na HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bZGhYzYIRIagLGXfcqYO1Q

Request Chain 91

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGY3MWE5ZmIzYTg0ZWEzMjA2NjE1OWJlMGQxMzk0YWNhNDI5MjAyYg

Request Chain 92

• https://token.rubiconproject.com/token?pid=26594 HTTP 302
• https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0NJ3P2Y-N-A19X&sigv=1&esig=2~0118275d63474cd795c63ef6f9a9cd8ed26d8558

Request Chain 93

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBOSjNQMlktTi1BMTlY

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request nitbha Show response ouo.press/	10 KB 5 KB	320ms 179ms	Document text/html	2606:4700:10::6816:3bfb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0ff1d566c074fc5e17e066f0dce4d2b4a872d6fa1b8d14fa02a50fb6197ff02 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers date Sat, 12 Mar 2022 07:30:52 GMT content-type text/html; charset=UTF-8 cache-control no-cache x-frame-options SAMEORIGIN x-content-type-options nosniff x-xss-protection 1; mode=block cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6eaad3b54f3e4bcb-YUL content-encoding br
GET H2	200	css fonts.googleapis.com/	1020 B 918 B	82ms 35ms	Stylesheet text/css	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Questrial Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 12 Mar 2022 06:25:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 12 Mar 2022 07:30:52 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Mar 2022 07:30:52 GMT
GET H2	200	bootstrap.css ouo.press/css/	107 KB 18 KB	22ms 21ms	Stylesheet text/css	2606:4700:10::6816:3bfb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/css/bootstrap.css Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/nitbha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:52 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 17030 cf-polished origSize=109522 cf-bgj minify x-xss-protection 1; mode=block last-modified Sat, 14 Feb 2015 06:58:04 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"54def1fc-1abd2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=86400 cf-ray 6eaad3b698074bcb-YUL expires Sat, 12 Mar 2022 14:47:02 GMT
GET H2	200	link-safe.css ouo.press/css/	6 KB 2 KB	20ms 20ms	Stylesheet text/css	2606:4700:10::6816:3bfb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/css/link-safe.css Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/nitbha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:52 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 7908 cf-polished status=cannot_optimize cf-bgj minify x-xss-protection 1; mode=block last-modified Wed, 02 Oct 2019 21:46:54 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5d951ace-1830" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=86400 cf-ray 6eaad3b698084bcb-YUL expires Sat, 12 Mar 2022 17:19:04 GMT
GET H/1.1	200 OK	16562 Show response phallicuncut.com/1clkn/	0 1 KB	454ms 96ms	Script application/javascript	23.109.82.171 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://phallicuncut.com/1clkn/16562 Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 23.109.82.171 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 12 Mar 2022 07:30:53 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Connection keep-alive Transfer-Encoding chunked Strict-Transport-Security max-age=1 Keep-Alive timeout=20
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 996 B	85ms 39ms	Script text/javascript	2607:f8b0:4006:81e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2004 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fe31637bfafe6a114c4adc834dbd9ce8a9a4ad9527f896a5a10303a5ce47b00c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:52 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 583 x-xss-protection 1; mode=block expires Sat, 12 Mar 2022 07:30:52 GMT
GET H2	200	html_102001.js Show response video.your-notice.com/	775 B 525 B	293ms 99ms	Script application/javascript	142.91.9.135 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://video.your-notice.com/html_102001.js Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash f89938c79873cd609d75b6112604cbedf77695f1eeed40d179bc5a450d9680b3 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:45 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type application/javascript; charset=utf-8
GET H/1.1	403 Forbidden	ed36014633829dc70a42dccaefdf3f11.js itineraryupper.com/ed/36/01/	0 0	334ms 31ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sat, 12 Mar 2022 07:30:52 GMT Server nginx/1.17.9 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	n.js Show response cdn.runative-syndicate.com/sdk/v1/	13 KB 5 KB	181ms 18ms	Script application/javascript	8.253.154.239 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://cdn.runative-syndicate.com/sdk/v1/n.js Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.253.154.239 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 653b2325d22c32a353ca70c93bc56b618a4af7a2294790bd639527ad0d3632ba Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:52 GMT content-encoding gzip last-modified Thu, 12 Aug 2021 08:36:05 GMT server nginx age 18311493 etag W/"6114dd75-3202" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 5220
GET H2	200	world.png ouo.press/images/	6 KB 6 KB	21ms 20ms	Image image/png	2606:4700:10::6816:3bfb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ouo.press/images/world.png Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/nitbha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:52 GMT x-content-type-options nosniff cf-cache-status HIT age 2391113 cf-polished status=not_needed content-length 5692 x-xss-protection 1; mode=block last-modified Wed, 06 May 2015 05:02:52 GMT server cloudflare x-frame-options SAMEORIGIN etag "5549a07c-163c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png expires Mon, 14 Mar 2022 15:18:59 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 6eaad3b728a14bcb-YUL cf-bgj imgq:85,h2pri
GET H2	200	email-decode.min.js Show response ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 818 B	14ms 13ms	Script application/javascript	2606:4700:10::6816:3bfb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/nitbha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:52 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 11 Mar 2022 12:22:44 GMT server cloudflare etag W/"622b3f14-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 6eaad3b728a04bcb-YUL vary Accept-Encoding expires Mon, 14 Mar 2022 07:30:52 GMT
GET H2	200	fab.js Show response ecdn.analysis.fi/static/js/	4 KB 2 KB	69ms 17ms	Script application/javascript	13.225.71.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.analysis.fi/static/js/fab.js Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.71.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-71-5.ewr53.r.cloudfront.net Software nginx/1.18.0 / Resource Hash d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 06:48:33 GMT content-encoding gzip last-modified Fri, 11 Mar 2022 11:31:57 GMT server nginx/1.18.0 age 2539 etag W/"622b332d-1090" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop EWR53-C1 x-amz-cf-id Lf3rLGIHZiYggWDdW2g9IINsUkNaaxwrgbGwSBbfgngyyW4xVvc0LQ== via 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront) expires Sat, 12 Mar 2022 07:48:33 GMT
GET H2	200	fi_client.js Show response ecdn.firstimpression.io/	347 KB 93 KB	81ms 20ms	Script application/javascript	13.33.60.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/fi_client.js Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.60.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-104.ewr52.r.cloudfront.net Software nginx/1.18.0 / PHP/7.3.23 Resource Hash 1979f1ea521c0f574e0010c0bacc23b0e687ad5c68a9112a5ede41d39d1f2790 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 06:38:30 GMT content-encoding br age 3142 x-powered-by PHP/7.3.23 x-cache Hit from cloudfront x-xss-protection 0 access-control-allow-origin * last-modified Sat, 12 Mar 2022 06:38:30 UTC server nginx/1.18.0 etag W/"e64cff15c9116ad799dd2b2c3c800a17" vary Accept-Encoding content-type application/javascript via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop EWR52-C1 x-amz-cf-id mTvg8gpIsf8ku8YC5YPyiVy6hPTCyhG8SoZ7544qzKhJh8ToDyNQ1Q== expires Sat, 12 Mar 2022 07:38:30 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/	357 KB 141 KB	66ms 19ms	Script text/javascript	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ouo.press/ Origin https://ouo.press Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 01:18:15 GMT content-encoding gzip x-content-type-options nosniff age 22357 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 143659 x-xss-protection 0 last-modified Mon, 07 Mar 2022 05:02:21 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 12 Mar 2023 01:18:15 GMT
GET H2	200	favicon.ico ad.doubleclick.net/	1 KB 664 B	70ms 20ms	Image image/x-icon	142.251.41.6 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.41.6 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s40-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 00:43:46 GMT content-encoding gzip x-content-type-options nosniff age 24426 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 13 Mar 2022 00:43:46 GMT
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/	3 KB 3 KB	270ms 40ms	Image image/svg+xml	104.77.9.170 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.77.9.170 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-77-9-170.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:52 GMT last-modified Tue, 08 Mar 2022 10:17:27 GMT server AkamaiNetStorage etag "9d26fa4e7238ed94f1d0d92afb453b3e:1646735198.653837" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 2735 expires Mon, 11 Apr 2022 07:30:52 GMT
GET H2	200	spc_fi.php Show response cdn.firstimpression.io/delivery/	26 KB 6 KB	108ms 97ms	XHR application/json	13.33.60.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2Fnitbha&charset=UTF-8&ch=7&ref=ouo.press&viewerId=null&referer=&_firid=23227925 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.60.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-104.ewr52.r.cloudfront.net Software nginx/1.18.0 / PHP/7.3.23 Resource Hash bc8b70d651865a91932591481fba7d6adac6c2d5b8ed10d1bb5cedd6ae428e9a Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://ouo.press/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:52 GMT content-encoding gzip x-amz-cf-pop EWR52-C1 x-powered-by PHP/7.3.23 x-cache Miss from cloudfront p3p CP="CUR ADM OUR NOR STA NID" pragma no-cache access-control-allow-origin https://ouo.press server nginx/1.18.0 vary Accept-Encoding content-type application/json; charset=UTF-8 via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-amz-cf-id m2TCJ_vQryKZvVOeFS7sPkV2NnWsRHYF42VqY4XuzDd_lJBXMuGpew== expires 0
GET H2	200	n.css cdn.run-syndicate.com/sdk/v1/	8 KB 8 KB	197ms 18ms	Stylesheet text/css	8.252.63.249 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://cdn.run-syndicate.com/sdk/v1/n.css Requested by Host: cdn.runative-syndicate.com URL: https://cdn.runative-syndicate.com/sdk/v1/n.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.252.63.249 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT last-modified Thu, 12 Aug 2021 08:36:05 GMT server nginx age 18311763 etag "6114dd75-2055" content-type text/css accept-ranges bytes x-robots-tag noindex, nofollow content-length 8277
GET H2	200	dynamic Show response run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/	10 KB 6 KB	99ms 30ms	Script application/javascript	213.174.157.83 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1600&h=1200&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,nitbha&adtype=label-under&callback=callback_hisMr Requested by Host: cdn.runative-syndicate.com URL: https://cdn.runative-syndicate.com/sdk/v1/n.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.157.83 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash 18153ee0cceeea26a678c22cf739396bb689e7c68d3a5503c889233298b589dd Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 12 Mar 2022 07:30:52 GMT content-encoding gzip server nginx x-api-version 2 vary Accept-Encoding, * report-to { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag none, noindex, nofollow x-request-id ce2c2cf008c79180 expires 0
GET H2	200	QdVUSTchPBm7nuUeVf70viFl.woff2 fonts.gstatic.com/s/questrial/v17/	19 KB 19 KB	80ms 32ms	Font font/woff2	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/questrial/v17/QdVUSTchPBm7nuUeVf70viFl.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Questrial Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ouo.press Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 20:08:26 GMT x-content-type-options nosniff age 213746 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19292 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:15:05 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 09 Mar 2023 20:08:26 GMT
GET H2	200	prebidamp.js Show response ecdn.firstimpression.io/static/js/	312 KB 115 KB	74ms 25ms	Script application/javascript	13.33.60.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/static/js/prebidamp.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.60.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-104.ewr52.r.cloudfront.net Software nginx/1.18.0 / Resource Hash 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83 Request headers Referer https://ouo.press/ Origin https://ouo.press Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 06:52:17 GMT content-encoding gzip last-modified Fri, 11 Mar 2022 07:57:44 GMT server nginx/1.18.0 age 2316 etag W/"622b00f8-4e128" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop EWR52-C1 x-amz-cf-id 4cEAAw7GiF-PhU_qqC0XJnUHcCRdPCdF4si0eZa1kEl48dROfj7ddQ== via 1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront) expires Sat, 12 Mar 2022 07:52:17 GMT
GET H2	200	creative.js Show response cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/	26 KB 9 KB	54ms 21ms	Script application/javascript	2606:4700::6810:5614 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ouo.press/ Origin https://ouo.press Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:52 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 41326 x-jsd-version 1.13.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19152-FRA, cache-yyz4539-YYZ timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6eaad3b92c3c713e-YUL
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	134 KB 36 KB	351ms 20ms	Script application/javascript	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software Server / Resource Hash 43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-amz-version-id PkzOLZU8S17VIVcnoP84wAEiDGtgTmz9 content-encoding gzip etag 0e4876665018a306b1c42fb415cdf907 age 32241 x-cache Hit from cloudfront server Server x-amz-rid 1PMBK2CPFCJAERACF66Q date Fri, 11 Mar 2022 22:33:34 GMT vary Accept-Encoding content-type application/javascript via 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop EWR52-C2 accept-ranges bytes timing-allow-origin * x-amz-cf-id nsQDi2NN6iKeq2AQZ9w-rZnTjbDLNmIOHQfvz-fJdzcuo82VgVMh9Q==
GET H2	200	fiamp.js Show response ecdn.firstimpression.io/static/js/ Frame 988C	110 KB 41 KB	31ms 30ms	Script application/javascript	13.33.60.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/static/js/fiamp.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.60.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-104.ewr52.r.cloudfront.net Software nginx/1.18.0 / Resource Hash 3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:13:38 GMT content-encoding gzip last-modified Fri, 11 Mar 2022 11:31:57 GMT server nginx/1.18.0 age 1034 etag W/"622b332d-1b8e9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop EWR52-C1 x-amz-cf-id o7v_iPO8FNUXRhaz9iSZYxg9SAa155YR8TdPAlzcks0mZ8h3jges_w== via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) expires Sat, 12 Mar 2022 08:13:38 GMT
GET DATA	200 OK	truncated /	592 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 782D	42 KB 22 KB	53ms 49ms	Document text/html	2607:f8b0:4006:81e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=6x8o0t9dv8wm Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2004 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0ef0afc1606fe44753aadbfc18da9a7e7731b5bd4cc1cf7e555314c956cbcb3d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8AthUV6Yn/NpxK//KJSwow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 12 Mar 2022 07:30:53 GMT content-security-policy script-src 'report-sample' 'nonce-8AthUV6Yn/NpxK//KJSwow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 21972 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	prebidamp.js Show response ecdn.firstimpression.io/static/js/ Frame 988C	312 KB 115 KB	20ms 19ms	Script application/javascript	13.33.60.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/static/js/prebidamp.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/fiamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.60.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-104.ewr52.r.cloudfront.net Software nginx/1.18.0 / Resource Hash 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83 Request headers Referer https://ouo.press/ Origin https://ouo.press Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 06:52:17 GMT content-encoding gzip last-modified Fri, 11 Mar 2022 07:57:44 GMT server nginx/1.18.0 age 2316 etag W/"622b00f8-4e128" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop EWR52-C1 x-amz-cf-id wmhL0ZDZBJX-IX5HdPSqTXDoT5ZynlUYXyXgJjkTbjkmrpScBCvwXA== via 1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront) expires Sat, 12 Mar 2022 07:52:17 GMT
GET H2	200	300x250.webp lcdn.tsyndicate.com/images/5/2/051f76b30c2458cd28ab9c74a0702b2bdfd13a/	3 KB 4 KB	190ms 18ms	Image image/webp	8.250.99.249 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/5/2/051f76b30c2458cd28ab9c74a0702b2bdfd13a/300x250.webp Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.250.99.249 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash c8d7f8a9e51f95d429febec6455421cd8ec926b73c4ad9462f6900b548863316 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT content-encoding gzip last-modified Mon, 28 Jun 2021 07:51:58 GMT server nginx age 18986495 etag W/"60d97f9e-dd2" vary Accept-Encoding content-type image/webp accept-ranges bytes x-robots-tag noindex, nofollow content-length 3561
GET H2	200	300x250.webp lcdn.tsyndicate.com/images/a/f/471089d50b93c1e06d1546739cadfea57ae5eb/	6 KB 6 KB	190ms 19ms	Image image/webp	8.250.99.249 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/a/f/471089d50b93c1e06d1546739cadfea57ae5eb/300x250.webp Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.250.99.249 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 8974ca8161b5e625093bf914b0b5e02d7aa9f79e9c28d9b15abe5df34e1e4b44 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT content-encoding gzip last-modified Thu, 11 Mar 2021 14:50:44 GMT server nginx age 18986210 etag W/"604a2e44-16ce" vary Accept-Encoding content-type image/webp accept-ranges bytes x-robots-tag noindex, nofollow content-length 5861
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 782D	51 KB 24 KB	50ms 21ms	Stylesheet text/css	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=6x8o0t9dv8wm Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 01:18:02 GMT content-encoding gzip x-content-type-options nosniff age 22371 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 07 Mar 2022 05:02:21 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 12 Mar 2023 01:18:02 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 782D	357 KB 140 KB	47ms 20ms	Script text/javascript	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=6x8o0t9dv8wm Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 01:18:15 GMT content-encoding gzip x-content-type-options nosniff age 22358 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 143659 x-xss-protection 0 last-modified Mon, 07 Mar 2022 05:02:21 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 12 Mar 2023 01:18:15 GMT
POST H2	200	lg.php cdn.firstimpression.io/delivery/ Frame 988C	1 B 445 B	88ms 87ms	Ping text/html	13.33.60.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C88461%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C6%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459%7C110459 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/fiamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.60.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-104.ewr52.r.cloudfront.net Software nginx/1.18.0 / PHP/7.3.23 Resource Hash cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 Request headers Referer https://ouo.press/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 12 Mar 2022 07:30:53 GMT content-encoding gzip server nginx/1.18.0 x-amz-cf-pop EWR52-C1 x-powered-by PHP/7.3.23 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://ouo.press cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 x-amz-cf-id us58cAV1FeN5xGAAARR3vh3Z7j-6e2uAfhmewpaDFXjyrPtrALEE7g== via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) expires 0
POST H2	204	mvo Show response tag.1rx.io/rmp/212927/0/ Frame 988C	0 165 B	83ms 27ms	XHR text/plain	199.127.204.162 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.127.204.162 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ouo.press/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ouo.press pragma no-cache date Sat, 12 Mar 2022 07:30:53 GMT cache-control private, max-age=0, no-cache, no-store access-control-allow-credentials true server Tengine
POST H2	200	cdb Show response bidder.criteo.com/ Frame 988C	18 B 306 B	188ms 26ms	XHR application/json	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=79917466665 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Finatra / Resource Hash ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ouo.press/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers date Sat, 12 Mar 2022 07:30:52 GMT content-encoding gzip server Finatra vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://ouo.press access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 44
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/ Frame 988C	348 B 1 KB	181ms 85ms	XHR application/json	2602:803:c002:200::52 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2Fnitbha&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2Fnitbha&tg_i.page=https%3A%2F%2Fouo.press%2Fnitbha&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=b8c059c7-9b05-49fe-beb4-573b9b226d87&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7950164374113191 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash c712ff2cc0578edc184a040b30d83c08c2bef9680d5e078c753b9c1cebd13f6c Request headers Referer https://ouo.press/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:53 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://ouo.press Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 348 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	204	/ Show response hb.emxdgt.com/ Frame 988C	0 154 B	179ms 105ms	XHR text/plain	34.230.196.105 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://hb.emxdgt.com/?t=2000&ts=1647070253134&src=pbjs Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.230.196.105 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-230-196-105.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ouo.press/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ouo.press date Sat, 12 Mar 2022 07:30:53 GMT cache-control no-cache access-control-allow-credentials true access-control-allow-headers security, Content-Type
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 988C	18 KB 11 KB	252ms 209ms	XHR application/json	68.67.178.10 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.178.10 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4e381faad1116760c286e3b1d1155871f44106177e884864b838663860a0f290 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ouo.press/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Date Sat, 12 Mar 2022 07:30:53 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 149.56.153.187; 149.56.153.187; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 55913105-729f-429a-b386-7fcfcc8e01e2 Server nginx/1.21.3 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 988C	19 KB 12 KB	324ms 282ms	XHR application/json	68.67.178.10 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.178.10 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 96826b8194f964a8ce526cf69a7f72ce2d09560698f4aa51bb2457c0df02f925 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ouo.press/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Date Sat, 12 Mar 2022 07:30:53 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 149.56.153.187; 149.56.153.187; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid f628f1ea-29e2-4f8b-be67-da30f483866c Server nginx/1.21.3 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/ Frame 988C	134 KB 36 KB	174ms 35ms	Script application/javascript	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/fiamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software Server / Resource Hash 43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-amz-version-id PkzOLZU8S17VIVcnoP84wAEiDGtgTmz9 content-encoding gzip etag 0e4876665018a306b1c42fb415cdf907 age 32241 x-cache Hit from cloudfront server Server x-amz-rid 1PMBK2CPFCJAERACF66Q date Fri, 11 Mar 2022 22:33:34 GMT vary Accept-Encoding content-type application/javascript via 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop EWR52-C2 accept-ranges bytes timing-allow-origin * x-amz-cf-id uLstlAhcF_9c9IsGaCJuBdAODhVzkR-cNgJnQYESPDEuMbuy421qLw==
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 782D	102 B 134 B	38ms 38ms	Other text/javascript	2607:f8b0:4006:81e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=85AXn53af-oJBEtL2o2WpAjZ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=6x8o0t9dv8wm Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2004 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e9707e0f26dd47c5a91ff3582091109a33aeeb6eac0253ed617fb58bc0be7039 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=6x8o0t9dv8wm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Sat, 12 Mar 2022 07:30:53 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/ Frame 988C	0 305 B	19ms 19ms	XHR text/plain	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 04:47:58 GMT via 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront) server Server age 9775 x-cache Hit from cloudfront access-control-allow-origin https://ouo.press cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop EWR52-C2 x-amz-cf-id GtCk1BzsPZPUM4999gsDhMfzKdo4kiEZj35v8_tR3JiWMKGfszYIfw==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/ Frame 988C	143 B 608 B	117ms 116ms	XHR text/javascript	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2Fnitbha&pid=SFzMhjStt5ZIm&cb=0&ws=728x90&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software Server / Resource Hash 005e7c31addb03a97e907334d08469b75e0a32530a8ca336a079bc716d40c613 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT via 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront) server Server x-amz-cf-pop EWR52-C2 x-amz-rid NF4HWAFD2XBA7AW2Z4HX vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ouo.press access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 143 x-amz-cf-id DuTeohampjvLSVPij999SiQeWe72jUTKU574g85Cyzhe0qUUgOEjCw==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 988C	6 KB 3 KB	64ms 17ms	XHR application/javascript	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 02:01:54 GMT content-encoding gzip vary Accept-Encoding,Origin age 19740 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 02 Mar 2022 02:09:50 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd via 1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop EWR52-C2 content-type application/javascript x-amz-cf-id XlTgzB-aJ37jjlLp_-O98DRS7k4znrylu4qfGqkHCvX4Oq5s9WZfYA==
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame 782D	31 KB 18 KB	125ms 124ms	XHR application/json	2607:f8b0:4006:81e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2004 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 16378ca58c6247da365021d723e5596643c46bef128da03dfb6bf0407e462f86 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=6x8o0t9dv8wm Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-protobuffer Response headers date Sat, 12 Mar 2022 07:30:53 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18176 x-xss-protection 1; mode=block expires Sat, 12 Mar 2022 07:30:53 GMT
POST H2	200	v1 cdn.firstimpression.io/tracking/habit/ Frame 988C	2 B 404 B	143ms 143ms	Ping text/plain	13.33.60.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.firstimpression.io/tracking/habit/v1?b=1 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.60.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-104.ewr52.r.cloudfront.net Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://ouo.press/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 12 Mar 2022 07:30:53 GMT access-control-request-method * x-amz-cf-pop EWR52-C1 access-control-allow-methods OPTIONS, GET, POST content-type text/plain access-control-allow-origin https://ouo.press access-control-allow-credentials true x-cache Miss from cloudfront access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 2 via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) x-amz-cf-id _9dFpy2M30uxlI9x35ejVPKyr1xkm9f9qsL-9gfVSADGICfph712vg==
GET H2	200	render_post_ads_v1.html Show response googleads.g.doubleclick.net/pagead/ Frame F38E	13 KB 5 KB	65ms 19ms	Document text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4980 x-xss-protection 0 date Fri, 11 Mar 2022 08:30:29 GMT expires Sat, 12 Mar 2022 08:30:29 GMT cache-control public, max-age=86400 age 82824 etag 12223946614886178233 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	xbfe_backfill.js Show response googleads.g.doubleclick.net/pagead/ Frame 3022	12 KB 5 KB	67ms 21ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8996d7b9fba17a4ad4880bb154f6b56d33f9ff87ecf4f830bc0488cdc1616f55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 06:35:01 GMT content-encoding gzip x-content-type-options nosniff age 3352 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5307 x-xss-protection 0 server cafe etag 5818309846818389003 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Sat, 12 Mar 2022 07:35:01 GMT
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/224/ Frame 3022	85 KB 29 KB	131ms 10ms	Script application/x-javascript	151.101.129.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/224/trk.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AkamaiNetStorage / Resource Hash c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 12 Mar 2022 07:30:53 GMT Content-Encoding gzip Age 1377144 X-Cache HIT, HIT Connection keep-alive Content-Length 29216 X-Served-By cache-lga21929-LGA, cache-yul12822-YUL Access-Control-Allow-Origin *, * Last-Modified Thu, 24 Feb 2022 08:58:20 GMT Server AkamaiNetStorage X-Timer S1647070254.652247,VS0,VE0 ETag "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631" Vary Accept-Encoding Content-Type application/x-javascript Via 1.1 varnish, 1.1 varnish Expires Fri, 24 Feb 2023 08:58:29 GMT Cache-Control max-age=31536000 Accept-Ranges bytes X-Cache-Hits 1, 15488
GET H/1.1	200 OK	it nym1-ib.adnxs.com/ Frame 3022	0 805 B	56ms 17ms	Image text/html	68.67.179.166 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fouo.press%252Fnitbha&e=wqT_3QL-Bej-AgAAAwDWAAUBCK2YsZEGEIqu-IvW24-wFhgAKjYJH4SAfAkVwD8RMqDNYEK7uT8ZAAAA4FG47j8hMg0SACkRJNAxAAAAQOF6pD8w9PbtBzjuUUDlHkhlUKeiyyVY9p5zYABolNeXAXjQyQWAAQGKAQNVU0SSAQEG8F6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKlxU_qAhhodHRwczovL291by5wcmVzcy9uaXRiaGGAAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cAEucHBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0aQFfYj1BS0FtZi1BaU12YThSb3JsVHk4bk94ZGZWR0M4bHkwak1hMGtmclJsS3NGOHoxbnBuQlJqSnc1MG1zd2V5SFg1bHFaMjBZb1BiN09qWnFfZlhNRUJnYnRSdThpMFlXM0NQQSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMxNjEyMzU3Nzg3MTQyOTg1NDgyIgg3ODgyNzgxNSoEMzk0MToBMMADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODeoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFqq_D5sy67ORfwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwfME-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAkWCQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTMyNTEzMzU5NzU3ugcPCAABKUQgADAAOLQEQADIB9DJBdIHDQkJRQAABUcI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=9ddc7894a9a60d2790a74aee2f5a727527904180 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:53 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 4d3f4b95-b7c3-46a1-986c-27b721de7b7e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3022	0 442 B	87ms 38ms	Image image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-ApYleHEDhD7FpvuRlv2JWYJ0qtu8Bh_Njmirp2EwoZOxz2U8Ev53hYdhqzOsadSp0CTkhmkyHx2M-zjpAR7E0F65hrvA Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 12 Mar 2022 07:30:53 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	iu3 Show response s.amazon-adsystem.com/ Frame 13E5 Redirect Chain https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_cnv_n-Outbrain https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_cnv_n-Outbrain&dcc=t	273 B 1 KB	44ms 43ms	Document text/html	209.54.180.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_cnv_n-Outbrain&dcc=t Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash baa0c2d997d798a7940255f066315ef9b2a09ecc4a3cfb2f83666b97d430adcd Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ Response headers Server Server Date Sat, 12 Mar 2022 07:30:53 GMT Content-Type text/html;charset=ISO-8859-1 Content-Length 273 Connection keep-alive x-amz-rid KG9G6CZ78ASPPEWRXV95 Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Strict-Transport-Security max-age=47474747; includeSubDomains; preload Permissions-Policy interest-cohort=() Redirect headers Server Server Date Sat, 12 Mar 2022 07:30:53 GMT Content-Length 0 Connection keep-alive x-amz-rid SF82DS3BT1MV7SPBVRHF Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_cnv_n-Outbrain&dcc=t Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Strict-Transport-Security max-age=47474747; includeSubDomains; preload Permissions-Policy interest-cohort=()
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/	35 B 133 B	92ms 24ms	Image image/gif	213.174.157.105 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0TouMFCRJgxdBbGcEjnzEIROGLkwAHRjJkWOcqIbEFjDMQWYszMgNEChhgbM8LUsBHjpYwaIhyGqTMGI40YMnCSIXOjJA0zLYHGoBEyDA4xLcKYxKGRTIyiY27ofEjGzkIZMG6MdQinjpiFM2TEqFFjJxw4YGmqdTgHjkQdM3LYgGFDhg2HY9rEzVsjho22O8mYWejXoRg3bsDSoHxDBg2Hbdxc1BFDbdiymjlvhDEDsIg6ctiAtZyjNEXUMjCioUMHzhwdL17YIZPHDJszasbkwePGjIs6btKMeSPHDRw5aQ4GneGCeZsXbFzAQQPnB5weY3R8kQMnDhs1N_Kst6FHzx0bbOxwqQMDxl8yPfiSoZHjKhnEhOrIsINkMCMHGmYYgz77_pqjB7348ssGBu-zQYweLqvssgr_EkO6HmBwwb4YOrQBDhCHSCMKGpqgYg0asrjCiTa0SAOGGrSggg02mKBCCjVkbIKOLNrIQo8mhoDhjiyC1CMLKqqQwUUh0mhCjSqiiCOMJIQ4Qgk7bghiiiHymMGOIoRoYokybjCCihvbqKEKIaIIQokkijDijCHiWEM6GKL4oo4qxCCCCSSSMFEw8GYwDLEaTFyjjDzuaC6_N-p4owQZhoCujDnm4HSIOdBojo5R2UjDjTVE7VRVVkct9dQy3EBoVDPkKKOMUauQgglZTZWDjlpv7dQIXXnt1FdgO5112FplRciO5ZQdItNNO_001FGVo0MMNMIwkQwZ9JNh3BggfLStcWcIcVwaMpzr3PosJKOGHoYIYlwbesB2O11DHfcGfzUFGNQ5VnAiDDrSsKOMFZqQjgw2yhgXhx5o4AqONsBy6A2OPRaBjDc61kGEf7dVKDCGF9oCqC7KksMnHUQk8WPoaLYZBthUWshm2OSwgzDQUKsjDYxquIEGv8bAASQalI6hJDPGAEkMMcYgo6Sw1MKhDBnIEGMGHLhKgzARmMrBBZpcYKu6GHDYyiE5vjgbI7XZtsHtGuCWm6s6wsCoiTf0SIPHMF6oYUQQULhiVZLvmAMEJ6gAwaYRdwDhcTdsoEFzPDxPAYQg4Kr4ijLEWCINOhSf4QYXTGt8CSSoaIIJFkBQdVIQjihjjDXeGH0INOQouYwXclhbRBpwoIztGECYIgwzwojOddhN42oMmkXQl6vmvuAeo-8dYqP7Ipzg6iA7yCtjtc6UNqwG5-2j-wzJGPLMIfa_EEOOheCAf2VoXxveQAawaAQzIzPeRD6mEB0sEDpvwEMeFrJAXTHmZLSxDW50k7KAzeEFXLkD3vgCA66gAW9hQWFdhIYR49GBYc1pQXJY14IYwM4NFuRf9-owhy_skCt0MNlhaHADsdynBjKoSBtk0xnPIRGJOJGB8mCgGPfZ5Qstg-IRk0hFhxBwixUbFgS3MAMaxOwhYsDLyMpQvTqwQSJlOd_PAsOx9smBYWl4w89cgAMbcKQhIhjDaGLQBwUEBA%3D%3D&r=1&s=b495dc4fad6d7334c75005f0fe636d1df62b3967476a22af417a8ad9f7394ac01647070252&w=t&ir=245x208 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.157.105 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type image/gif; charset=utf-8
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/	35 B 132 B	92ms 24ms	Image image/gif	213.174.157.105 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0TouMFCRJgxdBbGcEjnzEIROGbQsEEmxpgZLWbciCGmBQ0xZmS0CKMyJIwaYmDIgIGDDMgxOEQ4DFNnDEYaMWTIqEGGzI2TNMzAOBkjBo0WOcLgMBmGRk4cMTweHXNj50MydhbKyArDhkM4dcQsnCEjRo0aPOHAGVvDRluHc-BI1DEjhw2zMs6KGNOGbt8aMWzImMGTjJmFix2KceNmLA3MNWDAcNjGzUUdMdrSROsZdIwcMGYMriOHzdgbZHHAoOGwjgyMaOjQgTNHx4sXdsjkMcPmjJoxefC4MeOijps0Y97IcQNHTpqDQme4kN7mBRsXcNDA-QGnxxgda2jGuFMHTQ74Z758uXHmjg0udTYLJtMDcJmYDiLJoBzMGAOuGcaQgQwxciojv_1smKMHvwBbDD_9ZrJBjB5kwIwGzWCAUEMxsOsBBhdgiGFEweAwcYg0oqChCT2ikEELIoxQo4k8YNDDCT2MSIMJKqRIQws1kqAjiyuyyINHGO5w4ook7mhCjSBo0OIIGrPQ44wo8qBjDiGOUMKOG4KYYog8ZrCjCCGaSKKMG4ygQo0q2tCiCiGiCEKJJIow4owhsnBDCTqICOKLOqoQgwgmkEiCRRsKM2-GxBabgdI1ysjjjun6e6OON0qQYQjryphjDlOHmAON6eholY003FiD1VNptbXVV2Mtww2EWjVDjjLKaLUKKZjgFVY56Pg12FONINbYU5FV9tRem_2VV4TsiI7aIUYt9dRUV20VOjrEQCMMSsmQwT8Z2o2BwkwZa3eGE9uloUO72mq3hh6GCKJdG3oQNzxiV233BoNJRVjVOVZwIgw60rCjjBWawI4MNh7MkD8ceqDhKzjaGMuhN0o-WQQy3jBZBxEOLlchh8ageKEtguoCLTl-0gFFFVG2zmegKRIhpYWKdkgOOw4jTYQ66kgDoxpu4EiGnMw4qeoYTjJQazEaJOMkmtrCoYwFxZhBJ4fSOEyEp3JwwS4X3touBhy8WvoLtzGKe24b6q7h7ry_qiMMjJp4Q4802GAjjBdqSBEEFK6oteU75gDBCSpAiAHoHUCw3A0baAgdj9JTACGIuTq-ogwxlkiDjshHcmE1ypdAgoommGABBFo7BeGIMsZY4w3Vh0BDDpfLeAG-FF2gAQfM5o4BhClaCuO62m-43YavxvBZBIG_mu4L8TEq3yE2xi_Cia8OsuMLYl8LrerEaqB-s6XPsIwh0ThEfl8QgxwWggMBlmF-bXgDGcaSldqwjHkTQZlCdBBB67wBD3lYSASJBRmY6YY3vgGOzBI2hxd85Q5-AwwMvoIGv9HEhXlhGkaYRweKTacFz5ldC2LgPTdwUIDjq8McvhDEr9DhZYqhwQ1g4ESiyKAibcBNaErnRCjWQAbw4QxY6KcqOHzhZlZs4hNnokWeiIEvLCuDGXrCBomgpX0UJEzJ5icHiqXhDUlzAQ5skLfBjOE0MeiDAgIC&r=1&s=c67063da028cd40e965dde45abab5d1a6040f512210f8da3bedbab4e7f7628c11647070252&w=t&ir=245x208 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.157.105 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type image/gif; charset=utf-8
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 3022	78 KB 30 KB	84ms 34ms	Script text/javascript	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c384d6a26d7823837e32feb5272777599c4778aa06b82336920e6ca44def9b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29966 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1646830768665922" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 12 Mar 2022 07:30:53 GMT
GET H/1.1	200 OK	rd_log Show response nym1-ib.adnxs.com/ Frame 3022	0 805 B	27ms 26ms	Script text/html	68.67.179.166 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fouo.press%2Fnitbha&e=wqT_3QKALOgAFgAAAwDWAAUBCK2YsZEGEIqu-IvW24-wFhgAKjYJH4SAfAkVwD8RMqDNYEK7uT8ZAAAA4FG47j8hMg0SACkRJNAxAAAAQOF6pD8w9PbtBzjuUUDlHkhlUKeiyyVY9p5zYABolNeXAXjQyQWAAQGKAQNVU0SSAQEG9I4BmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACpcVP6gIYaHR0cHM6Ly9vdW8ucHJlc3Mvbml0Ymhh8gIMCgZIRUlHSFQSAjkw8gIMCgVXSURUSBIDNzI48gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIXCgpJRlJBTUVfS0VZEgkxNjUwNTY4MzDyAp0QCgtQUkVfU0NSSVBUUxKNEDxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjsvKgoKIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCmZ1bmN0aW9uIGsoYil7a1siICJdKGIpO3JldHVybiBifWtbIiAiXT1mdW5jdGlvbigpe307EQ1sIGwoKXt2YXIgYj1kb2N1bWVudC5jdXJyZW50UwX88EA7cmV0dXJuKGI9dm9pZCAwPT09Yj9udWxsOmIpJiYiNzciPT09Yi5nZXRBdHRyaWJ1dGUoImRhdGEtamMiKT9iOhVXPHF1ZXJ5U2VsZWN0b3IoJ1sNJQA9AUQQXScpfTsBhyhuPVJlZ0V4cCgiXkUF8Dw_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7CmZ1bmN0IRUAcBXgAGgFYQxjPVtdBQkEZT0Bxgg7ZG8F_xhhPWI7dHJ5BQwsZDtpZihkPSEhYSYmASRQIT1hLmxvY2F0aW9uLmhyZWYpYjp7AS2QayhhLmZvbyk7ZD0hMDticmVhayBifWNhdGNoKG0pe31kPSExfQHWCGc9ZBkXAGcBFgxpZihnKXkAZj5eABA7ZT1hLjE2BCYmGQwoLnJlZmVycmVyfHwBlyR9ZWxzZSBmPWUsDctMYy5wdXNoKG5ldyBxKGZ8fCIiKSkF1RRiPWEucGEh1BmGAGIF__BAfX13aGlsZShiJiZhIT1iKTthPTA7Zm9yKGI9Yy5sZW5ndGgtMTthPD1iOysrYSljW2FdLmRlcHRoPWItYTthPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHAANawA9HXUAKQmGDDE7YjwRikw7KytiKWY9Y1tiXSxmLnVybHx8KAUILkIBOnYAFFtiLQoxXSEMGCxmLmg9ITAB4ykiAGgZqyHVFCwhMSk7ZiUWJQIEZT0yBAEgMDw9ZTstLWUpIbpEPWNbZV0sIWYmJm4udGVzdChnAY8gKSYmKGY9ZyksBQ4oJiYhZy5oKXthPWdJGwB9DV0AZRXmBCYmAcwBOwQ7MEFlAGQhWggmJmUFSAEbCCk7YwWtFHIoYSxmKW2LGCBjLmc_Yy4FZQw6Yy5pAUAAfXXQMHIoYixjKXt0aGlzLmlB1QEJCGc9YxkiAHEdIgh1cmwRJBRoPSEhYzsFLwWIJQoEfTsVWQB0dUl4cCgpLGM9Yi5pbmRleE9mKCI_Iik7c2V0VGltZW91dC4tBUH9AGWZOhhlPy4wMTplQTVEIShNYXRoLnJhbmRvbSgpPmUpaQ8MYT1sKCGkACJl_zQ6Ly8iKyhhJiYidHJ1ZYFrBGEuUmsEaC1yY2QiKT8icGFnZWFkMi5nb29nbGVzeW5kaWm5IC1jbi5jb20iOmYjAAUgDCkrIi8JRXgvZ2VuXzIwND9pZD1qY2EmamM9NzcmdmVyc2lvbj0ihUUMZD0oZAGxDCkmJmRamQANMTAiKXx8InVua25vd24iYeNcK2QrIiZzYW1wbGU9IitlO2E9d2luZG93IR00ZD1hLm5hdmlnYXRvcikyDgBQLnVzZXJBZ2VudCxkPS9DaHJvbWUvSYUgZCkmJiEvRWRnGREcPyEwOiExO2RhfRVRLC5zZW5kQmVhY29uPx1oHRcYKGUpOgooYS1GQF9pbWFnZV9yZXF1ZXN0c3x8XhoAED1bXSksAa6RvgQsZDn8BGQ_ERY8OmQsZD1kLmNyZWF0ZUVsZcF1PCgiaW1nIiksZC5zcmM9ZSxafACJ4hhkKSl9fSwwdRFcMDw9Yz9iLnN1YnN0cmluZygwLGMpOmJ9KVEQLnJmbD1RxwgoKXvJ0fBMIGVuY29kZVVSSUNvbXBvbmVudCh0KCkpfTt9KS5jYWxsKHRoaXMpOwo8L3NjcmlwdD7yAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhwwxwb3NpwSJkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIAH7VfhJhUrKAkGnDR4uowIUYXdiaWQmBQbwwl9iPUFLQW1mLUFwWWxlSEVEaEQ3RnB2dVJsdjJKV1lKMHF0dThCaF9Oam1pcnAyRXdvWk94ejJVOEV2NTNoWWRocXpPc2FkU3AwQ1RraG1reUh4Mk0tempwQVI3RTBGNjVocnZBIiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIiBzdHlsZT0iZGlzcGxheTpub25lIj48L2Rpdj7yApkBCgxQT1NUX1NDUklQVFMSiAE8c2NyaXB0IHNyYzkIacpQYWRzLmcuZG91YmxlY2xpY2submV0MQY8eGJmZV9iYWNrZmlsbC5qcwFlLbUAPA0InZUoIHtyM3B4KCcxNjUW-gkcJyk7fSkoKTs96liCEwoQSE9TVF9QT1JUX1BBUkFNUxLtEpGUipQA8H1hZGZldGNoP2Fkaz0yNzQwMjgyNjg5JmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD03Mjh4OTBfYXMmaXA9MTQ5LjU2LjE1My4xODcmb3V0cHV0PWh0bWwmdW52aWV3ZWRfcG9JiyBfc3RhcnQ9MSah5xG8PlQLECZzdWJfDYkAYkGP9AYEci00MzYzMTg5JmhsPWVuJmFjZWlkPU1HY1h0QURHR3JRQWJ4dTBBUGxWTkFINldEUUJzV3MwQWVWdU5BR0JjRFFCbkhFMEFjRnhOQUZSY2pRQldYSTBBYWh5TkFISWNqUUJOWE0wQVVoek5BRndjelFCZkhRMEFYOTBOQUd0ZERRQnpYUTBBZUowTkFIb2REUUI3SFEwQWUxME5BSHZkRFFCX25RMEFRSjFOQUVHZFRRQkQzVTBBUkIxTkFFZGRUUUJLWFUwQVVCMU5BRkxjMEVCVTNOQkFRRjVRUUZBOTRnQ2hELXFBaWRDcWdJb1Fxb0NLVUtxQWlaTnFnSWJVYW9DeldHcUFwYVZxZ0tBbTZvQ2dadXFBb0ticWdKTm9Lb0NzNlNxQXFLb3FnTGlxYW9DTEt5cUFncXZxZ0lEdjZvQ1JjQ3FBbmpDcWdLb3hLb0NZczJxQWhUUnFnTEcwYW9DUjlXcUFtX1hxZ0oxMnFvQ290MnFBbF9ncWdLODQ2b0N3LU9xQXFEbHFnTGE2S29DQU9tcUFyanBxZ0wxNmFvQ09lcXFBajdxcWdKOTZxb0M2ZXFxQXFEcnFnTEU2Nm9DbE95cUFwenNxZ0s4N0tvQ1llLXFBakh3cWdMbjhLb0MyZkdxQWtieXFnS0s4cW9Dbl9LcUFxRHlxZ0lDODZvQ3dQT3FBaVAwcWdKeDlLb0NpX1NxQWlUMXFnS0s5YW9DOVBXcUF2cjFxZ0tIOXFvQ25QYXFBdFgycWdJSi1Lb0NaX2lxQWpYNnFnTGktcW9DWV91cUFoajhxZ0llX0tvQ0tQeXFBa3I4cWdKc19Lb0NoUHlxQW9iOXFnS1FfYW9DNGYycUFtUC1xZ0xXSmhBRHVyUEZCZnBDM0FrbVJnRU5qNHFmRHA5RzRoSWh4ZnNTQnNuN0VuSFAteEsyMXZzU3FOcjdFcnJjLXhKXzZ2c1NCZTM3RWtIdC14Snk3ZnNTbS0zN0VxcnYteEtfOHZzU0J2VDdFaGYwLXhLSzlQc1NudlQ3RXJEMC14TGs5UHNTS19YN0VsWDEteEozOWZzU2d2WDdFcG1pNmhUNlZtc2E2N1c5YVEmZXhrPTE2NTA1NjgzMCZhd2JpZF9jPUFLQW1mLUI0SWlLblRONnFUbVRiV3R4c1preGtkeXF0ZDlzT2wxNVJZNUpGN0F1UVR3bFY3aUtLM0JDVVl0eXdfNncwMElEc3VUVGo4bUVMVDE3cGxWd0NyT2Q2SUtETnM4VlloYXZFSXpJS01tdzVvdjhBSlJoeEZKT3N5N0R0dEpab2lOS1U3ZE1vSG5NMVhtTmZyYWFzeTF0eW9raVBJWWVPeGRnUXgtV09pOGpqbXI4U0o3USbJSgBkzUr0vAVDdW1ld0JfWnVDUEd2RFFDY244NklMTFdRQ3NUQy0wV0FySUNOdnZ1U2x6WVJrWDdpZHNOTzN4Ykh1cFVUYlB2b0FSYXlXSWY1WGlKbGR2TUstTlNnOWV4TDJHRzN0TnFXb2lMSEFkYm9WOHRBdnVRY3RSSnV2OG9UeHNSdF82TzZ5WG1NcHI4ZUJlOHJDdDdNTEMyWldudVVpV3UtQXpyY3RyWFhRWGtDYVBneGdDakJIWnNCbTJpTk1Tc0pMVDVxczJ0Wkc0NWR6NU9nQndaREtMbS1EdVFabGc4bmFsUkRvZlhOQUc1dy1aY2Zsakk3bkd5Y0ZLWExQRl9qZWNPVWE5VFpnWTNoNFdMdFRMSVo5RFJCaWd5bElFMkphRnNiaVpmeE55U0Ntbm1XMnR5d2xyYXA5S1dSLXFCclJPdGt0MkIzdURwNlV5RVZESUZZWVF5Z2tDUlNjZmExMFZ0LTRBMnZySGNhRG5Nbm1hSFNJdDRjaXhGQllYMm5jbGs4dm1VMThNUVZ0Qjl4RzBXSlEyWDJGUXFxX2RISnlaRjVkSE82Y3hfRnZRNi1aam5FOHAxV3Jfd0tQdnFLQlJYM0tYVWctYjNrSnR3d3lGaThMWU5ubDVhMG1XMGlBdVAxNFY4Y3JjaXRpb1V0UWllQXRrbkJtSmY4N3BTbk5mWDRXQU1WbEJPSXAzbGhORUdvWDItZUpVVFpQQlZHNXRHOFNCTzFKN0lJTnhrZGIxMVN3U0VuUHBiZVlBMHg3RlJMTkZ1amVJdzFiaXlia1AwLWg2RHNGZlU0TWZjcW1JZjN5elQzUXA4OXFsd0ttTHVMdF9qNzZjVWZyQ0RqTTJUNG5CNldMOGpyaGhfZXh5ZUMtX3BSVGFBRXZsaUF5dDltdFZhV0ZIRG1reG5HZHU0aUJHbmlUbFlzalJWalE2Z1l4N19KVVlhZ1lqdUl1aDdyXzF3VG9BLVlQd0xib0l0NnVXWDNQWDNhemRBTG16YjdyV2RCc1BiWFIyT2NnRFZ3eVlvWXgxWU5HSmd1MUxaX2trM2JQNnZ4aTU2d3hIRjd6WER1S2pqTW5UTHZDSnhNSk5haHpJOWlJZlJvZDNub2p3LWhyaGRVaTQ2d3ZMc2hiRVpHRzg4ZFlEcURJNi0wQXQtSnRnMDdDakxRRzRVR0hSdVZCalZSTlNwakdDWDhhZFlLbGpOdnRFNW55S2ktQ0xjeEJHU1lib2dqUXdxZXRXUDM2OVhycVRXUUNlNzB1bms4bmx3Z1FsUHpsLXR0N29lenpDTGRNbEtHSzdsMVVKdEFacjlaeTllOFJ3Y2JsbTRqakljc25tcUN3dU9fREluUmlyc3pRYlZDRFgydzdYWkhqQXh4YnZuYWNCLVFSaGo1RUFWMW1NWVhoLWRRLURiTDhJVW82aFRTMjJ2SG5wRmg2akphOUV0Sm1fc1hhbFlHOWZkQk9KZllRQXRpUEdBQW1zYS1rZXcmY2lkPUNBQVNCT1Jva2dJJmFfY2lkPYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODeoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFqq_D5sy67ORfwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwfME-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMjUxMzM1OTc1N7oHDwgAEAAYACAAMAA4tARAAMgH0MkF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfE_weKCAIQAA..&s=202beeb68cd6bd6ed48117706fbd3a387edc1577&bdref=https%3A%2F%2Fouo.press%2Fnitbha&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fouo.press%2Fnitbha,https%3A%2F%2Fouo.press%2Fnitbha,https%3A%2F%2Fouo.press%2Fnitbha& Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:53 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 9d023d69-5db6-45ad-9860-6f1fd24231ad Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	200	adfetch Show response googleads.g.doubleclick.net/pagead/ Frame F38E	97 KB 32 KB	135ms 107ms	XHR text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adfetch Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 923dfcaea2d5fc404676e7b7f323d1f3878bd3db602f6285b8413b3c7d9b5d34 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 12 Mar 2022 07:30:53 GMT content-encoding br x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33251 x-xss-protection 0
POST H/1.1	200 OK	vevent nym1-ib.adnxs.com/ Frame 3022	0 821 B	33ms 31ms	Ping text/html	68.67.179.166 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2Fnitbha&e=wqT_3QL-Bej-AgAAAwDWAAUBCK2YsZEGEIqu-IvW24-wFhgAKjYJH4SAfAkVwD8RMqDNYEK7uT8ZAAAA4FG47j8hMg0SACkRJNAxAAAAQOF6pD8w9PbtBzjuUUDlHkhlUKeiyyVY9p5zYABolNeXAXjQyQWAAQGKAQNVU0SSAQEG8F6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKlxU_qAhhodHRwczovL291by5wcmVzcy9uaXRiaGGAAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cAEucHBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0aQFfYj1BS0FtZi1BaU12YThSb3JsVHk4bk94ZGZWR0M4bHkwak1hMGtmclJsS3NGOHoxbnBuQlJqSnc1MG1zd2V5SFg1bHFaMjBZb1BiN09qWnFfZlhNRUJnYnRSdThpMFlXM0NQQSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMxNjEyMzU3Nzg3MTQyOTg1NDgyIgg3ODgyNzgxNSoEMzk0MToBMMADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODeoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFqq_D5sy67ORfwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwfME-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAkWCQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTMyNTEzMzU5NzU3ugcPCAABKUQgADAAOLQEQADIB9DJBdIHDQkJRQAABUcI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=9ddc7894a9a60d2790a74aee2f5a727527904180&type=nv&nvt=5&jm=1003&px=436&py=2108&bw=728&bh=90&sid=3364414251122456819&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=16481140&sw=1600&sh=1200&pw=1600&ph=1830&ww=1600&wh=1200&ft=2 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/224/trk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:53 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 7db45f2b-d501-416d-819a-79335f299d59 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	pr Show response s.amazon-adsystem.com/v3/ Frame 2930	900 B 1 KB	27ms 26ms	Document text/html	209.54.180.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_cnv_n-simpli.fi_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_cnv_n-Outbrain&dcc=t Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash b343f91d98a1eac4b99bb4c436a8a709b01281c6f396c234befc4f0267301117 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_n-simpli.fi_rbd_cnv_n-Outbrain&dcc=t Response headers Server Server Date Sat, 12 Mar 2022 07:30:53 GMT Content-Type text/html;charset=ISO-8859-1 Content-Length 900 Connection keep-alive x-amz-rid S1NH8E54G205SG5WGP7Y Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Strict-Transport-Security max-age=47474747; includeSubDomains; preload Permissions-Policy interest-cohort=()
GET H2	204	/ s.ad.smaato.net/c/ Frame 2930	0 240 B	72ms 19ms	Image text/plain	2600:9000:20ed:fc00:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_cnv_n-simpli.fi_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ed:fc00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT via 1.1 534fd2eebbd6707fdf4614c97949ccac.cloudfront.net (CloudFront) server CloudFront cache-control no-cache, must-revalidate x-amz-cf-pop PHL50-C1 x-amz-cf-id 4CAjF7gyXwgzvKqAh3r1LuOn3dIJCmeiKId04bQrYsnMPB9SGdeAvg== x-cache FunctionGeneratedResponse from cloudfront
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 2930 Redirect Chain https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D https://s.amazon-adsystem.com/ecm3?id=803B1BAD1485436ABFE1A0E19DC80B24&ex=simpli.fi&status=ok	43 B 556 B	30ms 29ms	Image image/gif	209.54.180.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=803B1BAD1485436ABFE1A0E19DC80B24&ex=simpli.fi&status=ok Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_cnv_n-simpli.fi_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Server 209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:53 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 0XF3395CQBW2TJ8SA3WN Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Sat, 12 Mar 2022 07:30:53 GMT x-content-type-options nosniff server nginx location https://s.amazon-adsystem.com/ecm3?id=803B1BAD1485436ABFE1A0E19DC80B24&ex=simpli.fi&status=ok strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 138 expires Fri, 11 Mar 2022 07:30:53 GMT
GET H/1.1	200 OK	ecm3 Show response s.amazon-adsystem.com/ Frame 9569 Redirect Chain https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=4b74ba707bc51214&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGayclF-yEBAMZHo5lAAAAAAA&expiration=1647156653&is_secure=true	43 B 556 B	30ms 30ms	Document image/gif	209.54.180.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGayclF-yEBAMZHo5lAAAAAAA&expiration=1647156653&is_secure=true Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_cnv_n-simpli.fi_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Server Server Date Sat, 12 Mar 2022 07:30:53 GMT Content-Type image/gif Content-Length 43 Connection keep-alive x-amz-rid ZNNVC10ZFMXVF9W5KK7Q Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Strict-Transport-Security max-age=47474747; includeSubDomains; preload Permissions-Policy interest-cohort=() Redirect headers server nginx date Sat, 12 Mar 2022 07:30:53 GMT content-length 0 cache-control no-cache, private, max-age=0, no-store expires 0 pragma no-cache p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGayclF-yEBAMZHo5lAAAAAAA&expiration=1647156653&is_secure=true
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 936D	281 B 554 B	120ms 22ms	Document text/html	104.107.5.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_cnv_n-simpli.fi_rbd_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-107-5-93.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 14 Dec 2021 23:07:59 GMT ETag "402b2-119-5d32342a551c0" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 12 Mar 2022 07:30:53 GMT Connection keep-alive Vary Accept-Encoding
GET H3	200	css fonts.googleapis.com/ Frame F38E	8 KB 892 B	66ms 37ms	Stylesheet text/css	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 12 Mar 2022 05:58:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 12 Mar 2022 07:30:53 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Mar 2022 07:30:53 GMT
GET H2	200	load_preloaded_resource.js Show response tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame F38E	2 KB 1 KB	95ms 26ms	Script text/javascript	2607:f8b0:4006:80d::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 647367edb473a569f80c0fb035ec50908b0b37e995c63663c02552079b974e76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:19:06 GMT content-encoding gzip x-content-type-options nosniff age 707 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 985 x-xss-protection 0 server cafe etag 15191321979658692665 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Mar 2022 07:19:06 GMT
GET H2	200	abg_lite.js Show response tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame F38E	25 KB 10 KB	85ms 19ms	Script text/javascript	2607:f8b0:4006:80d::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 06:50:00 GMT content-encoding gzip x-content-type-options nosniff age 2453 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9657 x-xss-protection 0 server cafe etag 5177785407398320510 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Mar 2022 06:50:00 GMT
GET H2	200	window_focus.js Show response tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame F38E	2 KB 1 KB	93ms 27ms	Script text/javascript	2607:f8b0:4006:80d::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:00:55 GMT content-encoding gzip x-content-type-options nosniff age 1798 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1235 x-xss-protection 0 server cafe etag 218260476562286327 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Mar 2022 07:00:55 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F38E	117 KB 36 KB	75ms 49ms	Script text/javascript	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36343 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1646830771070120" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 12 Mar 2022 07:30:53 GMT
GET H2	200	qs_click_protection.js Show response tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame F38E	18 KB 7 KB	88ms 22ms	Script text/javascript	2607:f8b0:4006:80d::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9f0d1ecd1c493936469349b254e5512be76e360e8166156f90bf7a2db6447e28 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:11:33 GMT content-encoding gzip x-content-type-options nosniff age 1160 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7506 x-xss-protection 0 server cafe etag 16942930183375072722 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 26 Mar 2022 07:11:33 GMT
GET H3	200	fe9da7aa0999c4a2d4b3c5b39152b5e5.js Show response www.gstatic.com/mysidia/ Frame F38E	38 KB 14 KB	21ms 21ms	Script text/javascript	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fe9da7aa0999c4a2d4b3c5b39152b5e5.js?tag=mysidia_one_click_handler_one_afma Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6d9b75c8bfff970514a3abee8755ef593266d8c7a95d41d5666077af34577390 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 10 Mar 2022 11:38:59 GMT content-encoding gzip x-content-type-options nosniff age 157914 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14630 x-xss-protection 0 last-modified Thu, 03 Mar 2022 10:04:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 08 Jun 2022 11:38:59 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame F38E	0 20 B	40ms 39ms	Image text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C6Wq6LUwsYvP5EcqJoPwP3-eewALd0pGHaMnS7-HND6uy9P0IEAEg5pfWJWB9oAG234LCAsgBAakCA2mU76sJTD6oAwHIA8sEqgTHAU_QFaddV0M6Q6Mb3u7vsdMQ8Wgs1G_miewtRLV5ECrzvua3Gdu3BkXahbQKjppnPXOpIDupLen2Znyntez8YDPGLLe8bdcOXWf34KOZ_gat03AEbx45b7zgJAwGEOMZ3MFtBgsF9VDE33vZS84qbFMQXmgytczbxj9KK6Ff-KHrn31Ra9iHN_gC1mj4N1qpM95HXdD0mwbOaswd8KJp_Nq1TIws7xodzSJgkc-Gd8Dl5JhP24AjUioIgFoZlvjQdmmLLhI6w4jABI3PpdPtA5IFBAgEGAGSBQQIBRgEgAeyoP29AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB0ggHCIBhEAEYAPIIDmJpZGRlci00MzYzMTg5gAoEyAsB0BUBgBcBshcICgYIABIAGAA&sigh=67ubcxw5yRM&uach_m=[UACH]&pr=10:0.125642&vis=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Sat, 12 Mar 2022 07:30:53 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Sat, 12 Mar 2022 07:30:53 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4ED3	143 B 163 B	20ms 19ms	Document text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Response headers x-content-type-options nosniff content-encoding gzip server cafe content-length 145 x-xss-protection 0 date Sat, 12 Mar 2022 06:54:55 GMT cache-control public, max-age=3600 content-type text/html; charset=UTF-8 age 2158 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame F38E	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ce1051fefbd97096b04e4697451c20fd8b9699fa58612f8dea633be718c8f9e6 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 936D	32 KB 10 KB	18ms 18ms	Script text/html	104.107.5.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-107-5-93.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash c2f60329fdefedb1b553e75712f65b0940db33b7c4ec833617e3defeb893cc29 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 12 Mar 2022 07:30:53 GMT Content-Encoding gzip Last-Modified Wed, 02 Mar 2022 16:28:01 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=80100 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9538 Expires Sun, 13 Mar 2022 05:45:53 GMT
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v42/ Frame F38E	28 KB 28 KB	48ms 20ms	Font font/woff2	2607:f8b0:4006:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 22:44:53 GMT x-content-type-options nosniff age 290760 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28328 x-xss-protection 0 last-modified Tue, 01 Mar 2022 21:57:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Mar 2023 22:44:53 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 4ED3 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 18 B	35ms 35ms	Document text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Sat, 12 Mar 2022 07:30:54 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 12 Mar 2022 07:30:54 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Sat, 12 Mar 2022 07:30:53 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response pagead2.googlesyndication.com/bg/ Frame BCF9	35 KB 14 KB	45ms 19ms	Script text/javascript	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Requested by Host: ouo.press URL: https://ouo.press/nitbha Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 01:18:01 GMT content-encoding br x-content-type-options nosniff age 22373 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13820 x-xss-protection 0 last-modified Tue, 01 Mar 2022 17:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 12 Mar 2023 01:18:01 GMT
GET H2	200	publishertag.prebid.113.js Show response static.criteo.net/js/ld/ Frame 988C	85 KB 27 KB	74ms 25ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.113.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:55 GMT content-encoding gzip last-modified Wed, 08 Sep 2021 12:50:31 GMT server nginx etag W/"6138b197-1532d" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 13 Mar 2022 07:30:55 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 4436	13 KB 5 KB	76ms 25ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 2098 date Sat, 12 Mar 2022 07:30:54 GMT content-length 5145 strict-transport-security max-age=31536000; preload;
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame 988C	97 KB 31 KB	90ms 44ms	XHR text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:55 GMT content-encoding gzip last-modified Fri, 25 Feb 2022 21:31:17 GMT server nginx etag W/"62194aa5-18342" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 13 Mar 2022 07:30:55 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 4436 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=0&topUrl=ouo.press&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=JATYpXx1dVhDSTROOTlzV0NsbTRjRWkrOFNJWmJrekxaRTlyZEYrellrQWVRRFV4MnJwWGdMVzlEU29LRVdKcGN2ekE2dTEzQUtmQXRpbi9ySTlXbFAvQm5IYWtsOXBTM2lZdHpRbXpLVHdnaytnRHEreVVFdW45ZDJNR3...	425 B 632 B	367ms 25ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=JATYpXx1dVhDSTROOTlzV0NsbTRjRWkrOFNJWmJrekxaRTlyZEYrellrQWVRRFV4MnJwWGdMVzlEU29LRVdKcGN2ekE2dTEzQUtmQXRpbi9ySTlXbFAvQm5IYWtsOXBTM2lZdHpRbXpLVHdnaytnRHEreVVFdW45ZDJNR3d0OTU2UEdLeFZVa3o4bUIrRGg3Y3YweW1UVUorejJaWTBIQ21mUTU2SENzVkZhQmVodnFOWTF3aW94S0s2NjU2Q3BpZkdNQlRCenVLMStnejY3SXh2Tld4UmZhakcxa2pmWTJMd2RjK1RjQmZUSDBNSitvMjN1cFJuelpVNE5GVWl5Qi9Jc3JyNUp4dHB6dmEzTEN5ZU5Qa25DZ1Z0UT09fA&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash e4ca65971f5bb49cde67a7587947d5935879fafb952873744ca40947dbdd434b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language en-CA,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 12 Mar 2022 07:30:55 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 4137 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Sat, 12 Mar 2022 07:30:55 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=JATYpXx1dVhDSTROOTlzV0NsbTRjRWkrOFNJWmJrekxaRTlyZEYrellrQWVRRFV4MnJwWGdMVzlEU29LRVdKcGN2ekE2dTEzQUtmQXRpbi9ySTlXbFAvQm5IYWtsOXBTM2lZdHpRbXpLVHdnaytnRHEreVVFdW45ZDJNR3d0OTU2UEdLeFZVa3o4bUIrRGg3Y3YweW1UVUorejJaWTBIQ21mUTU2SENzVkZhQmVodnFOWTF3aW94S0s2NjU2Q3BpZkdNQlRCenVLMStnejY3SXh2Tld4UmZhakcxa2pmWTJMd2RjK1RjQmZUSDBNSitvMjN1cFJuelpVNE5GVWl5Qi9Jc3JyNUp4dHB6dmEzTEN5ZU5Qa25DZ1Z0UT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1839 content-length 541 expires 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F38E	42 B 64 B	67ms 40ms	Fetch image/gif	2607:f8b0:4006:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFdnZyLfegaX58LUC5vm5WDsn5f7eVTCbJ3Lx3KS4QFy3QNOeWgBPBMEdaim4FcjhDMaThDrUk056OmltQs5Dd2NC9FoLlViYsU7pd3IjgaEeZIlc&sig=Cg0ArKJSzIIZsmlpWjYgEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=933,983,1000,1016,1034&tos=933,50,17,16,18&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2740282689&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647070253524&rpt=530&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80b::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 12 Mar 2022 07:30:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	vevent nym1-ib.adnxs.com/ Frame 3022	0 821 B	34ms 33ms	Ping text/html	68.67.179.166 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2Fnitbha&e=wqT_3QL-Bej-AgAAAwDWAAUBCK2YsZEGEIqu-IvW24-wFhgAKjYJH4SAfAkVwD8RMqDNYEK7uT8ZAAAA4FG47j8hMg0SACkRJNAxAAAAQOF6pD8w9PbtBzjuUUDlHkhlUKeiyyVY9p5zYABolNeXAXjQyQWAAQGKAQNVU0SSAQEG8F6YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKlxU_qAhhodHRwczovL291by5wcmVzcy9uaXRiaGGAAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cAEucHBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0aQFfYj1BS0FtZi1BaU12YThSb3JsVHk4bk94ZGZWR0M4bHkwak1hMGtmclJsS3NGOHoxbnBuQlJqSnc1MG1zd2V5SFg1bHFaMjBZb1BiN09qWnFfZlhNRUJnYnRSdThpMFlXM0NQQSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMxNjEyMzU3Nzg3MTQyOTg1NDgyIgg3ODgyNzgxNSoEMzk0MToBMMADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODeoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFqq_D5sy67ORfwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFwfME-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAkWCQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTMyNTEzMzU5NzU3ugcPCAABKUQgADAAOLQEQADIB9DJBdIHDQkJRQAABUcI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=9ddc7894a9a60d2790a74aee2f5a727527904180&type=pv&jm=1003&px=436&py=2108&bw=728&bh=90&sf=1&sid=3364414251122456819&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=16481140&ft=2 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/224/trk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:55 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 313e272f-e4bb-4562-b7e4-577195ba107f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 4716	52 KB 17 KB	144ms 36ms	Document text/html	69.192.109.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 69.192.109.37 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a69-192-109-37.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ Response headers Server nginx/1.18.0 (Ubuntu) Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Access-Control-Allow-Origin * Content-Type text/html Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Sun, 13 Mar 2022 07:30:58 GMT Date Sat, 12 Mar 2022 07:30:56 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 2FAC	281 B 554 B	19ms 19ms	Document text/html	104.107.5.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-107-5-93.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 14 Dec 2021 23:07:59 GMT ETag "402b2-119-5d32342a551c0" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 12 Mar 2022 07:30:56 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	check.html Show response biddr.brealtime.com/ Frame C279	926 B 1 KB	110ms 42ms	Document text/html	104.17.119.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://biddr.brealtime.com/check.html Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://ouo.press/ Response headers Date Sat, 12 Mar 2022 07:30:56 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive x-amz-id-2 VPtfoj4e5EKl7OIgJLVoawi5a5fg+C9MQRnjU7UGdwDoKO2ajIXYrkvu6DUKLT6Ma+2Daqm3eCk= x-amz-request-id 548KD6800BTQBYVN Last-Modified Tue, 08 Sep 2020 13:51:51 GMT CF-Cache-Status HIT Age 281 Expires Sat, 12 Mar 2022 08:30:56 GMT Cache-Control public, max-age=3600 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Server cloudflare CF-RAY 6eaad3cf69980cc5-EWR Content-Encoding gzip
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 2FAC	32 KB 10 KB	21ms 21ms	Script text/html	104.107.5.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-107-5-93.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash c2f60329fdefedb1b553e75712f65b0940db33b7c4ec833617e3defeb893cc29 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 12 Mar 2022 07:30:56 GMT Content-Encoding gzip Last-Modified Wed, 02 Mar 2022 16:28:01 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=80097 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9538 Expires Sun, 13 Mar 2022 05:45:53 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 4716	0 745 B	145ms 144ms	Script text/html	68.67.178.10 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.178.10 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:56 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com AN-X-Request-Uuid 855cc87e-be1e-4824-9051-03de842f6212 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 2FAC Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBQip6p1gk1BW3ivrBgxAG8&google_cver=1	42 B 690 B	93ms 24ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBQip6p1gk1BW3ivrBgxAG8&google_cver=1 Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost e1bddfc34a927e97bda010c0d8a62b62 Content-Type image/gif Redirect headers pragma no-cache date Sat, 12 Mar 2022 07:30:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBQip6p1gk1BW3ivrBgxAG8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	422 Unprocessable Entity	tap.php pixel.rubiconproject.com/ Frame 2FAC Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/EaZOn-iMlVsze8COIJ686w?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8574701324227558603	0 0	23ms 23ms	Image text/plain	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8574701324227558603 Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers date Sat, 12 Mar 2022 07:30:56 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8574701324227558603 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff
GET H2	200	setuid px.ads.linkedin.com/ Frame 2FAC Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0NJ3P2Y-N-A19X	0 573 B	316ms 66ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0NJ3P2Y-N-A19X Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:56 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 2B57F9E7905C45F4AE9356C342CC66FB Ref B: YTO01EDGE0812 Ref C: 2022-03-12T07:30:56Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAXaAG2WtudKC4uL+/y2BQ== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0NJ3P2Y-N-A19X Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost c3b5432477546c086cd062707f625a76 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	dcm aax-eu.amazon-adsystem.com/s/ Frame 2FAC	43 B 932 B	386ms 171ms	Image image/gif	52.95.125.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:56 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 9PPTR4JWN8177XM55MA2 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 2FAC Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bZGhYzYIRIagLGXfcqYO1Q&rk=usync-na https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bZGhYzYIRIagLGXfcqYO1Q	43 B 556 B	30ms 30ms	Image image/gif	209.54.180.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bZGhYzYIRIagLGXfcqYO1Q Protocol HTTP/1.1 Server 209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:56 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid C8BBETZNDBWCJ2NSYYXF Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bZGhYzYIRIagLGXfcqYO1Q Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 9e7742894a018a40b59a2ed2117c85b5 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2FAC Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGY3MWE5ZmIzYTg0ZWEzMjA2NjE1OWJlMGQxMzk0YWNhNDI5MjAyYg	170 B 243 B	36ms 35ms	Image image/png	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGY3MWE5ZmIzYTg0ZWEzMjA2NjE1OWJlMGQxMzk0YWNhNDI5MjAyYg Protocol H2 Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 12 Mar 2022 07:30:56 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGY3MWE5ZmIzYTg0ZWEzMjA2NjE1OWJlMGQxMzk0YWNhNDI5MjAyYg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost c3b5432477546c086cd062707f625a76 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	v1 ads.yahoo.com/cms/ Frame 2FAC Redirect Chain https://token.rubiconproject.com/token?pid=26594 https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0NJ3P2Y-N-A19X&sigv=1&esig=2~0118275d63474cd795c63ef6f9a9cd8ed26d8558	0 194 B	136ms 24ms	Image text/plain	2001:4998:1c:800::1001 YAHOO
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0NJ3P2Y-N-A19X&sigv=1&esig=2~0118275d63474cd795c63ef6f9a9cd8ed26d8558 Protocol H2 Server 2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 12 Mar 2022 07:30:56 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block Redirect headers Location https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0NJ3P2Y-N-A19X&sigv=1&esig=2~0118275d63474cd795c63ef6f9a9cd8ed26d8558 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost d5a7ef20801cf5cb1ee516b6110e672f P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2FAC Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBOSjNQMlktTi1BMTlY	170 B 232 B	36ms 35ms	Image image/png	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBOSjNQMlktTi1BMTlY Protocol H2 Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sat, 12 Mar 2022 07:30:56 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBOSjNQMlktTi1BMTlY Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost d5a7ef20801cf5cb1ee516b6110e672f P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 4716	0 745 B	17ms 17ms	Script text/html	68.67.178.10 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.178.10 Secaucus, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sat, 12 Mar 2022 07:30:57 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com AN-X-Request-Uuid 5525d4f7-ccc7-4860-8cfe-ef46b002ed18 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT