urlscan.io logo urlscan.io
SecurityTrails logo

www.ovcmt.com Open in urlscan Pro
199.119.218.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.exploremassage.ca/
Effective URL: https://www.ovcmt.com/start-here
Submission: On August 17 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 2 countries across 42 domains to perform 107 HTTP transactions. The main IP is 199.119.218.206, located in Kelowna, Canada and belongs to DARGAL, CA. The main domain is www.ovcmt.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on February 14th 2024. Valid for: a year.
This is the only time www.ovcmt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
16 199.119.218.206 25999 (DARGAL)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 34.86.70.109 396982 (GOOGLE-CL...)
1 2600:9000:247... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
22 172.67.15.14 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 34.138.31.113 396982 (GOOGLE-CL...)
4 142.250.72.110 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 142.251.41.8 15169 (GOOGLE)
2 18.238.49.101 16509 (AMAZON-02)
22 27 34.150.170.96 396982 (GOOGLE-CL...)
1 34.168.224.78 396982 (GOOGLE-CL...)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 157.240.241.1 32934 (FACEBOOK)
2 3 142.250.65.164 15169 (GOOGLE)
1 3 142.250.176.194 15169 (GOOGLE)
2 142.250.176.195 15169 (GOOGLE)
1 1 2600:9000:284... 16509 (AMAZON-02)
2 69.194.240.13 26120 (RHYTHMONE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 18.238.80.105 16509 (AMAZON-02)
1 1 2600:9000:21d... 16509 (AMAZON-02)
1 2 2600:9000:284... 16509 (AMAZON-02)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 63.251.28.211 13789 (INTERNAP-...)
2 2 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 2 23.83.76.89 395954 (LEASEWEB-...)
1 2 52.0.156.250 14618 (AMAZON-AES)
1 34.200.65.202 14618 (AMAZON-AES)
1 52.4.60.109 14618 (AMAZON-AES)
1 23.197.253.128 16625 (AKAMAI-AS)
1 2 3.221.255.217 14618 (AMAZON-AES)
1 2 54.236.96.16 14618 (AMAZON-AES)
2 2 35.244.154.8 15169 (GOOGLE)
1 107.178.254.65 396982 (GOOGLE-CL...)
1 1 142.250.80.98 15169 (GOOGLE)
1 2 68.67.160.184 29990 (ASN-APPNEX)
1 69.173.146.5 26667 (RUBICONPR...)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
2 2 142.250.65.162 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
107 43
1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
www.exploremassage.ca
16    199.119.218.206 (Kelowna, Canada)

ASN25999 (DARGAL, CA)
PTR: plsk05.provisiondata.net
www.ovcmt.com
5    2606:4700:20::681a:aae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.csekcreative.com
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    34.86.70.109 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.70.86.34.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
1    2600:9000:247b:a600:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rlets.com
3    2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
22    172.67.15.14 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
2    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    34.138.31.113 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.31.138.34.bc.googleusercontent.com
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com
4    142.250.72.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f14.1e100.net
www.google-analytics.com
1    2607:f8b0:4004:c08::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    142.251.41.8 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net
www.googletagmanager.com
2    18.238.49.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-101.jfk52.r.cloudfront.net
capture-api.reachlocalservices.com
27    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
1    34.168.224.78 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.224.168.34.bc.googleusercontent.com
fault.rlets.com
2    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
3    142.250.65.164 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f4.1e100.net
www.google.com
3    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.176.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f3.1e100.net
www.google.ca
1    2600:9000:2840:2000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4280:77ca:3419:6e62:d363 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    18.238.80.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-105.jfk52.r.cloudfront.net
aa.agkn.com
1    2600:9000:21da:3a00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    2600:9000:2840:8200:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    63.251.28.211 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
2    23.83.76.89 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
sync.smartadserver.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
1    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    52.4.60.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-60-109.compute-1.amazonaws.com
sync.bfmio.com
1    23.197.253.128 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-253-128.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    3.221.255.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-255-217.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    54.236.96.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-96-16.compute-1.amazonaws.com
ce.lijit.com
2    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
www.googleadservices.com
2    68.67.160.184 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    142.250.65.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
cm.g.doubleclick.net
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
30 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 8238
um.simpli.fi — Cisco Umbrella Rank: 1484
i.simpli.fi — Cisco Umbrella Rank: 6968
16 KB
22 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 12323
va.tawk.to — Cisco Umbrella Rank: 12027
221 KB
16 ovcmt.com
www.ovcmt.com
315 KB
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
3 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
463 KB
5 rlets.com
cdn.rlets.com — Cisco Umbrella Rank: 28025
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com
fault.rlets.com — Cisco Umbrella Rank: 318462
45 KB
5 csekcreative.com
cdn.csekcreative.com
57 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
112 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
77 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 864
502 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
2 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
834 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1396
895 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296
835 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3519
2 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 2269
1 KB
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 4127
933 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1598
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 910
d.agkn.com — Cisco Umbrella Rank: 1174
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 646
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 632
969 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 741
197 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
128 B
2 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
2 reachlocalservices.com
capture-api.reachlocalservices.com — Cisco Umbrella Rank: 37292
585 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
41 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 555
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
23 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1285
571 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1556
480 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2757
421 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612
126 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 969
653 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1373
549 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10885
175 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1043
512 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
1 gstatic.com
fonts.gstatic.com
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 exploremassage.ca
www.exploremassage.ca
308 B
107 42
Domain Requested by
27 um.simpli.fi 22 redirects cdn.rlets.com
17 embed.tawk.to www.ovcmt.com
embed.tawk.to
16 www.ovcmt.com www.ovcmt.com
6 www.google-analytics.com www.ovcmt.com
www.googletagmanager.com
www.google-analytics.com
5 va.tawk.to embed.tawk.to
5 www.googletagmanager.com www.ovcmt.com
www.googletagmanager.com
www.google-analytics.com
cdn.rlets.com
5 cdn.csekcreative.com www.ovcmt.com
4 www.facebook.com www.ovcmt.com
3 googleads.g.doubleclick.net 1 redirects www.ovcmt.com
www.googletagmanager.com
3 www.google.com 2 redirects www.ovcmt.com
3 d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com cdn.rlets.com
3 connect.facebook.net www.ovcmt.com
connect.facebook.net
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 sync.smartadserver.com 1 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com 1 redirects
2 pixel.tapad.com 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.1rx.io
2 www.google.ca www.ovcmt.com
2 bat.bing.com www.ovcmt.com
2 capture-api.reachlocalservices.com cdn.rlets.com
2 tag.simpli.fi www.ovcmt.com
cdn.rlets.com
1 cdn.jsdelivr.net embed.tawk.to
1 pixel.rubiconproject.com
1 www.googleadservices.com 1 redirects
1 pippio.com
1 stags.bluekai.com
1 sync.bfmio.com
1 ups.analytics.yahoo.com
1 ads.stickyadstv.com
1 image2.pubmatic.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 s.ad.smaato.net 1 redirects
1 i.simpli.fi tag.simpli.fi
1 fault.rlets.com www.ovcmt.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.youtube.com www.ovcmt.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.rlets.com www.ovcmt.com
1 fonts.googleapis.com www.ovcmt.com
1 www.exploremassage.ca 1 redirects
107 50
Subject Issuer Validity Valid
ovcmt.com
Starfield Secure Certificate Authority - G2		 2024-02-14 -
2025-03-17		 a year crt.sh
csekcreative.com
WE1		 2024-07-14 -
2024-10-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.rlets.com
Amazon RSA 2048 M03		 2023-10-31 -
2024-11-27		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-26 -
2024-08-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
tawk.to
WE1		 2024-07-24 -
2024-10-22		 3 months crt.sh
captureapi.localiq.com
R10		 2024-08-13 -
2024-11-11		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.reachlocalservices.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.google.ca
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.ovcmt.com/start-here
Frame ID: D43B1226007E6701FFF59990128600AF
Requests: 96 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OmybX7fO74s
Frame ID: AC348D6ACF9F174F80A41F3614ECDACE
Requests: 1 HTTP requests in this frame

Frame: https://d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/static/storage.html
Frame ID: 071A09EFD8C88FA5C62E720EE0F20334
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/min-widget.css
Frame ID: 1AD3DAF698E08A83BC27A6B4FF748954
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/bubble-widget.css
Frame ID: 6F75FB1FBB1F4F8D33EC1193986FEF48
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/message-preview.css
Frame ID: 278B8A74EE85B9BAF84ED87EEB429F1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Future Starts Here today

Page URL History Show full URLs

  1. https://www.exploremassage.ca/ HTTP 301
    https://www.ovcmt.com/start-here Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • (?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

107
Requests

79 %
HTTPS

33 %
IPv6

42
Domains

50
Subdomains

43
IPs

2
Countries

1309 kB
Transfer

3697 kB
Size

88
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.exploremassage.ca/ HTTP 301
    https://www.ovcmt.com/start-here Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1523740123.1723861054&url=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&dma=0&npa=0&gtm=45be48e0za200&auid=1780528228.1723861054&frm=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1523740123.1723861054&url=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&dma=0&npa=0&gtm=45be48e0za200&auid=1780528228.1723861054&frm=0
Request Chain 66
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=41161BDE654F40ACA196B2605580AC53 HTTP 302
  • https://sync.1rx.io/usersync/smaato/c660dab3e6?gdpr=0&gdpr_consent=
Request Chain 67
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/41161BDE654F40ACA196B2605580AC53
Request Chain 68
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=41161BDE654F40ACA196B2605580AC53&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=41161BDE654F40ACA196B2605580AC53&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 69
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=41161BDE654F40ACA196B2605580AC53
Request Chain 70
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=41161BDE654F40ACA196B2605580AC53 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=41161BDE654F40ACA196B2605580AC53
Request Chain 71
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=41161BDE654F40ACA196B2605580AC53 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1723861055608&ip=167.114.209.103&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214530604977002328933 HTTP 302
  • https://um.simpli.fi/aa_px?sk=214530604977002328933 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 72
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=41161BDE654F40ACA196B2605580AC53 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=41161BDE654F40ACA196B2605580AC53&ckls=true&ci=6qyH74T2Ii&nc=false&trid=-788187199
Request Chain 73
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:41161BDE654F40ACA196B2605580AC53
Request Chain 74
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=41161BDE654F40ACA196B2605580AC53
Request Chain 75
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=41161BDE654F40ACA196B2605580AC53;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=41161BDE654F40ACA196B2605580AC53;mimetype=img;sr HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Request Chain 76
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=41161BDE654F40ACA196B2605580AC53&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=41161BDE654F40ACA196B2605580AC53&j=0&xl8blockcheck=1
Request Chain 77
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=41161BDE654F40ACA196B2605580AC53
Request Chain 78
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=41161BDE654F40ACA196B2605580AC53
Request Chain 79
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=41161BDE654F40ACA196B2605580AC53
Request Chain 80
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=41161BDE654F40ACA196B2605580AC53 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=41161BDE654F40ACA196B2605580AC53
Request Chain 81
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=41161BDE654F40ACA196B2605580AC53 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=41161BDE654F40ACA196B2605580AC53&dnr=1
Request Chain 82
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=41161BDE654F40ACA196B2605580AC53 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNDExNjFCREU2NTRGNDBBQ0ExOTZCMjYwNTU4MEFDNTMQABoNCL-QgLYGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8b3648898c0a8db71c3d9065f4c28207594713de90105b5af13505d11378419c791426b5417dce21&_=2
Request Chain 83
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1723861054932&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=201510394&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIhbzT7vr6hwMVwHJHAR1ouTNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL3d3dy5vdmNtdC5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=201510394&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIhbzT7vr6hwMVwHJHAR1ouTNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL3d3dy5vdmNtdC5jb20v&is_vtc=1&cid=CAQSKQDpaXnflWexnJMp_ABIYxv3fbKsGJ2gARSvGNvI9X8yZIycfnh403H4&random=3035772487 HTTP 302
  • https://www.google.ca/pagead/1p-conversion/1026675585/?random=201510394&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIhbzT7vr6hwMVwHJHAR1ouTNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL3d3dy5vdmNtdC5jb20v&is_vtc=1&cid=CAQSKQDpaXnflWexnJMp_ABIYxv3fbKsGJ2gARSvGNvI9X8yZIycfnh403H4&random=3035772487&ipr=y
Request Chain 85
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=41161BDE654F40ACA196B2605580AC53 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D41161BDE654F40ACA196B2605580AC53
Request Chain 86
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=41161BDE654F40ACA196B2605580AC53&expires=365
Request Chain 87
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=41161BDE654F40ACA196B2605580AC53 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=41161BDE654F40ACA196B2605580AC53
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEOE-iir2rZ1JQjCLYjCjYlE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41161BDE654F40ACA196B2605580AC53 HTTP 302
  • https://um.simpli.fi/g_match?id=

107 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request start-here
www.ovcmt.com/
Redirect Chain
  • https://www.exploremassage.ca/
  • https://www.ovcmt.com/start-here
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PHP/5.6.40 PleskLin
Resource Hash
7a0f3c00f76c77351158fabe52fff7b7aa9547f9cd610e3e6ae95bbe263a4a51

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
none
content-encoding
gzip
content-length
6011
content-type
text/html; charset=UTF-8
date
Sat, 17 Aug 2024 02:17:31 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/5.6.40 PleskLin

Redirect headers

Connection
close
Content-Length
67
Content-Type
text/html; charset=utf-8
Date
Sat, 17 Aug 2024 02:17:29 GMT
Location
https://www.ovcmt.com/start-here
Server
ip-10-123-124-61.ec2.internal
Vary
Accept-Encoding
X-Request-Id
a9895b0e-c382-404b-bded-36e77091ee8f
combined.min.css
www.ovcmt.com/css/ 		145 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ovcmt.com/css/combined.min.css
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PleskLin
Resource Hash
9146f6559b68729d3953d29bae3b96ed452b8ebcad97704f16be332717fd5592

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
gzip
last-modified
Sun, 06 Nov 2016 22:49:44 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
accept-ranges
none
content-length
27010
jquery.mmenu.all.min.css
cdn.csekcreative.com/shared/mmenu/4.7.5/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.csekcreative.com/shared/mmenu/4.7.5/css/jquery.mmenu.all.min.css
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d021f2700ecd15b1ef35279c843a76586df6ea9951d2b8ea3550df5382b95be

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Jul 2018 19:16:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2200153
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0u3isNIRuokwrF6NQIWwzIPTW48ZcWMbWv0sqIxEk4Y1JPShfvX1ooRQnWiWqPIy9l%2FZyUQtMQFq4t2seAJMcoVhAwbx0%2FPUjLa71DKcDhO0dTyPhfhaokNBc8IGQW40N8XBj6w44zZYOnmkuC5Kgn0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8b462b13c92eac5d-YYZ
style.css
www.ovcmt.com/themes/base/css/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ovcmt.com/themes/base/css/style.css?v=1.79
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
3039345af26b42a0d86e214b1ec656fe97db8b5e5d8f60d0085bf6c2a31b0f58

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 17:50:46 GMT
server
nginx
x-powered-by
PHP/5.6.40, PleskLin
x-scss-cache
true
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
accept-ranges
none
content-length
6936
glyphicons.css
cdn.csekcreative.com/shared/glyphicons_pro/1.0.1/glyphicons/css/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.csekcreative.com/shared/glyphicons_pro/1.0.1/glyphicons/css/glyphicons.css
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00679ab0a152562c8b8513e45dc0c6590f61deabdf73bc0b8844b26501a99276

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 10 Jul 2018 19:15:38 GMT
server
cloudflare
age
2200941
cf-polished
origSize=31742
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8nmPu301wmKXSoG%2FDLOzqWu5vdq2OIYWRynEFNDm0Mqa9XkV8%2B4DIN576TuLVMkquxzfsiB8I7e1qcoJYXVyLFKmkWddmGfHc3pdINulyPravYkG%2F723XwRqRqio9pzsbwBb3gQtwxXKA%2F8QDLKeWnh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8b462b13c931ac5d-YYZ
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:300,300i,400,400i,700,700i|Oswald:300,400,500,700|Material+Icons
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00d821c570bf611d1963da171d7442f136812c0d18db47bc184cf0beb642edcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 02:17:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 02:17:31 GMT
e523b370-766a-0136-4cc2-067f653fa718
tag.simpli.fi/sifitag/ 		0
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/e523b370-766a-0136-4cc2-067f653fa718
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:31 GMT
server
openresty
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
x-request-id
F-xifkj86jOqdZFbdFgG
expires
Thu, 01 Jan 1970 00:00:00 GMT
f76461898c6dd7762ea1bd1.js
cdn.rlets.com/capture_configs/d5e/09d/bbd/ 		196 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_configs/d5e/09d/bbd/f76461898c6dd7762ea1bd1.js
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:a600:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e96ded3620695f340b558bf1804f2c83f479313d57d6fa125956f0d4b05b6c1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 22:26:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
x-permitted-cross-domain-policies
none
via
1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
age
13891
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f8512138aebcd4a51936d905f6deef92
x-runtime
0.099863
referrer-policy
strict-origin-when-cross-origin
etag
W/"e96ded3620695f340b558bf1804f2c83"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
x-amz-cf-id
IoQBBnl3eFi-k_YFTLu_IeSxi3zfNUHRtAkCX_kAgHExC4NjdWRS5w==
599460fa-dbe0-448e-b29f-4122d8b0b5a8.png
www.ovcmt.com/files/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/files/599460fa-dbe0-448e-b29f-4122d8b0b5a8.png
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PleskLin
Resource Hash
6a4a38f0fb4cd03c512fa140a4103e4710d4e222db71e0179cbf636c71c4e01d

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
last-modified
Wed, 16 Aug 2017 15:12:58 GMT
server
nginx
etag
"6155-556e054beb280"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
24917
ovcmt-anniversary-logo.jpg
www.ovcmt.com/files/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/files/ovcmt-anniversary-logo.jpg?v=4
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PleskLin
Resource Hash
9863f9ee3a5fe26c65587f8089c889549ced1b38e172b688f5d87b722dec70c4

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
last-modified
Thu, 15 Feb 2024 17:19:57 GMT
server
nginx
etag
"7afd-6116ed62e166f"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
31485
js
www.googletagmanager.com/gtag/ 		311 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3ER5MNZY78
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7fe1f34291f7da5c1ba6c0c71aef8745d60615ea907b85c3a99ed5ba7010e6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105132
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Aug 2024 02:17:31 GMT
ovcmt%20logo.png
www.ovcmt.com/files/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/files/ovcmt%20logo.png
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PleskLin
Resource Hash
6a4a38f0fb4cd03c512fa140a4103e4710d4e222db71e0179cbf636c71c4e01d

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
last-modified
Wed, 16 Mar 2022 22:53:03 GMT
server
nginx
etag
"6155-5da5dc6b06e09"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
24917
599460fa-dbe0-448e-b29f-4122d8b0b5a8.png
www.ovcmt.com/image/w300/files/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/image/w300/files/599460fa-dbe0-448e-b29f-4122d8b0b5a8.png
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
a248f885bed67cf8a882e13a77a80430a6b030993b6bcd977b4783bc5661dc1f

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
last-modified
Mon, 24 Dec 2018 18:13:24 GMT
server
nginx
x-powered-by
PHP/5.6.40, PleskLin
content-type
image/png
cache-control
max-age=604800, public
x-content-slir
request cache
content-length
20264
expires
Sat, 24 Aug 2024 02:17:32 GMT
5a74bc6d-be14-4ed5-93ee-7caed8b0b5a8.png
www.ovcmt.com/image/w300/files/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/image/w300/files/5a74bc6d-be14-4ed5-93ee-7caed8b0b5a8.png
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
c6b19aa2a96d75bb8f4fda026ca4ae31028a52695177c4a5bacdc40d3a21c501

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
last-modified
Mon, 24 Dec 2018 18:06:34 GMT
server
nginx
x-powered-by
PHP/5.6.40, PleskLin
content-type
image/png
cache-control
max-age=604800, public
x-content-slir
request cache
content-length
13117
expires
Sat, 24 Aug 2024 02:17:32 GMT
59b2b623-fe10-4a32-bbcc-043dd8b0b5a8.png
www.ovcmt.com/image/w300/files/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/image/w300/files/59b2b623-fe10-4a32-bbcc-043dd8b0b5a8.png
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
eef83fc2d42072c96f577b413c3cf4d2ed8da6ee6e973aee1ea07ce682078176

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
last-modified
Mon, 24 Dec 2018 18:13:23 GMT
server
nginx
x-powered-by
PHP/5.6.40, PleskLin
content-type
image/png
cache-control
max-age=604800, public
x-content-slir
request cache
content-length
19913
expires
Sat, 24 Aug 2024 02:17:32 GMT
59b2b677-61e4-42aa-96ea-0618d8b0b5a8.png
www.ovcmt.com/image/w300/files/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/image/w300/files/59b2b677-61e4-42aa-96ea-0618d8b0b5a8.png
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
a99e02d6018d81c25cc2c178012b5787015fe6d3d920861878c3ecf03704443b

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
last-modified
Mon, 24 Dec 2018 18:13:22 GMT
server
nginx
x-powered-by
PHP/5.6.40, PleskLin
content-type
image/png
cache-control
max-age=604800, public
x-content-slir
request cache
content-length
15983
expires
Sat, 24 Aug 2024 02:17:32 GMT
59b2b63c-ab3c-43ad-af16-04d1d8b0b5a8.png
www.ovcmt.com/image/w300/files/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/image/w300/files/59b2b63c-ab3c-43ad-af16-04d1d8b0b5a8.png
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
1d3faadb002583c3a9ab2f692817504c0e6f1b1dc6f47a7db507633890dc8165

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
last-modified
Mon, 24 Dec 2018 18:13:24 GMT
server
nginx
x-powered-by
PHP/5.6.40, PleskLin
content-type
image/png
cache-control
max-age=604800, public
x-content-slir
request cache
content-length
13395
expires
Sat, 24 Aug 2024 02:17:32 GMT
6126e7ed-83f0-423c-9320-6654c777dace.png
www.ovcmt.com/image/w300/files/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/image/w300/files/6126e7ed-83f0-423c-9320-6654c777dace.png
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
4e57b01a0541bc6ab9618d5945c4d223e19102afe56d8064e659219e20e9c80f

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
last-modified
Thu, 26 Aug 2021 01:01:37 GMT
server
nginx
x-powered-by
PHP/5.6.40, PleskLin
content-type
image/png
cache-control
max-age=604800, public
x-content-slir
request cache
content-length
15982
expires
Sat, 24 Aug 2024 02:17:32 GMT
66919783-539c-467d-aad2-2bcbc777dace.png
www.ovcmt.com/image/w300/files/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ovcmt.com/image/w300/files/66919783-539c-467d-aad2-2bcbc777dace.png
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PHP/5.6.40, PleskLin
Resource Hash
95f3963494b9284ce8d539bece9877d5aef10d3d4e0706dec9eb2f2e240ac8a8

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
last-modified
Fri, 12 Jul 2024 20:52:36 GMT
server
nginx
x-powered-by
PHP/5.6.40, PleskLin
content-type
image/png
cache-control
max-age=604800, public
x-content-slir
request cache
content-length
22997
expires
Sat, 24 Aug 2024 02:17:32 GMT
jquery.min.js
cdn.csekcreative.com/shared/jquery/2.1.0/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.csekcreative.com/shared/jquery/2.1.0/jquery.min.js
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f77d7e62e3eb9aa6a1a16b78ad9d89a1a48ad1b22a4baaf03045a91fcdce5f

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2024 20:21:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2200477
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6aczT1GONMzr7tvq9KkZnG8%2FayJ%2F91TnoufduUO3UDbnwpL8ufLvybFDjiiqv3x1%2BcCYyZIi8wqMDWo0Sdgu3Ylkdw1WoZVJ%2B6WemSJhskhL%2F%2BUuj%2FZi3zAMV9mIFXMfXQZI4VAHNdLKmrsqrJMPdH3x"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
max-age=86400
cf-ray
8b462b151a90ac5d-YYZ
jquery.mmenu.min.all.js
cdn.csekcreative.com/shared/mmenu/4.7.5/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.csekcreative.com/shared/mmenu/4.7.5/js/jquery.mmenu.min.all.js
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaab2d7fa89714fb0d2a0acc48337a9da9c1bf582abcdc4fbfc11f14896b90b8

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 12:47:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
193679
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxE1zPrscFdw32udnfmTDz%2BkVqduzHxwMMmm63yzRNTXSwa%2BpsqjleCmMLCr4C03tqZH5SKc%2BN7GgKYaM8yvbWuFTz6z3FeMMIb9oswylEP%2FG9aQ4P%2FkYjxtTGtbmiYNkKZdZXgPN4iCoC6Rr8mHkQBg"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
max-age=86400
cf-ray
8b462b151a93ac5d-YYZ
bootstrap.min.js
cdn.csekcreative.com/shared/bootstrap/3.3.1/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.csekcreative.com/shared/bootstrap/3.3.1/js/bootstrap.min.js
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Jul 2024 03:15:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
839238
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vX12fKXCTQc6WSjBszoTCXVyUMCD8Wi0EsR6LVxjbKsZF3qnyV6Sr%2FYMuiMAMfa%2Fvay5rGsqum2ogifJ5w5WLIOvoeih8%2FYywIhSNP2hOCtqRjCJDmTR8EmHwY2WeM9pNjSMD4SuEJWOPvcmj2VGXSe"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
max-age=86400
cf-ray
8b462b151a95ac5d-YYZ
scripts.js
www.ovcmt.com/themes/base/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ovcmt.com/themes/base/js/scripts.js
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PleskLin
Resource Hash
176200e76db913fca06c1c5e324d493c58c34148492cc985308051bd0e5805c1

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 21:14:48 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
2964
gtm.js
www.googletagmanager.com/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K7MG3QM
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68af784e77d6dc64b064689f32ed853c425313419dad1d17054bfca7b8987881
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74643
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 00:36:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Aug 2024 02:17:31 GMT
fbevents.js
connect.facebook.net/en_US/ 		231 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
005dcf438c65b9a2d5f77f15f8a0c1f9c7895923f8583f2ef17e71f2b9329b80
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 17 Aug 2024 02:17:31 GMT
document-policy
force-load-at-top
x-fb-server-load
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
60332
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1297, tbw=2771, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma
public
x-fb-debug
oZ67GQ2a8jeGrUlf+zVLxhLtbgOBtXGqUBkmPM5y8FBDBFrEoZ0qA6i5TCfDFp5qWPTYvnUuYiZWy2+5rfhluQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
fontawesome-webfont.woff2
www.ovcmt.com/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ovcmt.com/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/css/combined.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PleskLin
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://www.ovcmt.com/css/combined.min.css
Origin
https://www.ovcmt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:31 GMT
last-modified
Mon, 23 May 2016 04:52:27 GMT
server
nginx
accept-ranges
bytes
etag
"118d8-5337b3503f8c0"
content-length
71896
x-powered-by
PleskLin
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:300,300i,400,400i,700,700i|Oswald:300,400,500,700|Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ovcmt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 02:58:36 GMT
x-content-type-options
nosniff
age
83935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Aug 2025 02:58:36 GMT
OmybX7fO74s
www.youtube.com/embed/ Frame AC34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/OmybX7fO74s
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Aug 2024 02:17:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
1hp1rdtse
embed.tawk.to/65f4a9b79317c543712862bb/ 		2 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/65f4a9b79317c543712862bb/1hp1rdtse
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb893e4b1fafe4ca67aef46580523d4419beb7bbb930f625bd36274582822b0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
Origin
https://www.ovcmt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
REVALIDATED
server
cloudflare
etag
W/"stable-v4-66b9ed69fcc"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
8b462b16b818ab8a-YYZ
alt-svc
h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 17 Aug 2024 02:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
688
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 17 Aug 2024 04:06:04 GMT
497975877313236
connect.facebook.net/signals/config/ 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/497975877313236?v=next&r=canary&domain=www.ovcmt.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C43%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C165%2C138%2C28%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
830d47a0235840bb7fd3ae10705e455f91c8da86a13aaf8cf0d9267e37b918ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 17 Aug 2024 02:17:32 GMT
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=53, mss=1297, tbw=65841, tp=-1, tpl=-1, uplat=117, ullat=0
pragma
public
x-fb-debug
OwqFrvcl/t6qpW47sJsqePAiW4lrNA88/Eyh/RFs/ITm08ksBF7FdGLY9xuPMhKr6IMRhu5ejj6GZRIVBPxq0Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
storage.html
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/static/ Frame 071A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d5e/09d/bbd/f76461898c6dd7762ea1bd1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ovcmt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length
2056
content-type
text/html
date
Sat, 17 Aug 2024 02:17:32 GMT
last-modified
Thu, 08 Aug 2024 22:18:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
js
www.googletagmanager.com/gtag/ 		317 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XTK8CG3W37&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7MG3QM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36f47f64aa59cd790ab3d7434f710ccaa62f43b3065e2cce063f8697d45c5758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107646
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Aug 2024 02:17:32 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3ER5MNZY78&gtm=45je48e0v9180591004za200&_p=1723861051655&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=101403289&cid=797038316.1723861052&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723861052&sct=1&seg=0&dl=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&dt=Your%20Future%20Starts%20Here%20today&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3992
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ER5MNZY78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ovcmt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1361790203&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&ul=en-ca&de=UTF-8&dt=Your%20Future%20Starts%20Here%20today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ICDAgAABAAAAACAAI~&jid=1481188656&gjid=1400533421&cid=797038316.1723861052&tid=UA-34981150-1&_gid=227027866.1723861053&_slc=1&z=509328362
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
f55f89fd0f7cb0a01036823cf6202d9a00f1cffa4706d8d4f4ae2fb7790ddc66
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ovcmt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-34981150-1&cid=797038316.1723861052&jid=1481188656&gjid=1400533421&_gid=227027866.1723861053&_u=ICDAgAABAAAAAGAAI~&z=74546974
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Aug 2024 02:17:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ovcmt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1361790203&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&ul=en-ca&de=UTF-8&dt=Your%20Future%20Starts%20Here%20today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ICHAAEABAAAAAGAAI~&jid=1446499919&gjid=334880865&cid=797038316.1723861052&tid=UA-1244524-22&_gid=227027866.1723861053&_r=1&_slc=1&z=1618946009
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ovcmt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=497975877313236&ev=PageView&dl=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&rl=&if=false&ts=1723861052812&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.1.1723861052798.2665989142479849&ler=empty&cdl=API_unavailable&it=1723861052221&coo=false&uppt=0.09999990463256836&uvpt=2.100000023841858&ttf=3128.399999976158&bdt=321.8000000715256&bdsize=237055&btsize=60332&brbs=0&cdt=213&cdsize=62967&ctsize=12646&crbs=0&let=321.7999999523163&rqm=GET
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=2819, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 17 Aug 2024 02:17:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=497975877313236&ev=PageView&dl=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&rl=&if=false&ts=1723861052812&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.1.1723861052798.2665989142479849&ler=empty&cdl=API_unavailable&it=1723861052221&coo=false&uppt=0.09999990463256836&uvpt=2.100000023841858&ttf=3128.399999976158&bdt=321.8000000715256&bdsize=237055&btsize=60332&brbs=0&cdt=213&cdsize=62967&ctsize=12646&crbs=0&let=321.7999999523163&rqm=FGET
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sat, 17 Aug 2024 02:17:33 GMT
document-policy
force-load-at-top
x-fb-server-load
18
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403926841783268136", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=17, mss=1297, tbw=3137, tp=-1, tpl=-1, uplat=183, ullat=0
pragma
no-cache
x-fb-debug
WVepd4DDdSduCXze4W8ePNubT8QsnK/Z76IAZYa17iSEl99HQ1ihlxELiwBopIMFShw/SEQBcxT5JjjTmsB1AQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403926841783268136"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		286 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7XKKZ60EJ6&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2455c683fcae62ea9a0f3e39080dac666a65c1e14a684e20aa472d7c31fb4789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100505
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Aug 2024 02:17:32 GMT
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XTK8CG3W37&gtm=45je48e0v897322240z8897285755za200zb897285755&_p=1723861051655&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=797038316.1723861052&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723861052&sct=1&seg=0&dl=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&dt=Your%20Future%20Starts%20Here%20today&en=page_view&_fv=1&_ss=1&tfd=4291
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTK8CG3W37&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ovcmt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
originCountry
capture-api.reachlocalservices.com/ 		36 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d5e/09d/bbd/f76461898c6dd7762ea1bd1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-101.jfk52.r.cloudfront.net
Software
/
Resource Hash
cf62dd6c5566a94cdab6c86b4559bd31de00d2769326459801d6710f0242631c

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 17 Aug 2024 02:17:33 GMT
via
1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P3
x-amzn-requestid
51978154-0ce6-4273-b6b0-54c50a799157
x-amzn-trace-id
Root=1-66c0083d-49ee801339a517d04f4a107d;Parent=7daab61627054fea;Sampled=0;lineage=a245b58f:0
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
coY5oGj-vHcEZNw=
content-length
36
x-amz-cf-id
15qQqczckphYs_Db958L8viUicNXvG9aG9yn6aoxz9liLKzDQP_b3A==
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
originCountry
capture-api.reachlocalservices.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-101.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.ovcmt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 17 Aug 2024 02:17:33 GMT
via
1.1 9b2aa79b9573beef202ad020dc96008a.cloudfront.net (CloudFront)
x-amz-apigw-id
coY5mHq1PHcEsvg=
x-amz-cf-id
u7CfFUXBD936UnVYlRZNpVxFUx1_rLGplp9LJ8jF_UyU7hdSqI87Eg==
x-amz-cf-pop
JFK52-P3
x-amzn-requestid
df568d78-b68c-4858-8f74-6f7366f99a48
x-cache
Miss from cloudfront
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7XKKZ60EJ6&gtm=45je48e0v9135724692za200&_p=1723861051655&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=797038316.1723861052&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&dt=Your%20Future%20Starts%20Here%20today&sid=1723861053&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4663
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7XKKZ60EJ6&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ovcmt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gannett
um.simpli.fi/ 		33 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://um.simpli.fi/gannett
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d5e/09d/bbd/f76461898c6dd7762ea1bd1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
522aa11c6575a332917001a929be6252d5f5caf5a288cac095928e51add25607
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

date
Sat, 17 Aug 2024 02:17:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
_.gif
fault.rlets.com/static/ 		43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fault.rlets.com/static/_.gif?s=d5e09dbb-df76-4618-98c6-dd7762ea1bd1&m=Unknown%20OS%20or%20OS%20Version&f=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.224.168.34.bc.googleusercontent.com
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-runtime
0.002700
date
Sat, 17 Aug 2024 02:17:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"42b976597a2d977d0e300f6d06bc903d"
x-frame-options
ALLOWALL
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
access-control-allow-headers
Content-Type
x-request-id
4b960e6e14811f89dac5d84f0e9afdc0
gannett
um.simpli.fi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://um.simpli.fi/gannett
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.ovcmt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/plain; charset=UTF-8
date
Sat, 17 Aug 2024 02:17:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 17 Aug 2024 02:17:33 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1576F785A4A84F359ECAD87DF6C8DBB3 Ref B: YMQ01EDGE0605 Ref C: 2024-08-17T02:17:34Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
425837022135664
connect.facebook.net/signals/config/ 		22 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/425837022135664?v=next&r=canary&domain=www.ovcmt.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C43%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C165%2C138%2C28%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
2e888f4db735e5e1ec5003144372eda88c5a86d91bee90edc28ff8734af9bdbe
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 17 Aug 2024 02:17:34 GMT
document-policy
force-load-at-top
x-fb-server-load
42
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4318, tp=9, tpl=0, uplat=131, ullat=0
pragma
public
x-fb-debug
JUrE2tRId7xK4fFV6pyjfif0MKatKxhOcs6vxsvwh/+9IzVuPmDyXxRAHjWRoklhz++1c5Jr+YRtUmKyWCDpnQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-372657479
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d5e/09d/bbd/f76461898c6dd7762ea1bd1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
18567865604f82e0c20c5fbcd98a1f34a889d43c91e06d206a164e418b5f6855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85241
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 00:36:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Aug 2024 02:17:34 GMT
ad9a87a0-aaa8-0134-f7f7-0cc47a63c1a4
tag.simpli.fi/sifitag/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/ad9a87a0-aaa8-0134-f7f7-0cc47a63c1a4
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d5e/09d/bbd/f76461898c6dd7762ea1bd1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
10a74d9aeefed3f23d978d7c6b0512e81d3a3fff0170866e44c9b054886d3dbc

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:34 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F-xiftNndH-v84lbdIXG
expires
Thu, 01 Jan 1970 00:00:00 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1523740123.1723861054&url=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&dma=0&npa=0&gtm=45be48e0za200&auid=1780528228.17238610...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1523740123.1723861054&url=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&dma=0&npa=0&gtm=45be48e0za200&auid=178052...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1523740123.1723861054&url=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&dma=0&npa=0&gtm=45be48e0za200&auid=1780528228.1723861054&frm=0
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1523740123.1723861054&url=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&dma=0&npa=0&gtm=45be48e0za200&auid=1780528228.1723861054&frm=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/372657479/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372657479/?random=1723861054344&cv=11&fst=1723861054344&bg=ffffff&guid=ON&async=1&gtm=45be48e0za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&hn=www.googleadservices.com&frm=0&tiba=Your%20Future%20Starts%20Here%20today&npa=0&pscdl=noapi&auid=1780528228.1723861054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-372657479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
eb535174b63c904ccf2840de53667341356028dce33fe4a88017ed564e742789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=425837022135664&ev=PageView&dl=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&rl=&if=false&ts=1723861054454&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.1.1723861052798.2665989142479849&ler=empty&cdl=API_unavailable&it=1723861052221&coo=false&uppt=0.10000002384185791&uvpt=0.09999990463256836&ttf=4769.299999952316&bdt=321.8000000715256&bdsize=237055&btsize=60332&brbs=0&cdt=205.60000002384186&cdsize=22104&ctsize=2801&crbs=0&rqm=GET
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1297, tbw=6499, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 17 Aug 2024 02:17:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=425837022135664&ev=PageView&dl=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&rl=&if=false&ts=1723861054454&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.1.1723861052798.2665989142479849&ler=empty&cdl=API_unavailable&it=1723861052221&coo=false&uppt=0.10000002384185791&uvpt=0.09999990463256836&ttf=4769.299999952316&bdt=321.8000000715256&bdsize=237055&btsize=60332&brbs=0&cdt=205.60000002384186&cdsize=22104&ctsize=2801&crbs=0&rqm=FGET
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sat, 17 Aug 2024 02:17:34 GMT
document-policy
force-load-at-top
x-fb-server-load
21
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403926851747421094", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1297, tbw=6668, tp=-1, tpl=-1, uplat=89, ullat=0
pragma
no-cache
x-fb-debug
09GCzvU5zm8bjkMgIQ2yxyDrpnRtXtP52GKwtSGzUkSRc3i2YIAh7Bv1OaW86igE9W4JNO/kRC/CeiyzOLDNcw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403926851747421094"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
visits
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/api/v1/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/api/v1/visits
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/d5e/09d/bbd/f76461898c6dd7762ea1bd1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-runtime
0.010879
date
Sat, 17 Aug 2024 02:17:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
ALLOWALL
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Content-Type
x-request-id
0842c175acb9352c7490043297ff822a
visits
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/api/v1/visits
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.31.113 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.31.138.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOWALL

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ovcmt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-type
text/html
date
Sat, 17 Aug 2024 02:17:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
ALLOWALL
x-request-id
d468677081b70368e70e30074066db88
x-runtime
0.002032
/
www.google.com/pagead/1p-user-list/372657479/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/372657479/?random=1723861054344&cv=11&fst=1723860000000&bg=ffffff&guid=ON&async=1&gtm=45be48e0za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&hn=www.googleadservices.com&frm=0&tiba=Your%20Future%20Starts%20Here%20today&npa=0&pscdl=noapi&auid=1780528228.1723861054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfCTXU1ChIng373Uy9GM9l49KoYjt7Ng&random=253574713&rmt_tld=0&ipr=y
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/372657479/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/372657479/?random=1723861054344&cv=11&fst=1723860000000&bg=ffffff&guid=ON&async=1&gtm=45be48e0za200&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&hn=www.googleadservices.com&frm=0&tiba=Your%20Future%20Starts%20Here%20today&npa=0&pscdl=noapi&auid=1780528228.1723861054&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfCTXU1ChIng373Uy9GM9l49KoYjt7Ng&random=253574713&rmt_tld=1&ipr=y
Requested by
Host: www.ovcmt.com
URL: https://www.ovcmt.com/start-here
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
twk-main.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		121 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f4a9b79317c543712862bb/1hp1rdtse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
Origin
https://www.ovcmt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:34 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
174314
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b294e78ab8a-YYZ
twk-vendor.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f4a9b79317c543712862bb/1hp1rdtse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
Origin
https://www.ovcmt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
89653
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"3b341e35b39f6195793ecaf5db7c1d63"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b294e79ab8a-YYZ
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		212 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f4a9b79317c543712862bb/1hp1rdtse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
Origin
https://www.ovcmt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
174314
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"77a40166698f808a0942865537165b0f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b294e7aab8a-YYZ
twk-chunk-common.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		223 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f4a9b79317c543712862bb/1hp1rdtse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e657c8ec36f5d2911c491e86848a138ee6734c5b20d0fa3ad6cf4f4bf0452382
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
Origin
https://www.ovcmt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
174314
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"f31c0e7d1b3edd0ae357a03eb6542b32"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b294e7bab8a-YYZ
twk-runtime.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f4a9b79317c543712862bb/1hp1rdtse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d4bb23fa563d1f929c4c85126e170270fe5f5322271e9c6af29baafc5be4d12
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
Origin
https://www.ovcmt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
89653
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"c2d9fe2531b3510db26e5d705ed88259"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b294e7cab8a-YYZ
twk-app.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		151 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/65f4a9b79317c543712862bb/1hp1rdtse
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
Origin
https://www.ovcmt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:34 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
174314
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b294e7dab8a-YYZ
p
i.simpli.fi/ 		798 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=1705&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ad9a87a0-aaa8-0134-f7f7-0cc47a63c1a4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
ae93ecdb11cde1e757e52f59996dae9c7bf703093e9bedff002b990694bab68d

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:34 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
favicon.ico
www.ovcmt.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ovcmt.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.119.218.206 Kelowna, Canada, ASN25999 (DARGAL, CA),
Reverse DNS
plsk05.provisiondata.net
Software
nginx / PleskLin
Resource Hash
8236ef5b5c4140ee366ab24787e81c86832af3eae06d44bdd5dde5e442ca79cd

Request headers

Referer
https://www.ovcmt.com/start-here
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
last-modified
Tue, 27 Feb 2018 16:05:36 GMT
server
nginx
etag
"47e-56633cc081400"
x-powered-by
PleskLin
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
1150
c660dab3e6
sync.1rx.io/usersync/smaato/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=41161BDE654F40ACA196B2605580AC53
  • https://sync.1rx.io/usersync/smaato/c660dab3e6?gdpr=0&gdpr_consent=
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/smaato/c660dab3e6?gdpr=0&gdpr_consent=
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
via
1.1 614c2f49ee02e59ee41dd908e64f7376.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P7
x-cache
Miss from cloudfront
location
https://sync.1rx.io/usersync/smaato/c660dab3e6?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
2voAojtLF3MV7yZhFCERTiI8iel-889M-5qkm9WNUtZZLmDcOBB9SQ==
41161BDE654F40ACA196B2605580AC53
sync.1rx.io/usersync/simplifi/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/41161BDE654F40ACA196B2605580AC53
0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/simplifi/41161BDE654F40ACA196B2605580AC53
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.1rx.io/usersync/simplifi/41161BDE654F40ACA196B2605580AC53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Aug 2024 02:17:35 GMT
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=41161BDE654F40ACA196B2605580AC53&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=41161BDE654F40ACA196B2605580AC53&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=41161BDE654F40ACA196B2605580AC53&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Sat, 17 Aug 2024 02:17:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
/xuid?ld=1&mid=7969&xuid=41161BDE654F40ACA196B2605580AC53&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 17 Aug 2024 02:17:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=41161BDE654F40ACA196B2605580AC53
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=41161BDE654F40ACA196B2605580AC53
Protocol
H2
Server
2600:1f18:612b:4280:77ca:3419:6e62:d363 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Aug 2024 02:17:35 GMT
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=41161BDE654F40ACA196B2605580AC53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Aug 2024 02:17:35 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=41161BDE654F40ACA196B2605580AC53
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=41161BDE654F40ACA196B2605580AC53
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=41161BDE654F40ACA196B2605580AC53
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=41161BDE654F40ACA196B2605580AC53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=41161BDE654F40ACA196B2605580AC53
  • https://d.agkn.com/pixel/10751/?che=1723861055608&ip=167.114.209.103&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214530604977002328933
  • https://um.simpli.fi/aa_px?sk=214530604977002328933
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=41161BDE654F40ACA196B2605580AC53
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=41161BDE654F40ACA196B2605580AC53&ckls=true&ci=6qyH74T2Ii&nc=false&trid=-788187199
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=41161BDE654F40ACA196B2605580AC53&ckls=true&ci=6qyH74T2Ii&nc=false&trid=-788187199
Protocol
H2
Server
2600:9000:2840:8200:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
via
1.1 a68875d0f24bed2038b9d7b3529854bc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P7
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
r8o65DZ_pLbbQ3VBG6GbUip-YJ8X7alFDkp8qLBqK7LTzlYcdtcLCg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
via
1.1 a68875d0f24bed2038b9d7b3529854bc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P7
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=41161BDE654F40ACA196B2605580AC53&ckls=true&ci=6qyH74T2Ii&nc=false&trid=-788187199
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
pQu0D1ZZsG35O_E32PSb5zTcl7BVcbYF4PdiS14fnmi7srE6cmFp7A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:41161BDE654F40ACA196B2605580AC53
42 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:41161BDE654F40ACA196B2605580AC53
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 17 Aug 2024 02:17:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
content-type
image/gif; charset=utf-8

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:41161BDE654F40ACA196B2605580AC53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Aug 2024 02:17:35 GMT
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=41161BDE654F40ACA196B2605580AC53
43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=41161BDE654F40ACA196B2605580AC53
Protocol
HTTP/1.1
Server
63.251.28.211 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Aug 2024 02:17:35 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1723861055613043-260

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=41161BDE654F40ACA196B2605580AC53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Aug 2024 02:17:35 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=41161BDE654F40ACA196B2605580AC53;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=41161BDE654F40ACA196B2605580AC53;mimetype=img;sr
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
  • https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Protocol
HTTP/1.1
Server
23.83.76.89 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=41161BDE654F40ACA196B2605580AC53&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=41161BDE654F40ACA196B2605580AC53&j=0&xl8blockcheck=1
0
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=41161BDE654F40ACA196B2605580AC53&j=0&xl8blockcheck=1
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=41161BDE654F40ACA196B2605580AC53&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=41161BDE654F40ACA196B2605580AC53
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=41161BDE654F40ACA196B2605580AC53
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.134
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=41161BDE654F40ACA196B2605580AC53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Aug 2024 02:17:35 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=41161BDE654F40ACA196B2605580AC53
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=41161BDE654F40ACA196B2605580AC53
Protocol
HTTP/1.1
Server
52.4.60.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-60-109.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 17 Aug 2024 02:17:35 GMT

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=41161BDE654F40ACA196B2605580AC53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Aug 2024 02:17:35 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=41161BDE654F40ACA196B2605580AC53
62 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=41161BDE654F40ACA196B2605580AC53
Protocol
H2
Server
23.197.253.128 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-253-128.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 17 Aug 2024 02:17:35 GMT
content-length
62
x-request-id
056ff9ed44701cbb58ff7e61dcd3f28d
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=41161BDE654F40ACA196B2605580AC53
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Aug 2024 02:17:35 GMT
tpid=41161BDE654F40ACA196B2605580AC53
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=41161BDE654F40ACA196B2605580AC53
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=41161BDE654F40ACA196B2605580AC53
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=41161BDE654F40ACA196B2605580AC53
Protocol
H2
Server
3.221.255.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-255-217.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.55.143
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=41161BDE654F40ACA196B2605580AC53
cache-control
no-cache
x-server
10.40.54.45
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=41161BDE654F40ACA196B2605580AC53
  • https://ce.lijit.com/merge?pid=2&3pid=41161BDE654F40ACA196B2605580AC53&dnr=1
43 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=41161BDE654F40ACA196B2605580AC53&dnr=1
Protocol
H2
Server
54.236.96.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-96-16.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ce.lijit.com/merge?pid=2&3pid=41161BDE654F40ACA196B2605580AC53&dnr=1
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
pippio.com/api/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=41161BDE654F40ACA196B2605580AC53
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNDExNjFCREU2NTRGNDBBQ0ExOTZCMjYwNTU4MEFDNTMQABoNCL-QgLYGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8b3648898c0a8db71c3d9065f4c28207594713de90105b5af13505d11378419c791426b5417dce21&_=2
42 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=8b3648898c0a8db71c3d9065f4c28207594713de90105b5af13505d11378419c791426b5417dce21&_=2
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pippio.com/api/sync?pid=5324&it=1&iv=8b3648898c0a8db71c3d9065f4c28207594713de90105b5af13505d11378419c791426b5417dce21&_=2
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.google.ca/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1723861054932&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=201510394&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHB...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=201510394&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscr...
  • https://www.google.ca/pagead/1p-conversion/1026675585/?random=201510394&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/1026675585/?random=201510394&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIhbzT7vr6hwMVwHJHAR1ouTNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL3d3dy5vdmNtdC5jb20v&is_vtc=1&cid=CAQSKQDpaXnflWexnJMp_ABIYxv3fbKsGJ2gARSvGNvI9X8yZIycfnh403H4&random=3035772487&ipr=y
Protocol
H3
Server
142.250.176.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ca/pagead/1p-conversion/1026675585/?random=201510394&cv=7&fst=1723861054932&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIhbzT7vr6hwMVwHJHAR1ouTNfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL3d3dy5vdmNtdC5jb20v&is_vtc=1&cid=CAQSKQDpaXnflWexnJMp_ABIYxv3fbKsGJ2gARSvGNvI9X8yZIycfnh403H4&random=3035772487&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=41161BDE654F40ACA196B2605580AC53
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D41161BDE654F40ACA196B2605580AC53
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D41161BDE654F40ACA196B2605580AC53
Protocol
H2
Server
68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
an-x-request-uuid
d9ed1220-fde9-461c-949d-4edadae5c7ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
an-x-request-uuid
cd710b37-0561-41ef-856f-6c55da373215
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D41161BDE654F40ACA196B2605580AC53
cache-control
no-store, no-cache, private
x-proxy-origin
167.114.209.103; 167.114.209.103; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=41161BDE654F40ACA196B2605580AC53&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=41161BDE654F40ACA196B2605580AC53&expires=365
Protocol
HTTP/1.1
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b4dd0c0269c7ea77b4c8a6cf555d0a1d
Expires
0

Redirect headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=41161BDE654F40ACA196B2605580AC53&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 16 Aug 2024 02:17:35 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=41161BDE654F40ACA196B2605580AC53
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=41161BDE654F40ACA196B2605580AC53
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=41161BDE654F40ACA196B2605580AC53
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=41161BDE654F40ACA196B2605580AC53
date
Sat, 17 Aug 2024 02:17:35 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEOE-iir2rZ1JQjCLYjCjYlE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41161BDE654F40ACA196B2605580AC53
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 16 Aug 2024 02:17:35 GMT

Redirect headers

pragma
no-cache
date
Sat, 17 Aug 2024 02:17:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget-settings
va.tawk.to/v1/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=65f4a9b79317c543712862bb&widgetId=1hp1rdtse&sv=null
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bb510aa652671b3016ecac587c260f2f1217654f109bd0aec71956e61a118ce
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-96tt
server
cloudflare
etag
W/"2-9-0"
access-control-max-age
3600
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
vary
Accept-Encoding
cf-ray
8b462b2bc846ab8a-YYZ
access-control-allow-headers
content-type,x-tawk-token
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56364185&Ver=2&mid=a6b7c088-65ed-4f07-95fc-0bb3b2a1b63b&sid=de0aad205c3e11efae32d78852a7645e&vid=de0ba1005c3e11efa1fc51cd3ba48e01&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Your%20Future%20Starts%20Here%20today&p=https%3A%2F%2Fwww.ovcmt.com%2Fstart-here&r=&lt=6288&evt=pageLoad&sv=1&cdb=AQAA&rn=993488
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Aug 2024 02:17:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 72216D9806F244C392FBBCD046898863 Ref B: YMQ01EDGE0605 Ref C: 2024-08-17T02:17:35Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
397786
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:01 GMT
server
cloudflare
etag
W/"2fea0481da1baa4eac07e95e0f9af8a1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b2d39d136cc-YYZ
start
va.tawk.to/v1/session/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bef735836b133445fe9fc2eb2100bff4fec871ddbb43cd3008a2d5ac68c56773
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-6vbj
server
cloudflare
access-control-max-age
3600
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.ovcmt.com
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
8b462b2daa3136cc-YYZ
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ovcmt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.ovcmt.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8b462b2d495fab8a-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 02:17:35 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-4lx6
twk-chunk-bf24a88e.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-bf24a88e.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
397786
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"c96127c9a0429d69fecbeb73fd410443"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b2e9af336cc-YYZ
twk-chunk-71978bb6.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-71978bb6.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62708fa9269f3f5716874a7555a0caf9f588eae57a67a01fca993388805aa175
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
397786
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"b6db854f6c5937b2d0379d5ed35a5bfc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b2e9af536cc-YYZ
twk-chunk-f1565420.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-f1565420.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a91596311ad775dd2ed9b3154c63cd3fc63a290650682ff3d730ee32062f3bc1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
397786
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"5b7e84313f0eedaf13a6f35d55524684"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b2e9af936cc-YYZ
twk-chunk-7c2f6ba4.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-7c2f6ba4.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3e8129569fa2885592b96e0f8d8fa60ce41e6726c6a832b4419a26a9819632
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
397786
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"86d7b0db9e7d5783e209db92cbad3226"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b2e9afa36cc-YYZ
twk-chunk-48f3b594.js
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-48f3b594.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4c1518ec54350dc468a18f7c72ed390aa76b0e298d12ce05dc2784cbfa9917
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
397786
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"d50605fbf68e92ee38e766922bbf1f86"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b2e9afb36cc-YYZ
min-widget.css
embed.tawk.to/_s/v4/app/66b9ed69fcc/css/ Frame 1AD3 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
397785
cf-polished
origSize=24809
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"2d7f176b563b25833791f4844819b5ee"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b2f2b6c36cc-YYZ
bubble-widget.css
embed.tawk.to/_s/v4/app/66b9ed69fcc/css/ Frame 6F75 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
397785
cf-polished
origSize=13594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"ce7913b80c763449b3895d46419f7a6b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b2f8bd036cc-YYZ
message-preview.css
embed.tawk.to/_s/v4/app/66b9ed69fcc/css/ Frame 278B 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb233914781fed5ad823ebc0bb5781fbc71375dc50fb0a2f7061974a539eb2b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:35 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
397785
cf-polished
origSize=42291
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 12 Aug 2024 11:10:00 GMT
server
cloudflare
etag
W/"471037caa670344edd2ca8e96bbc2125"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b2fec2536cc-YYZ
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 6F75 		22 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 02:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
HIT
age
1682792
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 22 May 2021 07:25:19 GMT
server
cloudflare
etag
W/"f66e029841759471d2ec78b86760dca7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
8b462b302c6136cc-YYZ
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ovcmt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.ovcmt.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8b462b305b9eab8a-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 02:17:36 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-4lx6
v3
va.tawk.to/log-performance/ 		5 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Sat, 17 Aug 2024 02:17:36 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-v7bn
server
cloudflare
access-control-max-age
3600
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.ovcmt.com
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
8b462b30bbcfab8a-YYZ
access-control-allow-headers
content-type,x-tawk-token
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ovcmt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 17 Aug 2024 02:17:36 GMT
age
1999315
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41275
x-served-by
cache-fra-etou8220140-FRA, cache-yul1970040-YUL
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| loadCSS object| dataLayer function| fbq function| _fbq function| gtag object| Tawk_API object| Tawk_LoadStart function| $ function| jQuery object| w object| d object| e object| g number| windowWidth number| windowHeight function| match_height function| Dial object| containers string| GoogleAnalyticsObject function| ga object| google_tag_manager object| google_tag_data object| rl_widget_cfg object| RLCAP object| captureStatus function| onYouTubeIframeAPIReady object| gaGlobal string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| gaplugins object| gaData object| uetq object| sifi_att_42656 object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_953f51c834 object| RL object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione

88 Cookies

Domain/Path Name / Value
www.ovcmt.com/ Name: CAKEPHP
Value: 7qjnbns4am6p7u0uhr3dfoiho2
.simpli.fi/ Name: suid
Value: 41161BDE654F40ACA196B2605580AC53
.youtube.com/ Name: YSC
Value: W-3sRwVyrek
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 02s2zc68kh0
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDQRIEGgAgYA%3D%3D
.ovcmt.com/ Name: _ga_3ER5MNZY78
Value: GS1.1.1723861052.1.0.1723861052.0.0.0
.www.ovcmt.com/ Name: _ga
Value: GA1.3.797038316.1723861052
.www.ovcmt.com/ Name: _gid
Value: GA1.3.227027866.1723861053
.www.ovcmt.com/ Name: _gat
Value: 1
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/ Name: test
Value: test
.ovcmt.com/ Name: _gid
Value: GA1.2.227027866.1723861053
.ovcmt.com/ Name: _gat_WebProperty2
Value: 1
.ovcmt.com/ Name: _fbp
Value: fb.1.1723861052798.2665989142479849
.ovcmt.com/ Name: _ga_XTK8CG3W37
Value: GS1.1.1723861052.1.0.1723861052.0.0.0
.ovcmt.com/ Name: _ga
Value: GA1.1.797038316.1723861052
.www.ovcmt.com/ Name: _ga_7XKKZ60EJ6
Value: GS1.3.1723861053.1.0.1723861053.0.0.0
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/ Name: rl_campaign
Value: {"campaign":{"scid":"","cid":"","tc":"","rl_key":"","kw":"","pub_cr_id":"","isPaidCampaign":false,"tid":"","uid":"","ohid":"","id_creative_resource":"","utm_data":"","ecid":"","marketing_policy":false},"urls":["https://www.ovcmt.com/start-here"]}
.ovcmt.com/ Name: _gcl_au
Value: 1.1.1780528228.1723861054
www.ovcmt.com/ Name: rl_visitor_history
Value: ad556a30-3e90-4c61-a873-e13b221c07b0
www.ovcmt.com/ Name: sifi_user_id
Value: 7BA141965B254EECA7D1CC6261FA1B6C
.ovcmt.com/ Name: capture_storage
Value: %7B%22d5e09dbb-df76-4618-98c6-dd7762ea1bd1%22%3A%7B%22visitor_id%22%3A%22ad556a30-3e90-4c61-a873-e13b221c07b0%22%7D%7D
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/ Name: bot_type
Value:
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/ Name: history_campaign
Value: {"scid":"","cid":"","tc":"","rl_key":"","kw":"","pub_cr_id":"","isPaidCampaign":false,"tid":"","uid":"","ohid":"","id_creative_resource":"","utm_data":"","ecid":""}
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/ Name: history_referrer_type
Value: DIRECT
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/ Name: last_activity_at
Value: 1723861054472
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/ Name: visitor_id
Value: ad556a30-3e90-4c61-a873-e13b221c07b0
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/ Name: sifi_user_id
Value: 7BA141965B254EECA7D1CC6261FA1B6C
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com/ Name: visit_id
Value: e4a41d99-8428-4686-aa59-aeb0944212a8
.simpli.fi/ Name: uid_syncd_secure
Value: true
.ovcmt.com/ Name: _uetsid
Value: de0aad205c3e11efae32d78852a7645e
.ovcmt.com/ Name: _uetvid
Value: de0ba1005c3e11efa1fc51cd3ba48e01
.bing.com/ Name: MUID
Value: 116BFF72B0A3617705E4EBACB198609D
.bat.bing.com/ Name: MR
Value: 0
www.ovcmt.com/ Name: twk_idm_key
Value: iObuefURHH3c7-dLy0Fze
.doubleclick.net/ Name: IDE
Value: AHWqTUmngtQNsg3HvMEvxL__pb5mOGRPM0WsRJ1-e9IL-wsp3MgGgNJMt2XQThUl56s
.openx.net/ Name: i
Value: f8060978-3c81-429a-b8ee-393685aacb8b|1723861055
.rlcdn.com/ Name: rlas3
Value: 3VzYwYGLr+AirT12gfXwF8i8lZuz0xrnDFmMZi1rQOU=
.adnxs.com/ Name: XANDR_PANID
Value: aubgHYbJG4GknusNaW-KKuF78nOGPDnkgTBHiEuQXO2CpjXeWWt94NiJ0cWoidrODMvm2csLIiaPLVyAP1pxT8uTclC9AeLe8ZZO2041h8o.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 6899602132240070772
.rubiconproject.com/ Name: audit_p
Value: 1|GKslyNtlCRAUcAnB2OXWqzp1euqBOrBNf2ResV2YGmY3Sds8s51Nz5yKRQZy1raaKJjcPlwY/G2M1KxoLazIt04KBbjzRD/Y5dDZuxGLGk+mi/So4bbBGQvM5ctjGfRSzqoZ8e1YJ5ezuf2B4csR8y5VN5C+3z3oSpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/ Name: khaos
Value: LZXID3EB-2-FPHQ
.rubiconproject.com/ Name: khaos_p
Value: LZXID3EB-2-FPHQ
.rubiconproject.com/ Name: audit
Value: 1|GKslyNtlCRAUcAnB2OXWqzp1euqBOrBNf2ResV2YGmY3Sds8s51Nz5yKRQZy1raaKJjcPlwY/G2M1KxoLazIt04KBbjzRD/Y5dDZuxGLGk+mi/So4bbBGQvM5ctjGfRSzqoZ8e1YJ5ezuf2B4csR8y5VN5C+3z3oSpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluidp
Value: 2634421098962077287267
.3lift.com/ Name: tluid
Value: 2634421098962077287267
.intentiq.com/ Name: intentIQ
Value: 6qyH74T2Ii
.intentiq.com/ Name: IQver
Value: 1.9
.exelator.com/ Name: EE
Value: "6d29d508519b253dbc60a0ad4c9a7dca"
.agkn.com/ Name: ab
Value: 0001%3Ag%2BQzJ03ms2SGU5GQuU73zrhS%2FhachIWm
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:41161BDE654F40ACA196B2605580AC53&KRTB&23486-uid:41161BDE654F40ACA196B2605580AC53&KRTB&23489-uid:41161BDE654F40ACA196B2605580AC53&KRTB&23539-uid:41161BDE654F40ACA196B2605580AC53
.pubmatic.com/ Name: PugT
Value: 1723861055
.lijit.com/ Name: ljt_reader
Value: JLJJAQZHvx89Z2PFQF2Gak3M
.ads.stickyadstv.com/ Name: UID
Value: b9f42b8b1b2f9f57ad8d55e317db81
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: 41161BDE654F40ACA196B2605580AC53
.tapad.com/ Name: TapAd_TS
Value: 1723861055612
.tapad.com/ Name: TapAd_DID
Value: 75280551-e3c4-4a75-9705-bd5575b4f8e2
.bfmio.com/ Name: __141_cid
Value: 41161BDE654F40ACA196B2605580AC53
.bfmio.com/ Name: __io_cid
Value: c9b285427988aae950d2651f267e682aa174fcaa
.smaato.net/ Name: SCM
Value: c660dab3e6
.smaato.net/ Name: SCMu
Value: c660dab3e6
.smaato.net/ Name: SCM1001136
Value: c660dab3e6
.rlcdn.com/ Name: pxrc
Value: CL+QgLYGEgUI6AcQABIFCOhHEAA=
.lijit.com/ Name: _ljtrtb_2
Value: 41161BDE654F40ACA196B2605580AC53
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEsxcgyxdTAwtTQMsnI1DglKdnMINEgMcUk2TLRPCU5cXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIfEl%252BUWb6ImfHxUUpaQyLSopPBZ9YLwAAtaIqbw%253D%253D"
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Ill9/S[d!@wnfH8KW.dG5<#Z0rgKFT0NmngI*Cnfz_]po5ywG%(w>ErkDl!Xb]j%lfQ7^e5E2.g4dkXstGt!@BjD)Nb]l
.intentiq.com/ Name: IQPData
Value: 2809319783#1723861055674#0#1723861055674
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1723861055676
.intentiq.com/ Name: CSDT
Value: UEQ6MTAwNDNfMCZVTGZkSkhU
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pro-market.net/ Name: anProfile
Value: "16ihz8dit0y8i+1+1f=1+1g=1+1j=3k:1+rs=s+rt=26075300006078670000000000000006+s2=(sicbpb)+vm=24-41161BDE654F40ACA196B2605580AC53"
.pro-market.net/ Name: anHistory
Value: "16ihz8dit0y8i+2+!#6wM$W#Mp8"
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: a4343f7b3670fb0eb76f0b8bfab3b11d
www.ovcmt.com/ Name: TawkConnectionTime
Value: 0
.ovcmt.com/ Name: twk_uuid_65f4a9b79317c543712862bb
Value: %7B%22uuid%22%3A%221.PUqFf0SZOA6LkQJOzkOaNHNTBQEzOMMmVrI6YVdeqYSuRYZ6sICw4vOACYG7LpVgAnvai2jUp5e26qdykYcFQYxluFngLcctl0njgETYDd6PlHNpz%22%2C%22version%22%3A3%2C%22domain%22%3A%22ovcmt.com%22%2C%22ts%22%3A1723861055753%7D
.pippio.com/ Name: did
Value: FpHHBkJGrokDS5I_
.pippio.com/ Name: didts
Value: 1723861055
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.agkn.com/ Name: u
Value: C|0AAAAAAAALlLEvwAAAAAA
.bluekai.com/ Name: bku
Value: blx99eX/ysjuWvQ/
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwExh1ERhxAHaBMD6HMxyxDBO1EAtxM/t1eDNmeOOxpDp9y9kyx+p
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/ Name: pid
Value: 5765586896459843903

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.stickyadstv.com
bat.bing.com
bcp.crwdcntrl.net
capture-api.reachlocalservices.com
cdn.csekcreative.com
cdn.jsdelivr.net
cdn.rlets.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
d5e09dbb-df76-4618-98c6-dd7762ea1bd1.rlets.com
eb2.3lift.com
embed.tawk.to
fault.rlets.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
loadm.exelator.com
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.smartadserver.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
va.tawk.to
www.exploremassage.ca
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.ovcmt.com
www.youtube.com
107.178.254.65
142.250.176.194
142.250.176.195
142.250.65.162
142.250.65.164
142.250.72.110
142.250.80.98
142.251.41.8
157.240.241.1
172.67.15.14
18.238.49.101
18.238.80.105
199.119.218.206
23.197.253.128
23.83.76.89
2600:1901:0:8eee::
2600:1f18:612b:4280:77ca:3419:6e62:d363
2600:9000:21da:3a00:19:fc2c:a140:93a1
2600:9000:247b:a600:6:9a19:88c0:93a1
2600:9000:2840:2000:1b:5138:8a40:93a1
2600:9000:2840:8200:1b:6b7d:2300:93a1
2606:4700:20::681a:aae
2607:f8b0:4004:c08::9a
2607:f8b0:4006:806::200e
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:820::2008
2620:1ec:c11::237
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::485
3.221.255.217
3.33.251.168
34.111.113.62
34.138.31.113
34.150.170.96
34.168.224.78
34.200.65.202
34.86.70.109
34.98.64.218
35.244.154.8
35.71.139.29
52.0.156.250
52.4.60.109
54.236.96.16
63.251.28.211
68.67.160.184
69.173.146.5
69.194.240.13
8.28.7.83
005dcf438c65b9a2d5f77f15f8a0c1f9c7895923f8583f2ef17e71f2b9329b80
00679ab0a152562c8b8513e45dc0c6590f61deabdf73bc0b8844b26501a99276
00d821c570bf611d1963da171d7442f136812c0d18db47bc184cf0beb642edcd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0
10a74d9aeefed3f23d978d7c6b0512e81d3a3fff0170866e44c9b054886d3dbc
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
176200e76db913fca06c1c5e324d493c58c34148492cc985308051bd0e5805c1
18567865604f82e0c20c5fbcd98a1f34a889d43c91e06d206a164e418b5f6855
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d3faadb002583c3a9ab2f692817504c0e6f1b1dc6f47a7db507633890dc8165
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
2455c683fcae62ea9a0f3e39080dac666a65c1e14a684e20aa472d7c31fb4789
2d021f2700ecd15b1ef35279c843a76586df6ea9951d2b8ea3550df5382b95be
2d4bb23fa563d1f929c4c85126e170270fe5f5322271e9c6af29baafc5be4d12
2e888f4db735e5e1ec5003144372eda88c5a86d91bee90edc28ff8734af9bdbe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
3039345af26b42a0d86e214b1ec656fe97db8b5e5d8f60d0085bf6c2a31b0f58
36f47f64aa59cd790ab3d7434f710ccaa62f43b3065e2cce063f8697d45c5758
3a3e8129569fa2885592b96e0f8d8fa60ce41e6726c6a832b4419a26a9819632
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e57b01a0541bc6ab9618d5945c4d223e19102afe56d8064e659219e20e9c80f
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
522aa11c6575a332917001a929be6252d5f5caf5a288cac095928e51add25607
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
5fb233914781fed5ad823ebc0bb5781fbc71375dc50fb0a2f7061974a539eb2b
62708fa9269f3f5716874a7555a0caf9f588eae57a67a01fca993388805aa175
68af784e77d6dc64b064689f32ed853c425313419dad1d17054bfca7b8987881
6a4a38f0fb4cd03c512fa140a4103e4710d4e222db71e0179cbf636c71c4e01d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7a0f3c00f76c77351158fabe52fff7b7aa9547f9cd610e3e6ae95bbe263a4a51
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8236ef5b5c4140ee366ab24787e81c86832af3eae06d44bdd5dde5e442ca79cd
82f77d7e62e3eb9aa6a1a16b78ad9d89a1a48ad1b22a4baaf03045a91fcdce5f
830d47a0235840bb7fd3ae10705e455f91c8da86a13aaf8cf0d9267e37b918ae
9146f6559b68729d3953d29bae3b96ed452b8ebcad97704f16be332717fd5592
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
95f3963494b9284ce8d539bece9877d5aef10d3d4e0706dec9eb2f2e240ac8a8
9863f9ee3a5fe26c65587f8089c889549ced1b38e172b688f5d87b722dec70c4
9bb510aa652671b3016ecac587c260f2f1217654f109bd0aec71956e61a118ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a248f885bed67cf8a882e13a77a80430a6b030993b6bcd977b4783bc5661dc1f
a91596311ad775dd2ed9b3154c63cd3fc63a290650682ff3d730ee32062f3bc1
a99e02d6018d81c25cc2c178012b5787015fe6d3d920861878c3ecf03704443b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ae93ecdb11cde1e757e52f59996dae9c7bf703093e9bedff002b990694bab68d
afb893e4b1fafe4ca67aef46580523d4419beb7bbb930f625bd36274582822b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bef735836b133445fe9fc2eb2100bff4fec871ddbb43cd3008a2d5ac68c56773
c6b19aa2a96d75bb8f4fda026ca4ae31028a52695177c4a5bacdc40d3a21c501
c7fe1f34291f7da5c1ba6c0c71aef8745d60615ea907b85c3a99ed5ba7010e6b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf62dd6c5566a94cdab6c86b4559bd31de00d2769326459801d6710f0242631c
db4c1518ec54350dc468a18f7c72ed390aa76b0e298d12ce05dc2784cbfa9917
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e657c8ec36f5d2911c491e86848a138ee6734c5b20d0fa3ad6cf4f4bf0452382
e96ded3620695f340b558bf1804f2c83f479313d57d6fa125956f0d4b05b6c1d
eaab2d7fa89714fb0d2a0acc48337a9da9c1bf582abcdc4fbfc11f14896b90b8
eb535174b63c904ccf2840de53667341356028dce33fe4a88017ed564e742789
eef83fc2d42072c96f577b413c3cf4d2ed8da6ee6e973aee1ea07ce682078176
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55f89fd0f7cb0a01036823cf6202d9a00f1cffa4706d8d4f4ae2fb7790ddc66
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0