urlscan.io logo urlscan.io
SecurityTrails logo

ominous.app Open in urlscan Pro
65.8.20.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ominous.app/
Effective URL: https://ominous.app/
Submission: On April 27 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 3 countries across 44 domains to perform 301 HTTP transactions. The main IP is 65.8.20.13, located in United States and belongs to AMAZON-02, US. The main domain is ominous.app.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 24th 2023. Valid for: a year.
This is the only time ominous.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 65.8.20.13 16509 (AMAZON-02)
4 2600:9000:20e... 16509 (AMAZON-02)
9 2606:4700::68... 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
23 2600:9000:24e... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700:e0:... 13335 (CLOUDFLAR...)
8 199.127.204.163 26120 (RHYTHMONE)
4 52.55.204.172 14618 (AMAZON-AES)
4 2602:803:c002... 26667 (RUBICONPR...)
8 68.67.179.113 29990 (ASN-APPNEX)
2 21 35.244.159.8 15169 (GOOGLE)
4 2620:100:a001... 19750 (AS-CRITEO)
4 34.107.148.139 396982 (GOOGLE-CL...)
3 2001:4860:480... 15169 (GOOGLE)
1 13.249.176.142 16509 (AMAZON-02)
23 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
46 104.126.112.26 16625 (AKAMAI-AS)
6 104.117.182.8 20940 (AKAMAI-ASN1)
28 184.28.136.24 16625 (AKAMAI-AS)
1 2602:803:c002... 26667 (RUBICONPR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
9 17 142.251.40.162 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 5 2620:100:a001::c 19750 (AS-CRITEO)
3 13 23.192.31.127 16625 (AKAMAI-AS)
2 2 199.38.167.131 54312 (ROCKETFUEL)
7 104.72.156.199 16625 (AKAMAI-AS)
3 3 69.166.1.10 27630 (AS-XFERNET)
8 8 2606:ae80:145... 25751 (VALUECLICK)
11 11 199.127.204.142 26120 (RHYTHMONE)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
5 5 54.162.158.9 14618 (AMAZON-AES)
3 3 74.119.119.150 19750 (AS-CRITEO)
8 8 35.211.178.172 15169 (GOOGLE)
2 6 2600:1f18:4e9... 14618 (AMAZON-AES)
6 6 64.74.236.159 19024 (INTERNAP-...)
3 3 23.192.32.8 16625 (AKAMAI-AS)
5 5 35.207.24.140 15169 (GOOGLE)
10 11 52.223.40.198 16509 (AMAZON-02)
1 1 204.62.13.72 46636 (NATCOWEB)
2 2 3.135.132.32 16509 (AMAZON-02)
2 2620:100:a001::4 19750 (AS-CRITEO)
8 11 69.173.151.100 26667 (RUBICONPR...)
2 8 209.54.182.161 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.95.115.255 16509 (AMAZON-02)
2 52.10.3.150 16509 (AMAZON-02)
1 74.119.119.139 19750 (AS-CRITEO)
4 104.72.156.186 ()
1 1 68.67.160.132 ()
2 52.6.78.119 ()
1 34.200.65.202 ()
7 8 151.101.130.49 ()
301 52
2    65.8.20.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-20-13.bos50.r.cloudfront.net
ominous.app
4    2600:9000:20ea:9200:1f:50c5:ed80:21 (United States)

ASN16509 (AMAZON-02, US)
d1yq13nlsgs4vq.cloudfront.net
9    2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
tracker.nitropay.com
9    2607:f8b0:4006:821::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
23    2600:9000:24eb:2000:15:4410:4a80:21 (United States)

ASN16509 (AMAZON-02, US)
d3bpzgarlwg4yy.cloudfront.net
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
4    2607:f8b0:4006:824::2002 (New York, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.ca
1    2606:4700::6812:24e (United States)

ASN13335 (CLOUDFLARENET, US)
tracker.nitropay.com
7    2606:4700:e0::ac40:650a (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
8    199.127.204.163 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
4    52.55.204.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-204-172.compute-1.amazonaws.com
btlr.sharethrough.com
4    2602:803:c002:200::43 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
8    68.67.179.113 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
21    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ggsoftware-d.openx.net
us-u.openx.net
4    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
4    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.249.176.142 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-176-142.bos50.r.cloudfront.net
cdn.amplitude.com
23    2607:f8b0:4006:80c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2607:f8b0:4006:81d::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
46    104.126.112.26 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-26.deploy.static.akamaitechnologies.com
contextual.media.net
6    104.117.182.8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-8.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
28    184.28.136.24 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-136-24.deploy.static.akamaitechnologies.com
warp.media.net
hblg.media.net
lg3.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
1    2602:803:c002:200::54 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-iad2.rubiconproject.com
1    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:808::2002 (New York, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2607:f8b0:4006:81f::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:822::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:823::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
17    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
5    2607:f8b0:4006:817::2001 (New York, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:81d::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
13    23.192.31.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
2    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
7    104.72.156.199 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-72-156-199.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
8    2606:ae80:1451:20::1690 (United States)

ASN25751 (VALUECLICK, US)
medianet-match.dotomi.com
stx-match.dotomi.com
11    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
5    54.162.158.9 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-158-9.compute-1.amazonaws.com
pm.w55c.net
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
8    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
6    2600:1f18:4e9:5a07:84b6:1844:cd73:e0bd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
6    64.74.236.159 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    23.192.32.8 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-32-8.deploy.static.akamaitechnologies.com
stags.bluekai.com
5    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
2    3.135.132.32 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-132-32.us-east-2.compute.amazonaws.com
sync-dmp.mobtrakk.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
8    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    52.10.3.150 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-3-150.us-west-2.compute.amazonaws.com
api2.amplitude.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
4    104.72.156.186 (None, )

ASN- ()
acdn.adnxs.com
1    68.67.160.132 (None, )

ASN- ()
secure.adnxs.com
2    52.6.78.119 (None, )

ASN- ()
match.sharethrough.com
1    34.200.65.202 (None, )

ASN- ()
ups.analytics.yahoo.com
8    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
Apex Domain
Subdomains		 Transfer
78 media.net
prebid.media.net — Cisco Umbrella Rank: 1912
contextual.media.net — Cisco Umbrella Rank: 838
warp.media.net — Cisco Umbrella Rank: 3286
hblg.media.net — Cisco Umbrella Rank: 2773
lg3.media.net — Cisco Umbrella Rank: 6861
hbx.media.net — Cisco Umbrella Rank: 2144
cs.media.net — Cisco Umbrella Rank: 2272
c21lg-d.media.net — Cisco Umbrella Rank: 3606
586 KB
29 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
beacon-iad2.rubiconproject.com — Cisco Umbrella Rank: 2660
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
token.rubiconproject.com — Cisco Umbrella Rank: 795
72 KB
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
282 KB
27 cloudfront.net
d1yq13nlsgs4vq.cloudfront.net
d3bpzgarlwg4yy.cloudfront.net
2 MB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
190 KB
21 openx.net
ggsoftware-d.openx.net — Cisco Umbrella Rank: 45071
us-u.openx.net — Cisco Umbrella Rank: 707
5 KB
13 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
gum.criteo.com — Cisco Umbrella Rank: 442
dis.criteo.com — Cisco Umbrella Rank: 941
mug.criteo.com — Cisco Umbrella Rank: 1686
10 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
acdn.adnxs.com
secure.adnxs.com
110 KB
11 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
8 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
6 KB
11 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1142
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
3 KB
10 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 34833
tracker.nitropay.com — Cisco Umbrella Rank: 33464
123 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
126 KB
8 everesttech.net
sync-tm.everesttech.net
2 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
5 KB
8 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
7 KB
8 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 12422
stx-match.dotomi.com
3 KB
8 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2971
ka-f.fontawesome.com — Cisco Umbrella Rank: 5613
313 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
ups.analytics.yahoo.com
4 KB
7 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
41 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
5 KB
6 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3074
2 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1651
match.sharethrough.com
4 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1505
2 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332
4 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 842
3 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
1 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
2 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
3 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 4665
api2.amplitude.com — Cisco Umbrella Rank: 1552
23 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
57 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 3342
695 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
1 KB
2 google.ca
adservice.google.ca — Cisco Umbrella Rank: 14238
www.google.ca — Cisco Umbrella Rank: 8003
939 B
2 ominous.app
ominous.app
523 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
730 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3435
585 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
10 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
49 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
603 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
24 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 997
30 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 5119
20 KB
301 44
Domain Requested by
46 contextual.media.net ominous.app
contextual.media.net
eus.rubiconproject.com
s.nitropay.com
23 pagead2.googlesyndication.com s.nitropay.com
ominous.app
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
browser.sentry-cdn.com
www.googletagservices.com
23 d3bpzgarlwg4yy.cloudfront.net ominous.app
17 us-u.openx.net 2 redirects s.nitropay.com
us-u.openx.net
15 cm.g.doubleclick.net 9 redirects ominous.app
us-u.openx.net
11 match.adsrvr.org 10 redirects browser.sentry-cdn.com
10 eus.rubiconproject.com contextual.media.net
ominous.app
eus.rubiconproject.com
s.nitropay.com
9 www.googletagmanager.com ominous.app
s.nitropay.com
8 sync-tm.everesttech.net 7 redirects us-u.openx.net
8 s.amazon-adsystem.com 2 redirects ominous.app
us-u.openx.net
8 x.bidswitch.net 8 redirects
8 sync.1rx.io 8 redirects
8 lg3.media.net ominous.app
contextual.media.net
8 hblg.media.net ominous.app
8 ib.adnxs.com browser.sentry-cdn.com
acdn.adnxs.com
8 targeting.unrulymedia.com browser.sentry-cdn.com
8 tracker.nitropay.com browser.sentry-cdn.com
ominous.app
s.nitropay.com
7 pixel.rubiconproject.com 4 redirects ominous.app
7 ads.pubmatic.com contextual.media.net
7 ka-f.fontawesome.com browser.sentry-cdn.com
ominous.app
6 b1sync.zemanta.com 6 redirects contextual.media.net
6 pr-bh.ybp.yahoo.com 2 redirects us-u.openx.net
6 cs.media.net contextual.media.net
6 medianet-match.dotomi.com 6 redirects
6 qsearch-a.akamaihd.net ominous.app
5 rtb.mfadsrvr.com 5 redirects
5 pm.w55c.net 5 redirects
5 gum.criteo.com 1 redirects contextual.media.net
s.nitropay.com
5 tpc.googlesyndication.com s.nitropay.com
4 acdn.adnxs.com s.nitropay.com
4 token.rubiconproject.com 4 redirects
4 googleads.g.doubleclick.net s.nitropay.com
ominous.app
pagead2.googlesyndication.com
4 prebid.media.net browser.sentry-cdn.com
4 bidder.criteo.com browser.sentry-cdn.com
4 ggsoftware-d.openx.net browser.sentry-cdn.com
4 fastlane.rubiconproject.com browser.sentry-cdn.com
4 btlr.sharethrough.com browser.sentry-cdn.com
4 d1yq13nlsgs4vq.cloudfront.net ominous.app
3 aax-eu.amazon-adsystem.com 2 redirects
3 stags.bluekai.com 3 redirects
3 dis.criteo.com 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 ad.turn.com 3 redirects
3 sync.go.sonobi.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 warp.media.net s.nitropay.com
3 www.google-analytics.com s.nitropay.com
browser.sentry-cdn.com
www.googletagmanager.com
3 securepubads.g.doubleclick.net s.nitropay.com
browser.sentry-cdn.com
2 stx-match.dotomi.com 2 redirects
2 match.sharethrough.com
2 api2.amplitude.com browser.sentry-cdn.com
2 static.criteo.net s.nitropay.com
browser.sentry-cdn.com
2 sync-dmp.mobtrakk.com 2 redirects
2 c21lg-d.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 www.google.com ominous.app
s.nitropay.com
2 s.nitropay.com ominous.app
2 ominous.app ominous.app
1 ups.analytics.yahoo.com
1 secure.adnxs.com 1 redirects
1 mug.criteo.com
1 px.ads.linkedin.com ominous.app
1 inv-nets.admixer.net 1 redirects
1 hbx.media.net contextual.media.net
1 s0.2mdn.net ominous.app
1 www.googletagservices.com s.nitropay.com
1 www.google.ca ominous.app
1 adservice.google.com s.nitropay.com
1 adservice.google.ca s.nitropay.com
1 partner.googleadservices.com s.nitropay.com
1 stats.g.doubleclick.net browser.sentry-cdn.com
1 beacon-iad2.rubiconproject.com ominous.app
1 cdn.amplitude.com s.nitropay.com
1 kit.fontawesome.com ominous.app
1 cdn.jsdelivr.net ominous.app
1 code.jquery.com ominous.app
1 browser.sentry-cdn.com ominous.app
301 78
Subject Issuer Validity Valid
ominous.app
Amazon RSA 2048 M02		 2023-03-24 -
2024-04-21		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-16 -
2024-04-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.sharethrough.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-10 -
2023-08-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
cdn.amplitude.com
Amazon RSA 2048 M01		 2023-01-12 -
2024-02-11		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh

This page contains 47 frames:

Primary Page: https://ominous.app/
Frame ID: 36C9B7E879FA004A48693E9A3E6FB52E
Requests: 123 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/zrt_lookup.html
Frame ID: 2F3269472F351FCDC2180020057DF387
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUP40XRI&ydspr=1
Frame ID: D978234B2D5BDC003F38112D498C6AB6
Requests: 4 HTTP requests in this frame

Frame: https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Frame ID: 7D85E9DAA5A75998A81A7BFDFA1EDA4A
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUP40XRI&ydspr=1
Frame ID: 9E8E5979347247BEFBA6EEB9768707A3
Requests: 3 HTTP requests in this frame

Frame: https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Frame ID: 8395C9D0F7B31CC7B16CA7FD443D7919
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjK6uffATAB&v=APEucNWJuR9fjUxhSrrV_5DILQRv23ABT_7fd1XFglcW2gZtRqncwkimPCxKlafAJdy_BIoEfpLwl9rznD8Bp1ebYN2JJae9v8whortbNVnymGaO5x5_upc
Frame ID: D12FCAD4DCFCB53E30EEA1AAE5CACC9B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4D2ABCF54C0CA5C718633B7BF316C2D8
Requests: 16 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUP40XRI&ydspr=1
Frame ID: DE1DB548BB063A26C7F3BC93A346BDEB
Requests: 4 HTTP requests in this frame

Frame: https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Frame ID: A44207A268BD7CFE06DC338EA8F64D52
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349221451208&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzaga8fOnRrolnfOur8Na&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Frame ID: 910614BE5A835A539429D2FC0079DC7D
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 285F53E4FC29D2C60AA3DAB6DA3BBD36
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1683805479985610&output=html&adk=1812271804&adf=3025194257&lmt=1682592350&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fominous.app%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682592349690&bpp=15&bdt=764&idt=366&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3573869413373&frm=20&pv=2&ga_vid=214094548.1682592350&ga_sid=1682592350&ga_hid=90374483&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759927%2C44759876%2C42532186%2C44759837%2C31071756&oid=2&pvsid=4238634670886990&tmod=938395734&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=417
Frame ID: 3707C9D61CDCD8935E64E3BBD18B62A5
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349524731568&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=smm_migration_test&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&perf=1&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Frame ID: 888EA71EF11C4BC17CDCA1D0F9D72710
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: F9287FEB82044A09AA4844E44374F1B4
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349382299116&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=566751162&size=728x90&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=TRK6718&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=Business%20Searches&isid=21&allsc=QC
Frame ID: 4F61E2D0D1325842A41CCF2DB0416C0A
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: D0B66DB43A859F07730805CAB9E1C2BC
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 9D586BAB5AB9AA57A7889D47625B4B10
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923502433255939501455192000V10&ovsid=970314639146934161
Frame ID: 4782187369AD3E1C3C3581B6CA87C866
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3DPM_UID
Frame ID: 6B21D609B424E203F0B0DBD2C148A510
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca
Frame ID: 40CA35FBBB339D1FAC6245D81C233AC3
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: BF3D0D27BCAC41003B64C3BB678CF2B3
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923503183255939501455192000V10&ovsid=970314639146934161
Frame ID: 57BD8388B1773D793E28CA4BEB192832
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3DPM_UID
Frame ID: 695302F3AEC53FCF6F758143C85BB14A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 26EB1BBFE41C4F5507A756AD20382AD9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 0EC96579E0BA15BDBA944CAB4B922C5D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923504633255939501455169000V10%26ovsid%3DPM_UID
Frame ID: E53A2AB582720D46857F9B92A82A41AB
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ominous.app
Frame ID: 629E83687B75633F283927776BBDF16C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 10FBF5C6E70F075892A53AABCCD1AFFE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B8F6C60FA5C34B79AF4EF7CD6D1B591
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: C97737F88F26AFA19B700E6B6C114CAA
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F2A5AA8FE3A405A995FC52E2408B1734
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 87AFCB41F5CE8CDCAAA5E659F3C5C45B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9FCE86810B942392450528903055BFEF
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C4E3F4740C45B0D54AA685EBA325BF42
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Frame ID: D7DB91BA290A9061D7E2990536D24305
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 1649A4DF43617B94C0095A0FEA1AF5A3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: A808A9C0F97B5508688B7940C616E4CA
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Frame ID: 4EACC84CDA9F7AB846E99108565EB185
Requests: 7 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Frame ID: 534662D2FB7641BD0E8EAA1E834B1749
Requests: 7 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Frame ID: 56C418D5E50BB1073FDF0C866EDBA7FA
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7838D75BE34FFCF95E912974701E5C7F
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 1348224BBF5F2537CF2723B808373F3B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923551533255939501455169000V10%26ovsid%3DPM_UID
Frame ID: EE302A9B56F39B9C970EDFFC4B95238E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923552143255939501455169000V10%26ovsid%3DPM_UID
Frame ID: AF6E7C3C661D414ED0D114F2354C3FF7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923552333255939501455169000V10%26ovsid%3DPM_UID
Frame ID: F44CED9B635775A0C38DC04464AC8B75
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923552473255939501455169000V10%26ovsid%3DPM_UID
Frame ID: 436B25FC7CC219310E7AE059F46E9851
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ominous

Page URL History Show full URLs

  1. http://ominous.app/ HTTP 307
    https://ominous.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • livewire(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

301
Requests

80 %
HTTPS

46 %
IPv6

44
Domains

78
Subdomains

52
IPs

3
Countries

4276 kB
Transfer

7466 kB
Size

67
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ominous.app/ HTTP 307
    https://ominous.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 152
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 153
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Drkt%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923502433255939501455192000V10&ovsid=970314639146934161
Request Chain 155
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923502433255939501455192000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923502433255939501455192000V10&ovsid=decfe44b-5937-452b-a2bb-10acb393241f
Request Chain 156
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dcon%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=21f695bf234f21c6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dcon%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=con&refUrl=&vid=25923502433255939501455192000V10&ovsid=AAAL_7OAqxJrjwNRzPCUAAAAAAA&expiration=1682678750&is_secure=true
Request Chain 157
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dopx%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=opx&refUrl=&vid=25923502433255939501455192000V10&ovsid=1992e179-10b1-4921-ab48-6392dc699f26
Request Chain 158
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3D%5BRX_UUID%5D&cb=1682592350385 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2518602974 HTTP 302
  • https://sync.1rx.io/usersync/turn/4302964438783897919?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3DRX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzI1NTkzOTUwMTQ1NTE5MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
Request Chain 160
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=dxu&refUrl=&vid=25923502433255939501455192000V10&ovsid=ina472NS1PRZ8i5
Request Chain 161
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=103ae0e6-45fe-416f-ab05-f9a3783bd017
Request Chain 162
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-rlFPAvpE2pmb9gXNPyxkXjVhnAVzkgvOOdlKCw--~A&expires=5&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 163
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dzem%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=Q-Hu3qFbH4RyVP4Uyuff&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKRFVEHKM3RIZREQNCSPFLFANCVPF2WMZTIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TAMRUGMZTENJVHEZTSNJQGE2DKNJRHEZDAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCOJSGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKRFVEHKM3RIZREQNCSPFLFANCVPF2WMZTIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TAMRUGMZTENJVHEZTSNJQGE2DKNJRHEZDAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCOJSGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=Q-Hu3qFbH4RyVP4Uyuffhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923502433255939501455192000V10&vsid=3255939501455192000V10
Request Chain 164
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3255939501455192000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3255939501455192000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
Request Chain 165
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
Request Chain 169
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzI1NTkzOTUwMTQ1NTE5MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
Request Chain 171
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Drkt%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923503183255939501455192000V10&ovsid=970314639146934161
Request Chain 172
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fde49070-57cc-47c7-a65f-ec13d9c20caa
Request Chain 173
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param%3De35e5ce0-4b68-439d-baef-b7d94ee737e1%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=f4131b475de143d6800932f1544bfb7f&ssp=medianet&bsw_param=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&consent=&gdpr_pd=1&expires=7 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent=&gdpr_pd=1
Request Chain 174
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3255939501455192000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3255939501455192000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
Request Chain 175
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
Request Chain 177
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923503183255939501455192000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923503183255939501455192000V10&ovsid=c8589067-49cb-4863-99e8-aa602eafc634
Request Chain 178
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dcon%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=282c157121a121c6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dcon%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=con&refUrl=&vid=25923503183255939501455192000V10&ovsid=AAAL_7OAqxJrkANVbnJaAAAAAAA&expiration=1682678750&is_secure=true
Request Chain 179
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dopx%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=opx&refUrl=&vid=25923503183255939501455192000V10&ovsid=1992e179-10b1-4921-ab48-6392dc699f26
Request Chain 180
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3D%5BRX_UUID%5D&cb=1682592350463 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3835280182 HTTP 302
  • https://sync.1rx.io/usersync/turn/4230906844745969983?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3DRX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
Request Chain 181
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=dxu&refUrl=&vid=25923503183255939501455192000V10&ovsid=ina472NS1PRZ8i5
Request Chain 182
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dzem%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TAMZRHAZTENJVHEZTSNJQGE2DKNJRHEZDAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCOJSGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TAMZRHAZTENJVHEZTSNJQGE2DKNJRHEZDAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCOJSGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923503183255939501455192000V10&vsid=3255939501455192000V10
Request Chain 189
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 190
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fde49070-57cc-47c7-a65f-ec13d9c20caa
Request Chain 191
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=medianet&bsw=e35e5ce0-4b68-439d-baef-b7d94ee737e1 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=medianet&bsw=e35e5ce0-4b68-439d-baef-b7d94ee737e1&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NWE3MDMwZjc1MjE4MmJiOQ&gdpr=0&gdpr_consent=&us_privacy=&ssp=medianet&bsw_param=e35e5ce0-4b68-439d-baef-b7d94ee737e1 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 192
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
Request Chain 194
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=son&refUrl=&vid=25923504633255939501455169000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=son&refUrl=&vid=25923504633255939501455169000V10&ovsid=c8589067-49cb-4863-99e8-aa602eafc634
Request Chain 195
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Dcon%26refUrl%3D%26vid%3D25923504633255939501455169000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=6a3291e248372397&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Dcon%26refUrl%3D%26vid%3D25923504633255939501455169000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=con&refUrl=&vid=25923504633255939501455169000V10&ovsid=AAAL_7OAqxJrlQNoBwqVAAAAAAA&expiration=1682678750&is_secure=true
Request Chain 196
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923504633255939501455169000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1970222864 HTTP 302
  • https://sync.1rx.io/usersync/turn/4375022032821825855?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3DRX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzI1NTkzOTUwMTQ1NTE2OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
Request Chain 198
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923504633255939501455169000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=dxu&refUrl=&vid=25923504633255939501455169000V10&ovsid=ina472NS1PRZ8i5
Request Chain 199
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Dzem%26refUrl%3D%26vid%3D25923504633255939501455169000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TANBWGMZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBZEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TANBWGMZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923504633255939501455169000V10&vsid=3255939501455169000V10
Request Chain 200
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3255939501455169000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
Request Chain 218
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&gdpr_consent=1---&khaos=LGZ01HYR-17-DMTG HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LGZ01HYR-17-DMTG&gdpr_consent=1---
Request Chain 223
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3667a4d2-74f0-4697-8852-71ce6e0827e8&gdpr=0&gdpr_consent=&expires=30
Request Chain 224
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=92FWyOYCQD-awuWlNW9-lw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=92FWyOYCQD-awuWlNW9-lw&gdpr=0
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPafdzw9F4Las9ooFtooqQ4&google_cver=1
Request Chain 226
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGZ01HYR-17-DMTG&gdpr=0&us_privacy=1---
Request Chain 227
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWE2NWM0MjgzMzU2MmZmMDVmMjY0YWM2ZDFjMWM4MGUwMGE4ODYwYQ&gdpr=0&us_privacy=1---
Request Chain 228
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdaMDFIWVItMTctRE1URw==&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEMaqdSWo37nIDLjAz0h838k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdaMDFIWVItMTctRE1URw==&google_push=&gdpr=0
Request Chain 229
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FWQ42qI2T8GdyYichqAnCA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FWQ42qI2T8GdyYichqAnCA&gdpr=0
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/d3Lmpvxj9gHGYlL9TbTNAMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DvQUA_1E2oKtxmJMz0SFHvA7qhi5acn78viB2A--~A
Request Chain 240
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ominous.app&sn=ChromeSyncframe&so=0&topUrl=ominous.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=LM83m3xVZjlzY3ZaR01ITFBhZTFaSnZ0Z3RWL0REdG1Wczd6YW9Ld0htTTFxcGtkdzAyeU5aTDhaYnFmc0drRUZIQnM5bFczeGJDWFM1dnAreGlHTTJmVkR5WGhHQnRBY08vMG1oY0plZkV0aFpLc2Y2SGh1cGxrQlB2RTdCb2RJQ1JZdVp1WDBNaWVXWU4vQy9Xdm5YK21YQU5UdzZCaEhOR29mOFB5cXB1QW4za2pneUVHYldqZklHbUs3djNISmk4NVpFSWc5d1VXMjNHQTE3M3ZEQ1ZjM21UVFVnWnVZZm1oV2NUOXdYOFg4QU4reEVSSzlhUXMvNGkxNzlINXZoRWROSTdsa250YUJVMnkyejFwQmx4U3Y5Zz09fA&cppv=2
Request Chain 270
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6157626493583308704
Request Chain 272
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=2360c84e-2ac0-4d74-b867-65a1b42fb132&gdpr=0&gdpr_consent= HTTP 302
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=3fca88de6e552397&is_secure=true&networkId=44410&version=1&nuid=2360c84e-2ac0-4d74-b867-65a1b42fb132&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAL9QsExC16sQMc5iPPAAAAAAA&expiration=1682678754&nuid=2360c84e-2ac0-4d74-b867-65a1b42fb132&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 273
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAF0ZbVagA9 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAF0ZbVagA9&_test=ZEpSYwAF0ZbVagA9
Request Chain 276
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
Request Chain 279
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAAASTVawA9
Request Chain 282
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
Request Chain 285
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAFzP6W2wBS HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAFzP6W2wBS&_test=ZEpSYwAFzP6W2wBS
Request Chain 288
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
Request Chain 291
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAFz5yXBABS HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAFz5yXBABS&_test=ZEpSYwAFz5yXBABS
Request Chain 294
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
Request Chain 299
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dzem%26refUrl%3D%26vid%3D25923551533255939501455169000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMJVGMZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMJVGMZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923551533255939501455169000V10&vsid=3255939501455169000V10
Request Chain 302
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dzem%26refUrl%3D%26vid%3D25923552143255939501455169000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMRRGQZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMRRGQZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA
Request Chain 306
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dzem%26refUrl%3D%26vid%3D25923552333255939501455169000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMRTGMZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMRTGMZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923552333255939501455169000V10&vsid=3255939501455169000V10
Request Chain 308
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dzem%26refUrl%3D%26vid%3D25923552473255939501455169000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMRUG4ZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMRUG4ZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA

301 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ominous.app/
Redirect Chain
  • http://ominous.app/
  • https://ominous.app/
364 KB
366 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.20.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-20-13.bos50.r.cloudfront.net
Software
/
Resource Hash
52fa6c0342e3edfd31e1234a553feac943c7959dd116737f8de7caac00707111

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, private
content-length
372701
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:48 GMT
via
1.1 25e6964e87f4ccdf053659e841a259ba.cloudfront.net (CloudFront)
x-amz-apigw-id
ECHOeE9SoAMF4AA=
x-amz-cf-id
8gXNDsjaUNhoZwihYenHNfH00MacwfpjXyMQOYZRe6PEmlupSYhVHA==
x-amz-cf-pop
BOS50-C3
x-amzn-remapped-date
Thu, 27 Apr 2023 10:45:48 GMT
x-amzn-requestid
182ba56f-dd43-46e3-a5a7-17dac778c8ab
x-amzn-trace-id
Root=1-644a525c-5cf102aa6da5e98035d3912f;Sampled=0;lineage=b9495bee:0
x-cache
Miss from cloudfront

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://ominous.app/
Non-Authoritative-Reason
HSTS
bootstrap.css
d1yq13nlsgs4vq.cloudfront.net/aae7eaf1-8e1f-4c02-b058-9dee647bf1bb/css/ 		157 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1yq13nlsgs4vq.cloudfront.net/aae7eaf1-8e1f-4c02-b058-9dee647bf1bb/css/bootstrap.css?id=bd49d416de71181515020e8dcb745ace
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ea:9200:1f:50c5:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25a67bff61c8945e6907faa5aa4f4a115b0cfb26a05ab1c66e3d88f8e11185db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 04:55:07 GMT
content-encoding
br
via
1.1 450997492b27c3075eae0b294c536b04.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 01:53:07 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C1
age
1317043
etag
W/"bd49d416de71181515020e8dcb745ace"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000
x-amz-cf-id
JBztE7idOsoN0-VPnfqVnt20Tps1nbsT6dJIQ3yr5JeubBmCLyjK6w==
expires
Fri, 12 May 2023 01:41:57 GMT
app.css
d1yq13nlsgs4vq.cloudfront.net/aae7eaf1-8e1f-4c02-b058-9dee647bf1bb/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1yq13nlsgs4vq.cloudfront.net/aae7eaf1-8e1f-4c02-b058-9dee647bf1bb/css/app.css?id=2a530f0a5f3ddcc2e3045a927c2d1ba1
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ea:9200:1f:50c5:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da53c4eb5325ad3a0130f2bc5729bd147c606989319b9a4c1ed4f49d2ea0b501

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 04:55:07 GMT
content-encoding
br
via
1.1 450997492b27c3075eae0b294c536b04.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 01:53:07 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C1
age
1317043
etag
W/"2a530f0a5f3ddcc2e3045a927c2d1ba1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000
x-amz-cf-id
eXWwmg5HTBY-J1gCY2RiAdzeZqhAtOMIQmNR2ijE-ODIwGQuyOpmBA==
expires
Fri, 12 May 2023 01:41:57 GMT
ads-1491.js
s.nitropay.com/ 		378 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ads-1491.js
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ae93202d8c89fc5828f070d7c24b7855680d7b838d4ae61bacf60b9a871a91
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1681500715
age
42119
x-guploader-uploadid
ADPycdt6Vt_dSX4cJlEORueQa_d09-tv2J8tOr9NdPzw1ZY8wuHC7SMt6r-dqRvJ0mUIasCl5e0yxktWHU3w4BlbMae8oLaDKav1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Apr 2023 22:52:46 GMT
server
cloudflare
etag
W/"3601bdecf226fcdf8dccf0b2454eb741:1682549566000"
vary
Accept-Encoding
x-goog-generation
1681500719132388
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=1r2+4g==, md5=NgG97PIm/N+NzPCyRU63QQ==
access-control-expose-headers
Content-Type
cache-control
private, max-age=600
x-goog-stored-content-length
385079
cf-ray
7be67a65c8173400-YUL
expires
Thu, 27 Apr 2023 10:59:44 GMT
oap-box-logo.jpeg
d1yq13nlsgs4vq.cloudfront.net/aae7eaf1-8e1f-4c02-b058-9dee647bf1bb/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yq13nlsgs4vq.cloudfront.net/aae7eaf1-8e1f-4c02-b058-9dee647bf1bb/images/oap-box-logo.jpeg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ea:9200:1f:50c5:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
815bf85c1e383b740cc7486270f1f2221c344edf321d265094dff90c9952aaf9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 04:55:08 GMT
via
1.1 450997492b27c3075eae0b294c536b04.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C1
age
1317042
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46847
last-modified
Wed, 12 Apr 2023 01:53:09 GMT
server
AmazonS3
etag
"44ac625deda33486cb513a4b164e0d7a"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oJUsm_NHgT1b64pdHHhJ9ZWIYn0z-ff5dxNzaZodoRLcR4vkrWJl1g==
expires
Fri, 12 May 2023 01:41:57 GMT
gtm.js
www.googletagmanager.com/ 		126 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T44B8Q9
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0b70655251edb5aa4cc05eea1fe799e76b393ec6727d723d9a8ae3051988a85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49510
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Apr 2023 10:45:49 GMT
IMG_1735.jpg
d3bpzgarlwg4yy.cloudfront.net/Photo/531214/image/thumb/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531214/image/thumb/IMG_1735.jpg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29728f8e1e55338657b77672ea52ff27b8a45b6a8fa9ff222fae2bc8998b593c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 20:09:45 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"fa17bde8ae9a0fcd57a379d716755c29"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
19421
x-amz-cf-id
eQ_E-0uCublFjU_Aorpo3_sRWxSs1v7I4gYKn6-k8pmnQboeEUdyCg==
IMG_5568.jpeg
d3bpzgarlwg4yy.cloudfront.net/Photo/531111/image/thumb/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531111/image/thumb/IMG_5568.jpeg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93d166e72368ff382a0b005f5cc7d3533085caa1dab4d48440da106f053381dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Mon, 17 Apr 2023 00:10:05 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"dfae369d36c21c4e9b3dafc9687c04e9"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
41430
x-amz-cf-id
2FIoaSdOwNIKzY68cdgQ4OsWHaMAbbPqwgGlKBuf7V8BUsp8j3toxg==
IMG_5534.jpeg
d3bpzgarlwg4yy.cloudfront.net/Photo/531092/image/thumb/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531092/image/thumb/IMG_5534.jpeg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4ad9051c15c81f9f014c203738c0fb3701f33e463112ec065aba9c162703c0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sun, 16 Apr 2023 21:58:13 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"e95005e537dc044cf4c3a42db973fe1d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
27394
x-amz-cf-id
Kf2WZgcfmITchYWObWwDjzZqcds5QpTqYMR1OT06UD5e_QGbxrIFFA==
IMG_5513.jpeg
d3bpzgarlwg4yy.cloudfront.net/Photo/531080/image/thumb/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531080/image/thumb/IMG_5513.jpeg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39c8b9a639e49d4c420d87dd1184287e428e2a0645f3c6253537e0ec1a1c2959

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sun, 16 Apr 2023 21:14:01 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"07b8306852ccbdf066b6b7506893c1e5"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
22734
x-amz-cf-id
9VciGN0cD3qP60YyXYT5p-7fFtUfwr07dl96R85mfSdMG6pfdUeUkg==
IMG_5425.jpeg
d3bpzgarlwg4yy.cloudfront.net/Photo/531014/image/thumb/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531014/image/thumb/IMG_5425.jpeg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dc185dae8339f3c53b088691da23bea8e6accb3940cec93d38ec314075069dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Thu, 13 Apr 2023 05:35:42 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"396fe8d1f16a5234beeff527acdd10d6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
28857
x-amz-cf-id
qxrunojyC5xHeiGZqKSMPfJm7umiG1fPzHyegQhIOEi7aiROqJbKFg==
SUNP0008.JPG
d3bpzgarlwg4yy.cloudfront.net/Photo/531300/image/thumb/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531300/image/thumb/SUNP0008.JPG
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc2a917f87a4db33d788b8767100c0ef069475bcf7fe110c3c3c31957b09b37e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sat, 22 Apr 2023 02:01:56 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"c77ced94024d1ff0a4c68b60e06c912b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
19457
x-amz-cf-id
D4-re12pYFPe17s2_LGBEvEJPVan3W4Qe6gsIZZO6cgh__DnA4P-4w==
001.jpg
d3bpzgarlwg4yy.cloudfront.net/Photo/531222/image/thumb/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531222/image/thumb/001.jpg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cbe69d2e86edc73000bee3b03f7e875bc70ca329f757c7437bdf2e2da9d3d32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 21:53:30 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"f287b74c0da4dd7559bfe499dd8adb37"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
17744
x-amz-cf-id
lgajxF32cvx2zTRhpxY6-MM2kdQeC7cGj6gUJnsdaQ7qrLMYcty_vg==
IMG_1755.jpg
d3bpzgarlwg4yy.cloudfront.net/Photo/531221/image/thumb/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531221/image/thumb/IMG_1755.jpg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cada596dd75eef62d25159fc6031e138beefc20b13d10cf35fc22ea2a67d011

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 20:13:46 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"85209fae890e966f99bf0460e40b5c2d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
39849
x-amz-cf-id
ahJIlxrPeJSfOqHVe7OPPYyuhCw-OBazy82Zgklpgrb87bmDPUDe8A==
DSC09981.jpg
d3bpzgarlwg4yy.cloudfront.net/Photo/531202/image/thumb/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531202/image/thumb/DSC09981.jpg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6564795e8a033073ea7a23b58d8abc54f27eb9e5c1cff0d7aa4a5b16eb66607

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 19:32:54 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"37dea703a74d52160746093bc18fc6c5"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
24904
x-amz-cf-id
2R1H_fIdwkksxwIjctmpwq_cKqUFo49wz7G0IYabRRCTOuEe2bts2Q==
abandoned-golf-course-and-irish-pub-urbex-3-1000x667.jpeg
d3bpzgarlwg4yy.cloudfront.net/Photo/531176/image/thumb/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/Photo/531176/image/thumb/abandoned-golf-course-and-irish-pub-urbex-3-1000x667.jpeg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ac607afaa76f8d64e91dabf12f3f424e0b48f0e3ce3a54e0bfba3a327ddedde

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 19:01:36 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"7e68bb92db3eedb90754864f05c42dd6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
28291
x-amz-cf-id
mOfst0G7YD7X5j_Gg3xEJzqCajqiMY-A95ii0yZvyRiHfgWrtg8K8g==
tatata.png
d3bpzgarlwg4yy.cloudfront.net/User/35044/profile_image/medium/ 		245 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/35044/profile_image/medium/tatata.png
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99833e5fff02de17ea428c508bce20fedb8733b0ffb14d4426db0861ff08ea9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 06:19:36 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"50404e8174738b9fef2cb2065e687e3f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
250612
x-amz-cf-id
VMthdgdsElGe0YifoVbvAlwmaKSOoRuF8_ABNXk32YMCo4NLX5jm5w==
IMG_7707.jpeg
d3bpzgarlwg4yy.cloudfront.net/User/34983/profile_image/medium/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/34983/profile_image/medium/IMG_7707.jpeg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6dd5816afe651c313a26e19ebaedf4aede28a8c295911f0108429952edd1f2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Mon, 17 Apr 2023 16:01:34 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"34d1ec6464ad6a0d6d8fb85e006cdcad"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
58387
x-amz-cf-id
Pp6_xGG5AU9XAluYsNs35_LeIsbTkDWBu3kOziqPButez0LbSb8ldA==
5beb12cb04ae249af7356dbf396a159a.jpg
d3bpzgarlwg4yy.cloudfront.net/User/33850/profile_image/medium/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/33850/profile_image/medium/5beb12cb04ae249af7356dbf396a159a.jpg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d023bbb00a2528347212ed9c1c580fd5f31ca212f128e72476b5528ec06e888

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 06:19:24 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"ef0db962a3472c6e19d5a002b0ad49d4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
17259
x-amz-cf-id
-aXCPBl7mQMHezQQghvKrq95COSEDmMrglo0cJwLJ31Y8XkX7wv5CQ==
81512F46-5C52-4738-895A-C5E505C24046.jpeg
d3bpzgarlwg4yy.cloudfront.net/User/33631/profile_image/medium/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/33631/profile_image/medium/81512F46-5C52-4738-895A-C5E505C24046.jpeg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd02ed94d7c92a0c79025342fe86df3c4a9bfb6adf8ddbab618b1419beaec075

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 06:19:22 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"9af5c2d96dd7d74204a0b32076489d8d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
24854
x-amz-cf-id
VNrw8T_MiJHRl00Zq2YqOhhX-FxD_IFKuJTyus-kkHtvf_OV8XuxpA==
IMG_0285%25282%2529.JPG
d3bpzgarlwg4yy.cloudfront.net/User/30584/profile_image/medium/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/30584/profile_image/medium/IMG_0285%25282%2529.JPG
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4d320a57b838ff6f61323e28b051f107c16e13793c0d3613d2e487512b2fc00

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 08:17:30 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"40a656e135765b37d33df18e7fc586ff"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
24323
x-amz-cf-id
tDy2ZvVTdK9uoSSCQmisA3ovK9FH05jtWD8RE9O-SI3z-5x_YfUoVA==
Screen+Shot+2021-01-05+at+10.10.48+PM.png
d3bpzgarlwg4yy.cloudfront.net/User/26724/profile_image/medium/ 		426 KB
427 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/26724/profile_image/medium/Screen+Shot+2021-01-05+at+10.10.48+PM.png
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cff87bf6407e8d31ab936375d461f9d767aca01ec897d737ba7ccc9acb6f226

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 06:19:16 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"0b2c353a70bc3e5e7facc6846f0070e6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
435954
x-amz-cf-id
Naafv-c17vRWwuub09xicXmKxFtc2-9Wqwx24hfSR_2Z7mAV5jEZag==
Badger-Remmy-JEP_9538.jpg
d3bpzgarlwg4yy.cloudfront.net/User/37252/profile_image/medium/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/37252/profile_image/medium/Badger-Remmy-JEP_9538.jpg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9674973f183b8ec873a8e3a7efd9b16eaca142ea10158ea17b901cc36c89799e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Apr 2023 21:01:49 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"a6a9b0dd875d749f94905aad685492f3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
42668
x-amz-cf-id
i0jHVbs584e2eU4IlAqMa0FSO31Tu0JHkuxTHiJYO_ek-mC_78InEw==
IMAG2355.jpg
d3bpzgarlwg4yy.cloudfront.net/User/3409/profile_image/medium/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/3409/profile_image/medium/IMAG2355.jpg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e59a0601cb4a680806291644b9c249ea27aec282ce9d37a1ffdec86dbcbf092

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Fri, 07 Apr 2023 19:41:36 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"adae03a9840d3febb528f2d0f9833377"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
42680
x-amz-cf-id
zaCvh9X9_-hicUgQVUkdLDaPEA8WdlBXXvkqqiBEEBoZ3t-_k47nVQ==
user_not_found.png
d1yq13nlsgs4vq.cloudfront.net/aae7eaf1-8e1f-4c02-b058-9dee647bf1bb/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yq13nlsgs4vq.cloudfront.net/aae7eaf1-8e1f-4c02-b058-9dee647bf1bb/images/user_not_found.png
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ea:9200:1f:50c5:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa8aced0472d3200c2c3861fcc40fc0f3dea3f493cc2bd82bc20292d1dd5937a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 450997492b27c3075eae0b294c536b04.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 01:53:10 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C1
etag
"00120341f35240efa6d91803fba94d25"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3231
x-amz-cf-id
DonIx34i8hvrPT5XwljJKv_xucmLWeE7kzKM2XszGXAF4N6JXVL38A==
expires
Fri, 12 May 2023 01:41:57 GMT
cat.jpg
d3bpzgarlwg4yy.cloudfront.net/User/36722/profile_image/medium/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/36722/profile_image/medium/cat.jpg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15ab566cb3d318fee2f94510a0051a324d2172fb84b1b37c8a6d4ab6405d1c32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 06:19:38 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"bf0ec4e2d96d245e7e3426941915b444"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
11433
x-amz-cf-id
GjrZTLciLy7EItnk2JJxegZyeth-44Tc_ywhT4eHemnBBsG9yr_oAQ==
autumn+burning+-+Copy.jpg
d3bpzgarlwg4yy.cloudfront.net/User/34132/profile_image/medium/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/34132/profile_image/medium/autumn+burning+-+Copy.jpg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
597e63e22463bcac39dee83409cf10bef8a08b120ae6e450f3c1d0efec53cd5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 06:19:26 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"40d106a592deabc99f9ae4b4deb5ecf9"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
52893
x-amz-cf-id
mfPJvOU4bqMdLcXrwbHa1SNS9i8pKmGeDhnOAiYmdeov0VHtxkNgmA==
unknown-64.png
d3bpzgarlwg4yy.cloudfront.net/User/33837/profile_image/medium/ 		318 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/33837/profile_image/medium/unknown-64.png
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94ae5b917865d0f7473dac47e4d0e9a30e72228ffd8fb6c89e4ac3191031bfb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 06:19:23 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"a60077bbf0babe68784d5870538bcef1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
325356
x-amz-cf-id
fZk8mjqn_a_emeayHxyBKsOpmC8SbWcy95cmIhNawX6QgNjHjCPEMQ==
IMG_E2616.JPG
d3bpzgarlwg4yy.cloudfront.net/User/32739/profile_image/medium/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/32739/profile_image/medium/IMG_E2616.JPG
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24567c99fffbd97c227bc781582ae13ce1e374aaf229a167e26463d4a218b786

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 06:19:18 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"c3fcc7650d2c4c4da1d433d168673cdc"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
27527
x-amz-cf-id
kmV1gfNlTX69xsCnAEdlPKv6xvh9wjtzZffdWUkiIIZTqk4zGENddw==
IMG_2692.JPG
d3bpzgarlwg4yy.cloudfront.net/User/2478/profile_image/medium/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3bpzgarlwg4yy.cloudfront.net/User/2478/profile_image/medium/IMG_2692.JPG
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:2000:15:4410:4a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f447c190911cea10f1ed2d1eaf8284775a5eea16dd248a530463c0fcc486bb67

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 08:17:23 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
etag
"681881cad1c9808efc9086f805e59d62"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
21710
x-amz-cf-id
M84sPRqjoxKug2Bz8fKcns9vH7B-ad9Kc-Cp9TNZb6AjY2dcXzvSBQ==
bundle.min.js
browser.sentry-cdn.com/5.27.4/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b1905723ae988435adf5b9784b3aab1530fe9fe260d66552afe95e30234491a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ominous.app/
Origin
https://ominous.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 13 Nov 2020 11:02:35 GMT
server
Fastly
age
3132682
etag
"50e5265eef68ef86cd87a964d0d358a0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
19848
expires
Thu, 21 Mar 2024 04:34:27 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://ominous.app/
Origin
https://ominous.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d84"
vary
Accept-Encoding
x-hw
1682592349.dop002.dc2.t,1682592349.cds053.dc2.hn,1682592349.cds057.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/js/ 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2515e37eee31f5ef3d659b21dcc84dc6ea732b06872da51078b5b526de34c0c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ominous.app/
Origin
https://ominous.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Apr 2023 10:45:49 GMT
x-content-type-options
nosniff
content-encoding
br
age
1425356
x-jsd-version
5.2.0-beta1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24445
x-served-by
cache-fra-eddf8230137-FRA, cache-yyz4562-YYZ
x-jsd-version-type
version
etag
W/"1377e-a0uYWpCr16scLjX/O4dNB8+EEO4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
4a2799c42d.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/4a2799c42d.js
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f8f3383dca72606a49e4f9c8053ff9f94d7c78f2c0938057fd373e8b81020c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://ominous.app/
Origin
https://ominous.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7be67a65ac4f7151-YUL
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F1KpALck0MvcDlUT-b0B
livewire.js
ominous.app/livewire/ 		156 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ominous.app/livewire/livewire.js?id=c69d0f2801c01fcf8166
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.20.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-20-13.bos50.r.cloudfront.net
Software
/
Resource Hash
66909991487a411a536c226f3d2bd04b86d8ccd973b74ebe8773ae0c3809e191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 25e6964e87f4ccdf053659e841a259ba.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
159783
x-amz-cf-pop
BOS50-C3
x-amzn-requestid
9ada7a24-f629-4120-8ccc-f9e6fb8f41c5
x-cache
Miss from cloudfront
x-vapor-base64-encode
True
x-amz-apigw-id
ECHOlFZFoAMFSdg=
content-length
159783
last-modified
Wed, 12 Apr 2023 01:50:28 GMT
x-amzn-trace-id
Root=1-644a525d-38aacc7c4a74b20871488e04;Sampled=0;lineage=b9495bee:0
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amzn-remapped-date
Thu, 27 Apr 2023 10:45:49 GMT
x-amz-cf-id
LYAXFGzo4XZceDtqlJZyDwHI3leC4a2nOqWmOVEkQPT5pPfhxE392A==
expires
Sat, 27 Apr 2024 10:45:49 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe355fe68c0a1cba0112709fcc6ce36a8bc03950247919b8f6c5842311d93e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25065
x-xss-protection
0
server
cafe
etag
615 / 19474 / m202304200101 / config-hash: 17558908003494895573
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 10:45:49 GMT
analytics
tracker.nitropay.com/sites/1491/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/sites/1491/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly9vbWlub3VzLmFwcC8iLCJ2Ijo2NywiYSI6ZmFsc2UsInMiOnRydWV9
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
7be67a66da977133-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
free.min.css
ka-f.fontawesome.com/releases/v6.4.0/css/ 		100 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=4a2799c42d
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
2318945
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 21:29:21 GMT
server
cloudflare
etag
W/"5febfb939e2fc4ddf14fffae53b72cf0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsntckxnW%2F%2FjjpoDNK%2BH%2FP20zuaw5Pq5pxFonXPb9des4x2QyH7MrxodQUMp23d0I3yxCrxJDnPH8LtrhglKWiAbYi6aHofFnuWLkaVkCVY5ayxo9shcWbvomymFCNWIgIfQg%2Fwa3oaG889XvK55oY8v7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7be67a672d28434a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
aELZAudICxmaJR8LEJr3Y8sQ_np0Lpk2IbzU_3L2fssZ_kDQsM9yYw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.4.0/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=4a2799c42d
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
2318945
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
etag
W/"5193a6de5225940ae4ef5f7c82126be9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXEPk4YGNrBaeIC85xdJSlMshtx66aipozU7CikgKUi4OJ7S73mgVgfv1jAiCfwNCKsU%2Fx7FBrmpgQUBLlWpLzjeeI9X3mT4ejyaPz%2BuHYrV9mQ%2FIQiVgST4GQCvwiZkFT93otrrj7ul8krTQcfiOEOmog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7be67a672d2a434a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
MqNM1TMA5Enqak1XQosoz_HM5Z6reQsRFY_So0JsiHI0SKUCljFUwg==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.0/css/ 		823 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=4a2799c42d
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d144babd74738640f3133de675f5fa21c7fb58bfbd430dbd967ca813403afbfd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
2318945
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
etag
W/"5856e3f07fbc36fc4d430a95a577a87f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGZdsPI0IH6HG77223yqGu%2BhnT%2FnXYdzpn1YT9ywi7S1Ow%2FDAsO4VIC6IHJo5nWf91DTtA0Hl0u0wO4uA8g8Jgwf%2FsE9xa2Sl3QnSAS%2FdvwZxrf71N9y%2F0UBHZVOhSE9ra1lfwmi1Vmq4aoe178aieN%2FqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7be67a672d2c434a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
loipH3Jj-GhAnLYbhomWEjs05IwLIkxd99xIcsR92gl6qLo3cDe3jA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.0/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=4a2799c42d
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af59041c11cf929a2d34e75e190b5da8ef037bd0fbe81a863c3bdcf430dd6b76

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 c05b7ff061569d914bb28a2bfaa77d34.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
2318945
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
etag
W/"9e7f9f634ace089bcdacc3fcc5f23ce5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DRQ%2FNXoLntldSgjoucRblwcZrfJ%2Bvakqm9Ej6p6U%2FkYiUGCQ53a7X%2F0Y3GkajYeH7v731D3PnEXgysQj994LVrbOqdDAZiSZJqKSMplyCBgsFHsPeOqMufWLJCyYMZipdUKTngC0tza3hg7Wl%2BZSWn7sA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7be67a672d2d434a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
kVg6H5_V0uELWcVb_4d0VfMXWTQMN3zVBFytu7qTwtLBeOUCmF191A==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ominous.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ominous.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Apr 2023 10:45:49 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ominous.app
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		420 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-204-172.compute-1.amazonaws.com
Software
/
Resource Hash
3012ec62a232ce810a0e2fd7a33aa9eaf410c38f20a0ef1fa666b1881ef937e1

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ominous.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
311
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=167254&zone_id=803838&size_id=2&alt_size_ids=55&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,675,1,,,&eid_pubcid.org=0212b7bf-1236-4c36-92d1-d5140aa13e07%5E1&rf=https%3A%2F%2Fominous.app%2F&tg_i.pbadslot=layout-body-top-banner&tk_flint=pbjs_lite_v7.17.0&x_source.tid=e0a9ec87-e792-4f68-aecb-53dbd4a56e3e&l_pb_bid_id=66aa9f61cbfae3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=layout-body-top-banner&slots=1&rand=0.9087678060099356
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3b845976b6ea8ee74d0ce33b2c45b60ffe696a7bf77bcf22e52ffa02577423d6

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ominous.app
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
243a567864ca659fb15ae50d03e0d34c5023011fc1c1e9bcc12650bd97d98c66
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b0315bec-bc65-4223-acc1-1e1930e58f80
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ominous.app
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
ggsoftware-d.openx.net/w/1.0/ 		189 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ggsoftware-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fominous.app%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e0a9ec87-e792-4f68-aecb-53dbd4a56e3e&nocache=1682592349308&gdpr=0&us_privacy=1---&pubcid=0212b7bf-1236-4c36-92d1-d5140aa13e07&schain=1.0%2C1!nitropay.com%2C675%2C1%2C%2C%2C&aus=970x90%2C728x90&divids=layout-body-top-banner&aucs=layout-body-top-banner&auid=559258639
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
80df6a3c7ccb534a32950d97fac86291599cff889eced0b8ea1071737d88a0a7

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ominous.app
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=41049363265&lsavail=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 10:45:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ominous.app
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
prebid.media.net/rtb/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1cf77a7d678024f1ed1e39bf959f293ce73bc1791eaff5770e017013c7799b71

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ominous.app
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 27 Apr 2023 10:45:49 GMT
close2.svg
s.nitropay.com/assets/ 		305 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/assets/close2.svg
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
1423031
x-guploader-uploadid
ADPycduXsZU0ha_3AzMX675ev3BSDGeJzbmFJnWz3CWr897fLxtW56eFkUpJWM3i6oxp_TUxaHA15YwZBGKO5BwPDVc6Cw
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-meta-
last-modified
Wed, 08 Dec 2021 23:38:47 GMT
server
cloudflare
etag
W/"ca26e4a931ab434f475491bcab06132b"
vary
Accept-Encoding
x-goog-generation
1639006727668923
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=tLOOxQ==, md5=yibkqTGrQ09HVJG8qwYTKw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
305
cf-ray
7be67a6749d23400-YUL
expires
Fri, 26 Apr 2024 10:45:49 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ominous.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ominous.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Apr 2023 10:45:49 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ominous.app
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
arj
ggsoftware-d.openx.net/w/1.0/ 		190 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ggsoftware-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fominous.app%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=26680eef-96f6-4cb8-93d8-aad138be0246&nocache=1682592349335&gdpr=0&us_privacy=1---&pubcid=0212b7bf-1236-4c36-92d1-d5140aa13e07&schain=1.0%2C1!nitropay.com%2C675%2C1%2C%2C%2C&aus=970x90%2C728x90&divids=layout-body-bottom-banner&aucs=layout-body-bottom-banner&auid=559258639
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
cbadfe571e531b531c68616e22c283438074cb74a39853f7128bb5b8918f27c8

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ominous.app
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=31750437670&lsavail=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ominous.app
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
btlr.sharethrough.com/universal/ 		362 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-204-172.compute-1.amazonaws.com
Software
/
Resource Hash
cfb1f3be68745228aac54a7cbb67e1c144ebe9a2c1aa1dc0d6955a0062f824e8

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ominous.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
251
fastlane.json
fastlane.rubiconproject.com/a/api/ 		297 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=167254&zone_id=803838&size_id=2&alt_size_ids=55&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,675,1,,,&eid_pubcid.org=0212b7bf-1236-4c36-92d1-d5140aa13e07%5E1&rf=https%3A%2F%2Fominous.app%2F&tg_i.pbadslot=layout-body-bottom-banner&tk_flint=pbjs_lite_v7.17.0&x_source.tid=26680eef-96f6-4cb8-93d8-aad138be0246&l_pb_bid_id=24de486a08a5fa8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=layout-body-bottom-banner&slots=1&rand=0.3018893024259295
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
340a17cf576768c9a93d12af966a24aa40bf7cda378348b7e2b2a42f362ce608

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ominous.app
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
297
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a8c652d73dde99388bc8650ab5749b8d9c6814531604f7d7526d2d31dbc4e32

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ominous.app
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 27 Apr 2023 10:45:49 GMT
prebid
ib.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d0785a7dc13419fa639eb71734c2d2c117cc7e803dd9b65f2469ff331914422b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
45354eb3-da0d-4c70-b4fd-d1402a27bef0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ominous.app
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Apr 2023 09:58:20 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2849
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 27 Apr 2023 11:58:20 GMT
marketing-analytics-browser-0.3.2-min.js.gz
cdn.amplitude.com/libs/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/marketing-analytics-browser-0.3.2-min.js.gz
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.176.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-176-142.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0f1d9b5c9b7151831c1e446fcbb2404477bd954e75412742d37015abee69226

Request headers

Referer
https://ominous.app/
Origin
https://ominous.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 07:23:31 GMT
content-encoding
gzip
via
1.1 8ae4aa5623ecbc69a3f4af90ee8c3e74.cloudfront.net (CloudFront)
x-amz-version-id
leiYkLMZaatU9SucQg693eWISm_3v3De
x-amz-cf-pop
BOS50-C2
age
1999339
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23154
last-modified
Tue, 06 Dec 2022 00:10:14 GMT
server
AmazonS3
etag
"69351048dd74deb45d9f3d6ba0ae75e9"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
e7obSAEsip2JuQKzfKvx5fJOQjHD0CtQ3ICPRhgjoN0VUp8prrDanw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1683805479985610
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1c426ab3a7b8380db7caa561eeb035eb337165d484bbfd558fb16839ff9564d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47238
x-xss-protection
0
server
cafe
etag
9195308186311435826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 10:45:49 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VY926P02G8&l=dataLayer&cx=c
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25a874deccd45214477d1c9e31c777b4979aaecc24ef1b46cf360be4d7c624ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79124
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 27 Apr 2023 10:45:49 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ominous.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ominous.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Apr 2023 10:45:49 GMT
arj
ggsoftware-d.openx.net/w/1.0/ 		189 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ggsoftware-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fominous.app%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fc146e69-2199-4444-9b6d-1a4cc6086977&nocache=1682592349382&gdpr=0&us_privacy=1---&pubcid=0212b7bf-1236-4c36-92d1-d5140aa13e07&schain=1.0%2C1!nitropay.com%2C675%2C1%2C%2C%2C&aus=728x90%2C970x250&divids=landing-page-top-banner&aucs=landing-page-top-banner&auid=559258639
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e8b4b42691a681452804d0e5138ca5c6855678a896b7f1c24bc1896652e156de

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ominous.app
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		510 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-204-172.compute-1.amazonaws.com
Software
/
Resource Hash
16667fccea2590975061e0e4867a4ecfd6a5ab8983d99f95a3367402da1644c1

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ominous.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
315
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=167254&zone_id=803838&size_id=2&alt_size_ids=57&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,675,1,,,&eid_pubcid.org=0212b7bf-1236-4c36-92d1-d5140aa13e07%5E1&rf=https%3A%2F%2Fominous.app%2F&tg_i.pbadslot=landing-page-top-banner&tk_flint=pbjs_lite_v7.17.0&x_source.tid=fc146e69-2199-4444-9b6d-1a4cc6086977&l_pb_bid_id=34373bb30a15cf8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=landing-page-top-banner&slots=1&rand=0.931376160971326
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
372ac3b0e9bb9e6d313b3cbc8ee31392d29847de50e1472333f499f771fe9689

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ominous.app
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d80ceedd5d6efa890ef5c34d28de1b834a98598c8e37bc159f315c85766013e5

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ominous.app
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 27 Apr 2023 10:45:49 GMT
prebid
ib.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0a82535c73515e49d31db5612def9ceae21575236542f7976b742b17a10b4925
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
db79a5aa-a6d4-4822-9d47-b0d6e9da9330
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ominous.app
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ominous.app
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=69906891635&lsavail=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ominous.app
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ominous.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ominous.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Thu, 27 Apr 2023 10:45:49 GMT
prebid
ib.adnxs.com/ut/v3/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f5887cf38f7d6fb4e3abdd7512e5e7415a52f50447f096126a496b9c44096a53
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d786080e-6a6a-45b5-8e1d-3be22bd105d4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ominous.app
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		285 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=167254&zone_id=803838&size_id=2&alt_size_ids=57&gdpr=0&us_privacy=1---&rp_schain=1.0,1!nitropay.com,675,1,,,&eid_pubcid.org=0212b7bf-1236-4c36-92d1-d5140aa13e07%5E1&rf=https%3A%2F%2Fominous.app%2F&tg_i.pbadslot=footer-banner&tk_flint=pbjs_lite_v7.17.0&x_source.tid=29b4a585-dbb1-4892-9503-a0edd2c54607&l_pb_bid_id=4687ca2f7c1ed03&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=footer-banner&slots=1&rand=0.3946630474373207
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a49c64fad73d4340f7f2ffdec97df05f0c02ad8d1698ea39160fef82c6b3edf4

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ominous.app
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
285
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
ggsoftware-d.openx.net/w/1.0/ 		190 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ggsoftware-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fominous.app%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=29b4a585-dbb1-4892-9503-a0edd2c54607&nocache=1682592349456&gdpr=0&us_privacy=1---&pubcid=0212b7bf-1236-4c36-92d1-d5140aa13e07&schain=1.0%2C1!nitropay.com%2C675%2C1%2C%2C%2C&aus=728x90%2C970x250&divids=footer-banner&aucs=footer-banner&auid=559258639
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7ac7380d6bb5dcc80cde85b7baf833033176a08c7130fc58032b25c97b43d5c6

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ominous.app
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ominous.app
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		413 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-204-172.compute-1.amazonaws.com
Software
/
Resource Hash
58ff980a9e6d7689b3e00f781c9ae32f31e76890e4bb97293e216e3759c0f821

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ominous.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
316
cdb
bidder.criteo.com/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=18657152173&lsavail=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ominous.app
date
Thu, 27 Apr 2023 10:45:48 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
prebid
prebid.media.net/rtb/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU87559X
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b23239d1741ec7eacf76d99391c256d4d3b4fb1a65e34d21c9b785be1fd330c8

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ominous.app
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 27 Apr 2023 10:45:49 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 01:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
32116
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126587
x-xss-protection
0
server
cafe
etag
1883905843074567667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 26 Apr 2024 01:50:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		80 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ominous.app
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
190f31076226e975b0e611ac4c5e4326fe42625dcc6d163bfd56a982a11b1316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
x-xss-protection
0
expires
Thu, 27 Apr 2023 10:45:49 GMT
truncated
/ 		269 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7f6616ff5097caa73a55e5c35bc67907555a146a0b3d116202bd891a5437f74

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.4.0/webfonts/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-brands-400.woff2
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77ea474f365140c7dcd30a281e4a8dd3a3d842b33440106d40dca2081ad19a7

Request headers

Referer
https://ominous.app/
Origin
https://ominous.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
2262503
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
108012
last-modified
Fri, 24 Mar 2023 05:23:18 GMT
server
cloudflare
etag
"a9ebafc81a2234f7d34d8e6ae20f221d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FVE%2BoaaQwnV3B0wARys%2FgRPlDk2t3IA5aeZ3ZJNbYt4lhUkcc1M2KCUC4Ns%2BXAjJBzxFdf2fkYhBTnPRzkhAUPagApwwBCY7TqcsZ4E8OcUXaoifmP0fxjghPL6N49hO5iGcCiKdha62gV6iNCkinQcJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7be67a692e98434a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
6vcatV402co_CkN1g_fCFOzxyrg3NImTrh5dmXk5FHl7RsXZU2b8Vg==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.0/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-solid-900.woff2
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ed5cd319e1b6bcac2b0d2ab3ebe5474d72327ef3d700fd553f4cf1b5d23a35

Request headers

Referer
https://ominous.app/
Origin
https://ominous.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 dee3e3075e44bf98642bfe89cb38088a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
2441605
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
150120
last-modified
Fri, 24 Mar 2023 05:23:18 GMT
server
cloudflare
etag
"47c0d51ac60ec37c20bc6f755cc9f71b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFDFdVcWI2%2FtikwZh2afhMBoq7isChgGxePZrUt7GcChYby%2FJCO5%2FC%2FVyfNURJgVG85k8yrEGwGfn%2B4GOpqfXTYOUCHc5G0v%2FeeQwbhGswHk8iE0Qt75g5IxTnLTBcsuglexhuq9BO67NrE9x9UQDC955Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7be67a692e97434a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
U3nhpZZ7UT-w81fVX4yFCBrhfuoWL2SV1fiOdiT2t_ZELd65BCh39g==
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v6.4.0/webfonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-regular-400.woff2
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c4dcd77ed1c9917c299952dc2ac06c35657113c35c1ad10587f285c3208aac9

Request headers

Referer
https://ominous.app/
Origin
https://ominous.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
2002020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24952
last-modified
Fri, 24 Mar 2023 05:23:18 GMT
server
cloudflare
etag
"a343e0aaf1f0863b6bccb382abbfca31"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0xIY0G4Hw2WasqA36vQrFxHin1%2B%2BmM8bC%2FTzsGdujlMbJSKsETTHcKz0n0I5Gfb4RtlTsR5U4aWjjjdlK7yUHSthTB8sQd4aRry3TjeE9xL%2FRwvchufDT3Tf1zBB9AHMd8ayLzQm0lBJQBRAA3zj%2Fs95A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7be67a692e95434a-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
OYJYDWWP6Gbx8R3LD-lXR_lzlPTSMz1kJjEmCPJVq3N-buZxOnM-Ww==
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=90374483&t=pageview&_s=1&dl=https%3A%2F%2Fominous.app%2F&ul=en-us&de=UTF-8&dt=Ominous&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1386525438&gjid=936856863&cid=214094548.1682592350&tid=UA-162087016-1&_gid=552896782.1682592350&_r=1&_slc=1&gtm=45He34q0n81T44B8Q9&z=1000609267
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ominous.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/show_ads_impl_fy2021.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88dbb99f883e5b64ed7d7f4ee0fa44826c9fb0439675331f01c0d49b82ab32ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121899
x-xss-protection
0
server
cafe
etag
16801892391145018006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 10:45:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/ Frame 2F32 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/zrt_lookup.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
25448
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 03:41:41 GMT
etag
2378337311435320485
expires
Thu, 11 May 2023 03:41:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=42532090%2C44759927%2C44759876%2C42532186%2C44759837%2C31071756
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&tcfv1=0&tcfv2=0&usp=1&fc=0&ptt=9&eid=42532090%2C44759927%2C44759876%2C42532186%2C44759837%2C31071756
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VY926P02G8&gtm=45je34q0&_p=90374483&cid=214094548.1682592350&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682592349&sct=1&seg=0&dl=https%3A%2F%2Fominous.app%2F&dt=Ominous&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VY926P02G8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ominous.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VY926P02G8&cv=1&v=3&t=t&pid=1364466621&rv=34q0&es=1&e=gtm.init_consent&eid=-1&h=Ag&tc=10&dl=ominous.app%2F&tdp=G-VY926P02G8;85869641;1;2;0&z=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-VY926P02G8&cv=1&v=3&t=t&pid=1364466621&rv=34q0&es=1&e=gtm.init_consent&eid=-1&h=Ag&tc=10&dl=ominous.app%2F&tdp=G-VY926P02G8;85869641;1;2;0&z=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VY926P02G8&cv=1&v=3&t=t&pid=1364466621&rv=34q0&es=1&e=gtm.init&eid=0&h=Ag&tc=10&tr=1ccdemoutboundclick.1ccdemdownload.1ccdemvideo.1ccdemsitesearch.1ccdemscroll.1ccdempageview.1ccdconversionmarking.1setproductsettings.1ogtgooglesignals&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch.2ccdemscroll.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VY926P02G8&cv=1&v=3&t=t&pid=1364466621&rv=34q0&es=1&e=gtm.js&eid=1&u=AAAAAAAIAAAAACA&h=Ag&tc=10&tr=1gct&epr=1G.2G&ti=1gct&z=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
nmedianet.js
contextual.media.net/ Frame D978 		156 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUP40XRI&ydspr=1
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1424986b293ef2fc355a1f80529b95d4f46c68cb34ca3e45a6af004d0dd2ac0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-mnt-h
22-ks67
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 27 Apr 2023 10:45:49 GMT
server
Apache
etag
"3613fc1909a72a52b90992cac6008c0b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
expires
Thu, 27 Apr 2023 10:50:49 GMT
log
qsearch-a.akamaihd.net/ Frame D978 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=prod&bdr_typ=1&ss_d1=1600&ogerpm=0.2700&ss_d2=1200&stid=landing-page-top-banner&content_context=-1&content_channel=&other_prv=294&jar_err=&current_day=4.0&adtyp=0&req_id=4382c413-e211-41cf-ae3a-578c5c288112&bd_m3=0.0000&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=61.3714&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=48&floor_bucket=0.00&gpid_format=DEFAULT&seat=BID_API&rc=1&size=970x250&f_seg=&prdp=0.1404&ogcbdp=0.2700&dfpbd=0.1404&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202304261343_generic_prebid_1-cid_3&viewability=0.6900&dmm_r=0.0000&cut=48&dmm_l=0.0000&as_cache=0&tcyerpm=&content_language=&sc=QC&send_erpm=true&dmm_m9=0.0000&sd=-1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.25&ugd_ver=&requrl=ominous.app%2F&bidrestime=1682592349520&cc=CA&strg=harmony&ss=1600x1200&video_maxdur=-1&current_hour=10&time_stamp=2023-04-27+10%3A45%3A49&content_network=&model_key=generic_prebid_1-cid_3&rvshhon=&mul_ratio=0.0000&bdp=0.2700&ct=montreal&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=16276&bdp_bucket=0.25&algo=&dc=east_sc&splid=landing-page-top-banner&erpm_mult=1.000000&dn=ominous.app&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&buyer_id=&dmm_m10=2398141&bdp_wider_bucket=1&acid=559802c33e7b45a79432dad69ae7ba39&zone=d&infl=&o_ver=NT+10.0&br_ver=112.0.5615.121&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.4.2&totalTimeBucket=5&visibility=1&totalTime=5469135&dmm_m1=2023-04-27+10%3A45%3A49.522387285&e_rpm=0.0000&dmm_m22=0.2700&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.0000&cid=8CU87559X&bcrid=S0300080800127000970025099999900&rawbid=0.2700&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-cc65979b9-5wqt8.SC&dfp_bucket=0.1&adblk=&itype=prebid&pvid_seat=294_BID_API&vcmplrt=-1.0&video_mindur=-1&cliIP=2503514551&advurl=related.icananswerthat.com%2F&level_base=0&crid=277237281&sat=0&br_id=265&cut_bkt=50&gpid=landing-page-top-banner&iwb=1&second_bid=0.000000&sc_pvid=294&capd=0&other_bids=0.27
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 27 Apr 2023 10:45:49 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 7D85 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 27 Apr 2023 10:45:49 GMT
x-guploader-uploadid
ADPycdvIA07uolGXKB2ssiwsyDgqMV4zKQeEzrGWzE-0qe0mB_SYBHuFlR0hWZLANlGZBaEyJeskGsWCcGiO_fk5GCOg0Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 27 Apr 2023 11:45:49 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=4382c413-e211-41cf-ae3a-578c5c288112&cid=8CU87559X&crid=277237281&adunit_count=1&dn=ominous.app&requrl=https://ominous.app/&istop=true&event=client_bid_won&value=0.14&rd=
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 27 Apr 2023 10:45:49 GMT
log
hblg.media.net/ Frame 7D85 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&prvReqId=1148444016670_223529965_27723728112941&acid=559802c33e7b45a79432dad69ae7ba39&pvid=294&ogbdp=0.27&requrl=https%3A%2F%2Fominous.app&cc=CA&dn=ominous.app&cid=8CU87559X&ugd=4&size=970x250&cbdp=0.140&dtc=east_sc&itype=PREBID&rme=adm&app=0&viewability=69.0&bidrestime=1682592349520&slotVisibility=1&ctr=-1.0&csip=rtb-common-cc65979b9-5wqt8.SC&scrid=S0300080800127000970025099999900&mang=1&commit_id=99ec6328&zone=d&pxtype=0&cpr=0.20532249702028982
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 27 Apr 2023 10:45:49 GMT
clog
hblg.media.net/ Frame 7D85 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5263&lper=1&itypeid=3&itype=PREBID&cc=CA&cid=8CU87559X&reqid=4382c413-e211-41cf-ae3a-578c5c288112&vid=4382c413-e211-41cf-ae3a-578c5c288112&dn=ominous.app&rawDn=ominous.app&pid=8PRW23HG5&ugd=4&fleet=common&requrl=https%3A%2F%2Fominous.app&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_enf=false&geo_source=2&sc=QC&ct=montreal&pubid=pub-8CU87559X&tgtval=pub-8CU87559X&csip=rtb-common-cc65979b9-5wqt8.SC&dtc=east_sc&zone=d&sd=-1&ptype=23&xtmax=300&gdpr=0&gsi=0&app=0&sat=0&screeninfo=1600x1200&asn=16276&sckfl=0&usp_status=0&usp_enf=1&usp_string=1---&ufca=0&pexid=PREBID-8CU87559X&geoll=false&is_ortb=false&s_ip=149.56.153.183&s_city=montreal&commit_id=99ec6328&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-04-26+00%3A00%3A00&pbasrc=0&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&ipcc=CA&is_msnnative_src=false&rtttime=121&pvid=294&prvAccId=285501814&prvApiId=8CUP40XRI&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=277237281&prspt=headerBid&prvReqId=1148444016670_223529965_27723728112941&reqsize=970x250&size=970x250&chnl=HARMONY&bdp=0.270&cbdp=0.140&og_cbdp=0.270&ogbdp=0.27&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=related.icananswerthat.com&dfpBd=0.140&dt=O&dbf=1&epc=285501814&s=1&snm=SUCCESS&pcrid=8CUP40XRI-285501814-17-0&tpbTkn=false&exid=31&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=69&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&bdata=sd2%3Dnull%7Ett%3D22091%7Eiurl_l%3D50%7Eogerpm%3D0.27%7Evis_sd%3D654%7Edc2%3D1%7Ebat%3D0%2C0%2C0%7Escd%3Dqc%7Ev_asn%3D16276%7Evl2r_sd%3D2023042703%7Eiurl_b%3D7017.54%7Eurl_tkc%3D0%7Estd%3Dlanding-page-top-banner%7Elast%3D%7Evis_url_b%3D0.51%7Eip%3D2JquuX%7Efbb%3D0%7Evis_url_l%3D40%7Eriipua%3D0%2C0%7Eet%3D16%7Erc%3D1%7Erps_sd%3D2023042705%7Evis_b%3D651.19%7Eurl_b%3D0.14%7Evl2r_url_b%3D0%7Evl2r_url_vi%3D1E-16%7Eurl_tvi%3D0%7Eurl_l%3D50%7Egcat%3D501031%7Ebb%3D196%7Evv%3D0%7El2r_b%3D1000%7Eerpm%3D0.27%7Evl2r_url_kc%3D0E0%7EMFB%3D1p%7Ebm%3D1%7Esid%3D285501814%7Esd%3D-1%7Euid%3D2IaGiOkI1KrZuL5XBT%7Ebtd%3D6630370766090045193582262650513615483644898173383723720348546419143648892927109577932099358400450560%7Ekb_src%3Dkbb%7Evwu%3D-1%7Ed2p_l%3D10%7E3pcf%3D422.3%7Euim%3D381%7Evw_med%3D0.69%7Edmm_strg%3Dharmony%7Ed2p_b%3D0.98%7Eogd2p_b%3D0.98%7Evurl_b%3D0.42%7Ess%3D1600x1200%7Ecc%3DCA%7Ekb_dl%3Dn%2Fa%7Euiw%3D66%7Ece%3D0%7Erps_b%3D49.49%7Evurl_l%3D30%7ECI%3D2910%7Ekb_uc%3D1%7Ents%3D2%7Ekb_ul%3Den%7Ekb_ccks%3D1%7Etb%3D-1%7Ebss_RVP%3DMNB%2CNED%7Ect%3Dmontreal%7Ebss_KTW%3DMNB%2CNED%7Ebasis2%3D196%7Ebasis1%3D196%7EisRef%3D0%7Eivurl_b%3D2.38%7Eisif%3D0%7Elc%3D1%7Ekb_tt%3D0%7Ebid%3D0.27%7Ekb_pt%3DHomepage%7Edc%3D7%7Evl2r_b%3D19.69%7Eivurl_l%3D30%7Esupply_tag_id%3Dlanding-page-top-banner%7Ecbdp%3D0.270%7Edmm%3Dharmony%7Esd%3D-1%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.270%7Eitype_id%3D3%7Eseller_tag_id%3Dlanding-page-top-banner%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1%7Eibc%3D1%7Ensz%3D2%7Etgs%3D728x90%7C970x250%7Ebsb%3D3%7Ebsp%3D-1%7Etmx%3D249&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1682592349520&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.27&dmm_erpm=true&dmm_ogerpm=false&bcrid=S0300080800127000970025099999900&strg=HARMONY&stagid=landing-page-top-banner&pgcatiab2=445&vls=0&scrid=S0300080800127000970025099999900&mang=1&pvdTmax=249&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CUP40XRI&mx_SPRIG=2&mx_bsBucket=3&mx_ssProfile=0&mx_int_dsp_id=32&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=3&mx_sid=8CU87559X&mx_SC=0&mx_lr_seg_deal=1&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_g_uid_cvrg%3C%3E=pubcid&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=landing-page-top-banner&mx_tgs=728x90%7C970x250&mx_bsProfileRa=-1&mx_IAB2=1&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=4&mx_gpid=landing-page-top-banner&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=mEWkTyhlZ5uh&mx_gpid_sent=true&mx_commit_id=73f5113afe&acid=559802c33e7b45a79432dad69ae7ba39&rtime=18.0&wsip=mowx-5f88446c5b-5gt54&ltime=113.0&act=headerBid&abs=0%7C0%7Cnxblock%3D-1%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&impId=36e3f6818527ff&reftime=15000&reftype=0&keywordSellerId=false&dsid=landing-page-top-banner&mowxReqId=559802c33e7b45a79432dad69ae7ba39_1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=1&dfpDiv=landing-page-top-banner&feedback_id=fc146e69-2199-4444-9b6d-1a4cc6086977&supplyTagId=277237281&pub_pbslot=landing-page-top-banner&mnrfc=1&viewability_vendor=MEDIA.NET+EXCHANGE&viewability_mnet=69&v_mkey=gen-vblt_prebid_test_2_1&v_mver=202304262312_gen-vblt_prebid_test_2&v_alg=gen-vblt_prebid_all&vcmplrt=-1.0&actltime=114&mp_seg%3C%3E=60751%23%2360994%23%2366833%23%2360751%23%2367567%23%2310003079%23%2360994%23%2360751%23%2360994%23%2317196&debug_ts=2023-04-27+10%3A45%3A49&__expireat=1682592949777&mview=1&rme=adm&utime=236&sf=0&cpr=0.06134125320219597
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
max-age=3600
date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Thu, 27 Apr 2023 16:45:49 GMT
pixel.png
tracker.nitropay.com/ 		73 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.nitropay.com/pixel.png?s=1491&wb=eyJhZFVuaXRDb2RlIjoibGFuZGluZy1wYWdlLXRvcC1iYW5uZXIiLCJjcmVhdGl2ZUlkIjoiUzAzMDAwODA4MDAxMjcwMDA5NzAwMjUwOTk5OTk5MDAiLCJiaWRkZXIiOiJtZWRpYW5ldCIsInRpbWVUb1Jlc3BvbmQiOjE5OCwiaGVpZ2h0IjoyNTAsIndpZHRoIjo5NzAsImNwbSI6MC4xNCwiaHJlZiI6Imh0dHBzOi8vb21pbm91cy5hcHAvIiwiYWNjZXB0YWJsZSI6ZmFsc2UsIm1ldGEiOiJ7fSIsInJlcXVlc3RJZCI6ImRiZTNmN2M3LTg5YmEtNGM2NC1iNWU3LTBlODMyYTU4MTFjYSIsImMiOiJDQSIsInIiOiJPTiIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJ0aW1lc3RhbXAiOjE2ODI1OTIzNDk3Nzd9&t=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
cache-control
no-cache
cf-ray
7be67a6a2ec3ca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73
nmedianet.js
contextual.media.net/ Frame 9E8E 		156 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUP40XRI&ydspr=1
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5eb421d7cb7bc35fff7139c11625d11134e18ff696dd23bcff0a95d26bc63ee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-mnt-h
22-ks67
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 27 Apr 2023 10:45:49 GMT
server
Apache
etag
"3613fc1909a72a52b90992cac6008c0b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
expires
Thu, 27 Apr 2023 10:50:49 GMT
log
qsearch-a.akamaihd.net/ Frame 9E8E 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=20&app_type=&bdr_typ=1&ogerpm=0.03&stid=footer-banner&content_context=-1&content_channel=&other_prv=294&jar_err=&adtyp=0&req_id=759cdede-156c-4dbf-9586-3dff7405738b&bidfp=0.0000&pvag_id=&ugd=4&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&gpid_format=DEFAULT&seat=BID_API&rc=1&size=970x250&f_seg=&prdp=&ogcbdp=0.0300&dfpbd=&server=6&ogerpm_wd_bkt=0-1&vskip=-1&viewability=0.41&dmm_r=&dmm_l=&tcyerpm=&content_language=&sc=QC&send_erpm=false&sd=-1&hb_exp=&seg=&ugd_ver=&requrl=ominous.app&bidrestime=0&cc=CA&strg=smm_migration_test&ss=1600x1200&video_maxdur=-1&time_stamp=2023-04-27+10%3A45%3A49&content_network=&rvshhon=&bdp=0.0300&ct=montreal&akey=&mnckfl=0&content_genre=&asn=16276&algo=&dc=east_sc&splid=footer-banner&dn=ominous.app&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=47ff0c6fd8d04e6fa0f7fbbe3c426617&zone=d&infl=&o_ver=NT+10.0&br_ver=112.0.5615.121&ver=9.4.2&totalTimeBucket=0&visibility=2&totalTime=897698&e_rpm=&dmm_m22=0.0300&gdpr=&vsid=&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&cid=8CU87559X&bcrid=S0300080800127000970025099999900&rawbid=0.03&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-apm-86b7445f95-jx28m.SC&adblk=&itype=prebid&pvid_seat=294_BID_API&vcmplrt=-1.0&video_mindur=-1&cliIP=0&advurl=related.icananswerthat.com%2F&crid=277237281&sat=0&br_id=265&gpid=footer-banner&iwb=1&second_bid=0.0&sc_pvid=294&capd=&other_bids=0.03
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 27 Apr 2023 10:45:49 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 8395 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 27 Apr 2023 10:45:49 GMT
x-guploader-uploadid
ADPycdvIA07uolGXKB2ssiwsyDgqMV4zKQeEzrGWzE-0qe0mB_SYBHuFlR0hWZLANlGZBaEyJeskGsWCcGiO_fk5GCOg0Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 27 Apr 2023 11:45:49 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=759cdede-156c-4dbf-9586-3dff7405738b&cid=8CU87559X&crid=277237281&adunit_count=1&dn=ominous.app&requrl=https://ominous.app/&istop=true&event=client_bid_won&value=0.02&rd=
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 27 Apr 2023 10:45:49 GMT
log
hblg.media.net/ Frame 8395 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&prvReqId=47222011991710_1166998668_27723728112941&acid=47ff0c6fd8d04e6fa0f7fbbe3c426617&pvid=294&ogbdp=0.03&requrl=https%3A%2F%2Fominous.app&cc=CA&dn=ominous.app&cid=8CU87559X&ugd=4&size=970x250&cbdp=0.02&dtc=east_sc&itype=PREBID&rme=adm&app=0&viewability=41.0&bidrestime=1682592349575&slotVisibility=2&ctr=-1.0&csip=rtb-common-apm-86b7445f95-jx28m.SC&scrid=S0300080800127000970025099999900&mang=1&commit_id=99ec6328&zone=d&pxtype=0&cpr=0.3479042816637299
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 27 Apr 2023 10:45:49 GMT
clog
hblg.media.net/ Frame 8395 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5277&lper=1&itypeid=3&itype=PREBID&cc=CA&cid=8CU87559X&reqid=759cdede-156c-4dbf-9586-3dff7405738b&vid=759cdede-156c-4dbf-9586-3dff7405738b&dn=ominous.app&rawDn=ominous.app&pid=8PRW23HG5&ugd=4&fleet=common&requrl=https%3A%2F%2Fominous.app&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_enf=false&geo_source=2&sc=QC&ct=montreal&pubid=pub-8CU87559X&tgtval=pub-8CU87559X&csip=rtb-common-apm-86b7445f95-jx28m.SC&dtc=east_sc&zone=d&sd=-1&ptype=23&xtmax=300&gdpr=0&gsi=0&app=0&sat=0&screeninfo=1600x1200&asn=16276&sckfl=0&usp_status=0&usp_enf=1&usp_string=1---&ufca=0&pexid=PREBID-8CU87559X&geoll=false&is_ortb=false&s_ip=149.56.153.183&s_city=montreal&commit_id=99ec6328&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-04-26+00%3A00%3A00&pbasrc=0&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&ipcc=CA&is_msnnative_src=false&rtttime=97&pvid=294&prvAccId=285501814&prvApiId=8CUP40XRI&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=277237281&prspt=headerBid&prvReqId=47222011991710_1166998668_27723728112941&reqsize=970x250&size=970x250&chnl=smm_migration_test&bdp=0.030&cbdp=0.02&og_cbdp=0.030&ogbdp=0.03&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=related.icananswerthat.com&dfpBd=0.02&dt=O&dbf=1&epc=285501814&s=1&snm=SUCCESS&pcrid=8CUP40XRI-285501814-17-8&tpbTkn=false&exid=31&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=41&slotVisibility=2&adpos=2&iframingState=0&sbdrid=196&bdata=sd2%3Dnull%7Ett%3D22091%7Eiurl_l%3D50%7Eogerpm%3D0.03%7Evis_sd%3D652%7Edc2%3D1%7Ebat%3D0%2C0%2C0%7Escd%3Dqc%7Ev_asn%3D16276%7Evl2r_sd%3D2023042705%7Eiurl_b%3D7098.74%7Eurl_tkc%3D0%7Estd%3Dfooter-banner%7Elast%3D%7Evis_url_b%3D0.51%7Eip%3D2JquuX%7Efbb%3D0%7Evis_url_l%3D40%7Eriipua%3D0%2C0%7Eet%3D18%7Erc%3D2%2C72%7Erps_sd%3D2023042704%7Evis_b%3D135.89%7Eurl_b%3D0.14%7Evl2r_url_b%3D0%7Evl2r_url_vi%3D1E-16%7Eurl_tvi%3D0%7Esmm_wr%3D9.7176%7Eurl_l%3D50%7Egcat%3D501031%7Ebb%3D196%7Evv%3D0%7Esmm_mul%3D0.74%7El2r_b%3D1000%7Eerpm%3D0.03%7Evl2r_url_kc%3D0E0%7EMFB%3DB%7Ebm%3D1.05%7Esmm_sd%3D2023042704%7Esid%3D285501814%7Esd%3D-1%7Euid%3D2IaGiSRhunlt9PNVLt%7Ebtd%3D6630370766090045193641548200217356240808902550861602956983734790462835653345200181087432435480133632%7Ekb_src%3Dkbb%7Evwu%3D-1%7Ed2p_l%3D10%7E3pcf%3D366.49%7Euim%3D381%7Evw_med%3D0.41%7Edmm_strg%3Dsmm_migration_test%7Ed2p_b%3D0.99%7Eogd2p_b%3D0.98%7Evurl_b%3D0.41%7Ess%3D1600x1200%7Ecc%3DCA%7Ekb_dl%3Dn%2Fa%7Euiw%3D49%7Ece%3D0%7Erps_b%3D44.45%7Evurl_l%3D30%7ECI%3D2910%7Ekb_uc%3D1%7Ents%3D2%7Ekb_ul%3Den%7Ekb_ccks%3D1%7Etb%3D-1%7Ebss_RVP%3DMNB%2CNED%7Ect%3Dmontreal%7Ebss_KTW%3DMNB%2CNED%7Ebasis2%3D196%7Ebasis1%3D196%7EisRef%3D0%7Eivurl_b%3D2.46%7Eisif%3D0%7Elc%3D1%7Ekb_tt%3D0%7Ebid%3D0.02%7Ekb_pt%3DHomepage%7Edc%3D7%7Evl2r_b%3D12.6%7Eivurl_l%3D30%7Esupply_tag_id%3Dfooter-banner%7Ecbdp%3D0.030%7Edmm%3Dsmm_migration_test%7Esd%3D-1%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3Dsmm%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.030%7Eitype_id%3D3%7Eseller_tag_id%3Dfooter-banner%7EcarrierId%3D0%7Esmm_api%3Dv1%7Eibc%3D1%7Ensz%3D2%7Etgs%3D728x90%7C970x250%7Ebsb%3D3%7Ebsp%3D-1%7Etmx%3D248&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1682592349575&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.03&dmm_erpm=false&dmm_ogerpm=false&bcrid=S0300080800127000970025099999900&strg=smm_migration_test&stagid=footer-banner&pgcatiab2=445&vls=0&scrid=S0300080800127000970025099999900&mang=1&pvdTmax=248&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CUP40XRI&mx_SPRIG=2&mx_bsBucket=3&mx_ssProfile=0&mx_int_dsp_id=32&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=3&mx_sid=8CU87559X&mx_SC=0&mx_lr_seg_deal=1&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_g_uid_cvrg%3C%3E=pubcid&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=footer-banner&mx_tgs=728x90%7C970x250&mx_bsProfileRa=-1&mx_IAB2=1&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=4&mx_gpid=footer-banner&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=mEWkTyhlZ5uh&mx_gpid_sent=true&mx_commit_id=209c9980a2&acid=47ff0c6fd8d04e6fa0f7fbbe3c426617&rtime=20.0&wsip=mowx-5f88446c5b-58qvs&ltime=92.0&act=headerBid&abs=0%7C0%7Cnxblock%3D-1%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&impId=5616d17ecefbf0b&reftime=15000&reftype=0&keywordSellerId=false&dsid=footer-banner&mowxReqId=47ff0c6fd8d04e6fa0f7fbbe3c426617_1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=1&dfpDiv=footer-banner&feedback_id=29b4a585-dbb1-4892-9503-a0edd2c54607&supplyTagId=277237281&pub_pbslot=footer-banner&mnrfc=1&viewability_vendor=MEDIA.NET+EXCHANGE&viewability_mnet=41&v_mkey=gen-vblt_prebid_test_2_1&v_mver=202304262312_gen-vblt_prebid_test_2&v_alg=gen-vblt_prebid_all&vcmplrt=-1.0&actltime=93&mp_seg%3C%3E=60751%23%2360994%23%2366833%23%2360751%23%2367567%23%2310003079%23%2360994%23%2360751%23%2360994%23%2317196&debug_ts=2023-04-27+10%3A45%3A49&__expireat=1682592949827&mview=1&rme=adm&utime=221&sf=0&cpr=0.6850509273188881
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
max-age=3600
date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Thu, 27 Apr 2023 16:45:49 GMT
pixel.png
tracker.nitropay.com/ 		73 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.nitropay.com/pixel.png?s=1491&wb=eyJhZFVuaXRDb2RlIjoiZm9vdGVyLWJhbm5lciIsImNyZWF0aXZlSWQiOiJTMDMwMDA4MDgwMDEyNzAwMDk3MDAyNTA5OTk5OTkwMCIsImJpZGRlciI6Im1lZGlhbmV0IiwidGltZVRvUmVzcG9uZCI6MzI0LCJoZWlnaHQiOjI1MCwid2lkdGgiOjk3MCwiY3BtIjowLjAyLCJocmVmIjoiaHR0cHM6Ly9vbWlub3VzLmFwcC8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6Int9IiwicmVxdWVzdElkIjoiNDliM2FmNzctMzgyOS00ZWFhLWJmMmEtMDkzZDdlNzQ1M2Q0IiwiYyI6IkNBIiwiciI6Ik9OIiwidHlwZSI6MCwiZHVyYXRpb24iOjAsInRpbWVzdGFtcCI6MTY4MjU5MjM0OTgxMX0%3D&t=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
cache-control
no-cache
cf-ray
7be67a6a5eefca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73
pixel
googleads.g.doubleclick.net/xbbe/ Frame D12F 		0
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjK6uffATAB&v=APEucNWJuR9fjUxhSrrV_5DILQRv23ABT_7fd1XFglcW2gZtRqncwkimPCxKlafAJdy_BIoEfpLwl9rznD8Bp1ebYN2JJae9v8whortbNVnymGaO5x5_upc
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 10:45:49 GMT
expires
Thu, 27 Apr 2023 10:45:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4D2A 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 27 Apr 2023 10:45:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D2A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cni-JeGm4l9SfvGgb4ZZKHTnv9z7x1_5ZjfqgPqlli1eBlD8_xLUTKs_n1_7AIHO1vxb0I_6Hqj8J06osOJzIY2_egdy4hYtu8zej-qRjo00NGHv4
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D2A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4154394780262803874&x=8&ct=76
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
19465d9f-00d6-4574-a64c-81631ee5a211
beacon-iad2.rubiconproject.com/beacon/d/ Frame 4D2A 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/19465d9f-00d6-4574-a64c-81631ee5a211?oo=0&accountId=17374&siteId=167254&zoneId=803838&sizeId=2&e=6A1E40E384DA563B5B6CAE319110234E7E1B9DA67A1096ED4DF99B2E38137555E0BC0A109A29425F7237D6F61317677527B9CF60BE9E39B35F1CEE2BA21FC52106E124223A0F38ED9591A7AAE1D5E2C2AC40658B8A0368AA68DBAD21332AEB4003B3DD122531B0F818677E349FEA3D98F608F0152B1600FDFF27D776A1BAC9ADA4807159A91CEC8887B1CF4E5FBE2B2782DC674201BDF9309910EC1E20A8E67F5CE59F9A97B5D79D43562B8C848C66E4B89EDC776C87D10E
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::54 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:49 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
pixel.png
tracker.nitropay.com/ 		73 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.nitropay.com/pixel.png?s=1491&wb=eyJhZFVuaXRDb2RlIjoibGF5b3V0LWJvZHktdG9wLWJhbm5lciIsImNyZWF0aXZlSWQiOiIyMjQ5OjQ2OTM2NjA5MCIsImJpZGRlciI6InJ1Ymljb24iLCJ0aW1lVG9SZXNwb25kIjoyOTcsImhlaWdodCI6OTAsIndpZHRoIjo3MjgsImNwbSI6MC4wNTYwMDAwMDAwMDAwMDAwMSwiaHJlZiI6Imh0dHBzOi8vb21pbm91cy5hcHAvIiwiYWNjZXB0YWJsZSI6ZmFsc2UsIm1ldGEiOiJ7XCJhZHZlcnRpc2VySWRcIjo4MDc5NSxcIm5ldHdvcmtJZFwiOjIyNDksXCJtZWRpYVR5cGVcIjpcImJhbm5lclwiLFwiYWR2ZXJ0aXNlckRvbWFpbnNcIjpbXCJmaXZlcnIuY29tXCJdfSIsInJlcXVlc3RJZCI6ImQyNGE5ODlkLTZmMmQtNGQ0My1hYzRiLTM2YWQ3ZTM1MTdlNSIsImMiOiJDQSIsInIiOiJPTiIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJ0aW1lc3RhbXAiOjE2ODI1OTIzNDk4MzB9&t=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
cache-control
no-cache
cf-ray
7be67a6a7efaca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VY926P02G8&cv=1&v=3&t=t&pid=1364466621&rv=34q0&es=1&e=gtm.dom&eid=3&u=AAAAAAAIAAAAACA&h=Ag&tc=10&z=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VY926P02G8&cv=1&v=3&t=t&pid=1364466621&rv=34q0&e=gtm.init&eid=0&u=AAAAAAAIAAAAACA&h=Ag&tc=10&tr=5ccdemoutboundclick.5ccdemdownload.5ccdemvideo.5ccdemsitesearch.5ccdemscroll.5ccdempageview.5ccdconversionmarking.5setproductsettings.5ogtgooglesignals&ti=2ccdemoutboundclick.2ccdemdownload.2ccdemvideo.2ccdemsitesearch.2ccdemscroll.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
nmedianet.js
contextual.media.net/ Frame DE1D 		156 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUP40XRI&ydspr=1
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8bbd4f0a0b94386c1d2f39e1cccc49a6361c34b1c696cbaf30fe3ca31dd3a07d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-mnt-h
22-ks67
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 27 Apr 2023 10:45:49 GMT
server
Apache
etag
"3613fc1909a72a52b90992cac6008c0b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
expires
Thu, 27 Apr 2023 10:50:49 GMT
log
qsearch-a.akamaihd.net/ Frame DE1D 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=prod&bdr_typ=1&ss_d1=1600&ogerpm=0.1300&ss_d2=1200&stid=layout-body-bottom-banner&content_context=-1&content_channel=&other_prv=294&jar_err=&current_day=4.0&adtyp=0&req_id=f7ea4216-a590-432b-89e1-7d60f09d780b&bd_m3=0.0000&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=57.9300&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=*&search_res=48&floor_bucket=0.00&gpid_format=DEFAULT&seat=BID_API&rc=1&size=728x90&f_seg=&prdp=0.0676&ogcbdp=0.1300&dfpbd=0.0676&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202304261343_generic_prebid_1-cid_3&viewability=0.4100&dmm_r=0.0000&cut=48&dmm_l=0.0000&as_cache=0&tcyerpm=&content_language=&sc=QC&send_erpm=true&dmm_m9=0.0000&sd=-1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.15&ugd_ver=&requrl=ominous.app%2F&bidrestime=1682592349440&cc=CA&strg=harmony&ss=1600x1200&video_maxdur=-1&current_hour=10&time_stamp=2023-04-27+10%3A45%3A49&content_network=&model_key=generic_prebid_1-cid_3&rvshhon=&mul_ratio=0.0000&bdp=0.1300&ct=montreal&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=16276&bdp_bucket=0.15&algo=&dc=east_sc&splid=layout-body-bottom-banner&erpm_mult=1.000000&dn=ominous.app&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&buyer_id=&dmm_m10=1145421&bdp_wider_bucket=1&acid=85ec1515a5294b7797fd113e717e824f&zone=d&infl=&o_ver=NT+10.0&br_ver=112.0.5615.121&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.4.2&totalTimeBucket=2&visibility=2&totalTime=2977623&dmm_m1=2023-04-27+10%3A45%3A49.442340417&e_rpm=0.0000&dmm_m22=0.1300&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=true&ogerpm_used=false&sfm_key=&bdmm_m12=0.0000&cid=8CU87559X&bcrid=S0300080813018200728009099999900&rawbid=0.1300&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-common-cc65979b9-5wqt8.SC&dfp_bucket=0.0&adblk=&itype=prebid&pvid_seat=294_BID_API&vcmplrt=-1.0&video_mindur=-1&cliIP=2503514551&advurl=related.icananswerthat.com%2F&level_base=0&crid=277237281&sat=0&br_id=265&cut_bkt=50&gpid=layout-body-bottom-banner&iwb=1&second_bid=0.000000&sc_pvid=294&capd=0&other_bids=0.13
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 27 Apr 2023 10:45:49 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame A442 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 27 Apr 2023 10:45:49 GMT
x-guploader-uploadid
ADPycdvIA07uolGXKB2ssiwsyDgqMV4zKQeEzrGWzE-0qe0mB_SYBHuFlR0hWZLANlGZBaEyJeskGsWCcGiO_fk5GCOg0Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Thu, 27 Apr 2023 11:45:49 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=f7ea4216-a590-432b-89e1-7d60f09d780b&cid=8CU87559X&crid=277237281&adunit_count=1&dn=ominous.app&requrl=https://ominous.app/&istop=true&event=client_bid_won&value=0.068&rd=
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:49 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 27 Apr 2023 10:45:49 GMT
log
hblg.media.net/ Frame A442 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&prvReqId=4792240459212_434059775_27723728112941&acid=85ec1515a5294b7797fd113e717e824f&pvid=294&ogbdp=0.13&requrl=https%3A%2F%2Fominous.app&cc=CA&dn=ominous.app&cid=8CU87559X&ugd=4&size=728x90&cbdp=0.068&dtc=east_sc&itype=PREBID&rme=adm&app=0&viewability=41.0&bidrestime=1682592349440&slotVisibility=2&ctr=-1.0&csip=rtb-common-cc65979b9-5wqt8.SC&scrid=S0300080813018200728009099999900&mang=1&commit_id=99ec6328&zone=d&pxtype=0&cpr=0.576135222706615
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 27 Apr 2023 10:45:49 GMT
clog
hblg.media.net/ Frame A442 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5263&lper=1&itypeid=3&itype=PREBID&cc=CA&cid=8CU87559X&reqid=f7ea4216-a590-432b-89e1-7d60f09d780b&vid=f7ea4216-a590-432b-89e1-7d60f09d780b&dn=ominous.app&rawDn=ominous.app&pid=8PRW23HG5&ugd=4&fleet=common&requrl=https%3A%2F%2Fominous.app&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_enf=false&geo_source=2&sc=QC&ct=montreal&pubid=pub-8CU87559X&tgtval=pub-8CU87559X&csip=rtb-common-cc65979b9-5wqt8.SC&dtc=east_sc&zone=d&sd=-1&ptype=23&xtmax=300&gdpr=0&gsi=0&app=0&sat=0&screeninfo=1600x1200&asn=16276&sckfl=0&usp_status=0&usp_enf=1&usp_string=1---&ufca=0&pexid=PREBID-8CU87559X&geoll=false&is_ortb=false&s_ip=149.56.153.183&s_city=montreal&commit_id=99ec6328&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-04-26+00%3A00%3A00&pbasrc=0&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&ipcc=CA&is_msnnative_src=false&rtttime=86&pvid=294&prvAccId=566751162&prvApiId=8CUP40XRI&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=277237281&prspt=headerBid&prvReqId=4792240459212_434059775_27723728112941&reqsize=728x90&size=728x90&chnl=HARMONY&bdp=0.130&cbdp=0.068&og_cbdp=0.130&ogbdp=0.13&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=related.icananswerthat.com&dfpBd=0.068&dt=O&dbf=1&epc=566751162&s=1&snm=SUCCESS&pcrid=8CUP40XRI-566751162-17-11&tpbTkn=false&exid=31&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=41&slotVisibility=2&adpos=2&iframingState=0&sbdrid=196&bdata=sd2%3Dnull%7Ett%3D22091%7Eiurl_l%3D50%7Eogerpm%3D0.13%7Evis_sd%3D652%7Edc2%3D1%7Escd%3Dqc%7Ev_asn%3D16276%7Evl2r_sd%3D2023042705%7Eiurl_b%3D6232.47%7Eurl_tkc%3D0%7Estd%3Dlayout-body-bottom-banner%7Elast%3D%7Evis_url_b%3D0.78%7Eip%3D2JquuX%7Efbb%3D0%7Evis_url_l%3D40%7Eriipua%3D0%2C0%7Eet%3D13%7Erc%3D1%7Erps_sd%3D2023042704%7Evis_b%3D907.62%7Eurl_b%3D0.16%7Evl2r_url_b%3D0%7Evl2r_url_vi%3D1E-16%7Eurl_tvi%3D28%7Eurl_l%3D50%7Egcat%3D501031%7Ebb%3D196%7Evv%3D0%7El2r_b%3D1000%7Eerpm%3D0.13%7Evl2r_url_kc%3D0E0%7EMFB%3DB%7Ebm%3D1.05%7Esid%3Dcaaacb79c9348732bcdfaaef2225a3f0%7Esd%3D-1%7Euid%3D2IaGi7jlZFTaCMDL3z%7Ebtd%3D6630370766090045193582262650513615483644898173790792848391048147145084822013948233763815794799017984%7Ekb_src%3Dkbb%7Evwu%3D-1%7Ed2p_l%3D10%7E3pcf%3D679.25%7Euim%3D511%7Evw_med%3D0.41%7Edmm_strg%3Dharmony%7Ed2p_b%3D1%7Eogd2p_b%3D0.98%7Evurl_b%3D0.41%7Ess%3D1600x1200%7Ecc%3DCA%7Ekb_dl%3Dn%2Fa%7Euiw%3D56%7Ece%3D0%7Erps_b%3D55.46%7Evurl_l%3D30%7ECI%3D2910%7Ekb_uc%3D1%7Ents%3D1%7Ekb_ul%3Den%7Ekb_ccks%3D1%7Etb%3D-1%7Ebss_RVP%3DMNB%2CNED%7Ect%3Dmontreal%7Ebss_KTW%3DMNB%2CNED%7Ebasis2%3D196%7Ebasis1%3D196%7EisRef%3D0%7Eivurl_b%3D2.46%7Eisif%3D0%7Elc%3D1%7Ekb_tt%3D0%7Ebid%3D0.13%7Ekb_pt%3DHomepage%7Edc%3D7%7Evl2r_b%3D3.74%7Eivurl_l%3D30%7Esupply_tag_id%3Dlayout-body-bottom-banner%7Ecbdp%3D0.130%7Edmm%3Dharmony%7Esd%3D-1%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.130%7Eitype_id%3D3%7Eseller_tag_id%3Dlayout-body-bottom-banner%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1%7Eibc%3D1%7Ensz%3D1%7Etgs%3D728x90%7Ebsb%3D3%7Ebsp%3D-1%7Etmx%3D246&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1682592349440&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.13&dmm_erpm=true&dmm_ogerpm=false&bcrid=S0300080813018200728009099999900&strg=HARMONY&stagid=layout-body-bottom-banner&pgcatiab2=445&vls=0&scrid=S0300080813018200728009099999900&mang=1&pvdTmax=246&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_epbc=8CUP40XRI&mx_SPRIG=2&mx_bsBucket=3&mx_ssProfile=0&mx_int_dsp_id=32&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=3&mx_sid=8CU87559X&mx_SC=0&mx_lr_seg_deal=1&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_g_uid_cvrg%3C%3E=pubcid&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=layout-body-bottom-banner&mx_tgs=728x90&mx_bsProfileRa=-1&mx_IAB2=1&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=4&mx_gpid=layout-body-bottom-banner&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=mEWkTyhlZ5uh&mx_gpid_sent=true&mx_commit_id=209c9980a2&acid=85ec1515a5294b7797fd113e717e824f&rtime=14.0&wsip=mowx-5f88446c5b-8wcvq&ltime=78.0&act=headerBid&abs=0%7C0%7Cnxblock%3D-1%7Cxtmax%3D300%7Cbrr%3D0&adtypes=0&impId=26bd7d70729b90c&reftime=15000&reftype=0&keywordSellerId=false&dsid=layout-body-bottom-banner&mowxReqId=85ec1515a5294b7797fd113e717e824f_1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=1&dfpDiv=layout-body-bottom-banner&feedback_id=26680eef-96f6-4cb8-93d8-aad138be0246&supplyTagId=277237281&pub_pbslot=layout-body-bottom-banner&mnrfc=1&viewability_vendor=MEDIA.NET+EXCHANGE&viewability_mnet=41&v_mkey=gen-vblt_prebid_test_2_0&v_mver=202304262312_gen-vblt_prebid_test_2&v_alg=gen-vblt_prebid_all&vcmplrt=-1.0&actltime=79&mp_seg%3C%3E=60751%23%2360994%23%2366833%23%2360751%23%2367567%23%2310003079%23%2360994%23%2360751%23%2360994%23%2317196&debug_ts=2023-04-27+10%3A45%3A49&__expireat=1682592949694&mview=1&rme=adm&utime=435&sf=0&cpr=0.49913104054768276
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
max-age=3600
date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Thu, 27 Apr 2023 16:45:49 GMT
pixel.png
tracker.nitropay.com/ 		73 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.nitropay.com/pixel.png?s=1491&wb=eyJhZFVuaXRDb2RlIjoibGF5b3V0LWJvZHktYm90dG9tLWJhbm5lciIsImNyZWF0aXZlSWQiOiJTMDMwMDA4MDgxMzAxODIwMDcyODAwOTA5OTk5OTkwMCIsImJpZGRlciI6Im1lZGlhbmV0IiwidGltZVRvUmVzcG9uZCI6MTc1LCJoZWlnaHQiOjkwLCJ3aWR0aCI6NzI4LCJjcG0iOjAuMDY4LCJocmVmIjoiaHR0cHM6Ly9vbWlub3VzLmFwcC8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6Int9IiwicmVxdWVzdElkIjoiMDlmNzgyNDgtNjUxNS00OTc5LWI2YjAtY2FlYTY2MTk2N2NmIiwiYyI6IkNBIiwiciI6Ik9OIiwidHlwZSI6MCwiZHVyYXRpb24iOjAsInRpbWVzdGFtcCI6MTY4MjU5MjM0OTg5NX0%3D&t=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/png
cache-control
no-cache
cf-ray
7be67a6aef56ca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-162087016-1&cid=214094548.1682592350&jid=1386525438&gjid=936856863&_gid=552896782.1682592350&_u=YEBAAEAAAAAAACAAI~&z=1221792330
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ominous.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D2A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5168246816246&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D2A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5168246816246&version=m202301230201&ct=76&x=8&cor=4154394780262804000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4D2A 		72 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR5hhfe5sKbL2BAvHnelclF4uH25noQn-UGZUM7gEhIybTgJyHwk-_EHz1EKEQqnd7jaDOofuONNjE5CKFfvwrBt0GDN0Pff4zoTbfUNbPHZMgjTzfAl2wKQ2NG9sWoYW4DXjOCQGIq1Nj8LVYU43po_bYDNCPKDY1Y_9qoLfkP2MJBsI&dbm_d=AKAmf-AyecroQJ7Wph03nB32DFX7xVy9VYOQbxKvWWCl15YaLOr0TZp-qhRejrqoeHEbTRchq0H0E6wfazp7jRSKcbnmjHkUrM75AHET5ITBKNAzZviFJ31unQ8crYzvkmOglairbzz1GTKz3FMA9u8k7Dxl-dF5Vu4EeAiYE1ZFfAFRJdukPJK6CHy0tLuklxuUMOAJspE_dtINwVjHV6Q5qYQJpXb6oxBXyMxQqEgNnb62UvFnabwtWQF7k2SBdjCZcV1e969yudIK8gsyqiyNqmZ0gseRHRMhHfSaybQ4MRxa8-_SJ5LS6bwbz8c2vI30PUyUVwz2YlZxYH_RjnMB1Ny-tru3-Y14oEK_ykCANW_Ofy-b1zV7MtF8AfWcA8DUuELEZkxJqxHTS2iRAKvAzOFU5sowax-eQtMx9r0PGPjuoCr_xr9zYjQbAvZNaZ2eUmVSH229HKlvmYemOCLCmf8loFG6CmjYBXleW7bC4phVkfJymT20vMOPj8x5HFLIDY3sEp1mvcRmTMLCe5c7-BsRxTYR1XWY3be5DtJK69rqBg45_d9rnNk4Ei-istEYT5NAKSZTTF83zIfNpvldKawKzZ6TGRvXFSKTkO7DRvQFluI8W_FAC8MtCIzLc63LBlzfolxBg7QbiTKirOlpoAJJpAaF9SxUCexg0z-GxRil3-wNjg9hNGtpKCY7dlZ7COWWBj7mt0ZZc6afvI_qoBVHt6x7PVHS3MaaO7Z9BALB6zv_DyQGh4WhFk5LVkDYhlAgh3KaAuaus7WuAfp4tSBvGmZsER03yB3E5hkx2d6p0cErF8De1Go21T_4UW8R7tEOuvNg4EHxyD40DZWq0u7605bYyfu25XnVW4E0hwSAwlprAyqm06m3Bk12R9FAoZFIt9bhqoK4pmk5t6gqnJzv6btaohslr-kbNAEQcb5vNXORMR2MDqwYlzyZFHdKd2cL-MzIGfitLHpzv0Qtz2xDYjlmje0M5wqBrmhmy_0FacbxlPB-vzu81ZlXc0GfUOjnZ5paTCfgMN-ysnJptHQ28Cl4YAE74zolbaAG3isnjGWGMTTZWIzUwNq0kgEHVWBfQQqYMck4jdxEtTjhrN-ize4It_E2vkq0pZZXrZMF472t_hmoADhjEEA3T_I_MvWunrUDkx2BIcqX-M1xD2vJRQdO42KuBFKEGXlMNCXTZQjghLST20wUY_BsBfYiurqmzzxk9Wj1alEpJMu-Bb33xxsNuyWEk9fH1osvIr5ch1GJwQh7swdwPLDEcKYuT1nCixDtoJ0sTjkxtKwb9fZbhlPR9ikVS91fN5Ig5r3iQRRrrcGE6PSfRo8HMf1AbYa_jR5ILtUkpthbVum5cHDh-FTwE2eMqo9Xc_icwCB7fiqzjaOBohPp0hz9xxpVmfYF-GThHLL1kkzb5UP4rjvCv-touQXBVgQ-ausUuvGyKOs4PLSqFRXr19jyslJkpKqARYcXbbxBnCv_hTk6AUbs6Im1pW5keAP3phs66dYvT67TCuZiaY1ovYuTBZ9esnIwGdqv2X4Qf2SGFa85VRGYtO1sgxPN0Vqtb63mZsBXO14Mi-uV8OK8l4J7J8tWYOUSDKHZAfz3Q_OKLV4x31QhtIKEq486HviDoZqU2TJmxW3kPfRjrTOByOYCtyWRgK-9pYXfnDC5w24pNkrpUmhbkmmcRcKXDtRIQB5xjydN2pNcdAF3JkNj3pgIIWeo0bIzxUZG-q2XyIM_P08Kauq0Q2fKQIDVOO611XPvsyVLCKPxuxaYksK3zKg4bxB4-KoL_FsC8Qml4sbZ5BvNf2BtZ1fOqUGjWN_2VY537MJfDAzGdI4yC3RCpFIvi7fnAyxTH_lkh_twbEWkqZ7pXNe8vEjNW9sLpol9-sEAu8WlXZODe84ubZnk0kFcUm6Q9RIutuFzg0Um38685HpjC5sYMEcVkAmmo3_RfbLB0l5u4pMl8I-f0s_Tl0FLyBGWtjI2vfN55TGdPvSNaDn3c29tvGQwyuUaXtQHW-dUchhsPEDVQYBQnCcYyQc_LjB6TkH1a4RUoGrLmLolU3HsstUtVZkME3kTagMy_IX71Mbp_43D7wDZ_uFZi1mNhgV_u8tSpYqGyjppHLHALEM6WdPPgQkIBVh9a4LaZ4-Sg9gQ-wxrIoWiGuYVRXOoUE9YMNocVFq74bYqCkOWwV9j6C8gcYnNkcrPRHjoja54lqEx24j_GVdjsGaOo8PrXmCy4i8Ulxc3p8_GRB26g_xw6untKYfPuxVoDY7vC2HUu5ko7b2HrtxzR0wHYDtl8AlD3aO9SaHVsJXLL_j73IGUEE3PRLQs8doOgher6HzQIze5xadOD_Q5tY8tWrMnKnuJNtR4OPcMKvtn0zZOSGMuCAYlk4mhnETS66cUZID-6OnZuJEvBZdsWCi9wZAfZdnUcn5zxvlysux6GJrH3GMZrPuzIVPnHC3lPOdg0jMIjunM8XiLpuoUZN2l8gqVLF3srCfweFAQBYOKsRcLJcMiLHSmCC9KqfTtwYqk_u1EwTTLSYIo1bNrSOSn5IFguXrdVYFxEgPgXggxWksLCNdK1F-dmGi4_9v4n10dyVIdUCE-04MVRUULgOjyzs_9a8mgjDfb6tK5_vWPr_Ha1IA044YaMgICq4ymLVZD-eZpWdDhnW_6MT-WXnIDQTppOBgheh7asusMvAxk-j90AzT-DGw65IzLd9hZka1ljLalXlZlil5BY2dXnVln_VcsvQdO5r5cHNjbDZtLEekX1wAQqrrUaI--_Ifqzd_JFyl6cF5eDK9b-ZeL7jcAknIB-vaT56odP6E0tiZccabnv5Z088eAcTFXz7ZadX0im5XZdfAbYOf2vJodpkidbbFaqjDi8iczb9QwrlMsAXmmq2Y3zb8F14J-E0-7akpB39H--Py4K3SM4xSAqSk9679tNgf22G-JfPF7w-T4eFIvI6LgYm0ZnrZepoyG7Uzy0aJJvfDd3FOpJi0FM8KC7_n9QJVJqxJvib0RdouM0f-X1EkPMrMmUG8Yvtj5fOkODG2UuDenu-spHNunCtRQ3um5NXNurAcZ7r-bm1Vj_1uL-AuFLporimZkQdaTuLGHJWQ99_MmiQdpjT6gzGHmGl5RVd0pWLk_dxL2Wr5Efkdcq9RzCNIxX50csIfVzRSWz4jFireYspgJg9Aqh8nOReRRvuCfK2Slb1NAKuam7zA1R5OcsAZsXwP9ftiGEqHQ-Ih49WkFwG1DCZqAd6SROFdxp7DM4WThlgvWy5m4T8DlrEmpN6pmyQvvGtaFAxA8HWveQHJe_XUwq4FRP3dhgM5LRprNZ2_UbxMAvW5S6Qn-ZO0DB_tvnTOC10iAeQkoHMpWjtB7YLzfEBJhrx6U3fMrXpKhxzJsvruRPZW5GRtEvZNOQTsggiUq3YfScRJ6q4xq1Ry5DPB6O1unsff7_s7WrpnJ5a0bSq0w&pr=8%3AEB7078BA96337029&cid=CAQSMgBygQiD6tFykYZZPF4wcxJeikpn_iKawAP-0J6tyB92-GKWNWvsE83CPrLJ9UshNX-pGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fominous.app%2F&ds=l&xdt=0&iif=1&cor=4154394780262804000&adk=3563376826&idt=64&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7033c723f1d726bff910c01ca657d43b9d26db7efeab822c281290724bd5c95b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34893
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smtr
contextual.media.net/ Frame 9106 		75 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349221451208&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzaga8fOnRrolnfOur8Na&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUP40XRI&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5bc574ab0cdf0da40047074d1a68acc52357c3f5c88856d2f5bc8cdbdd4d68e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
28312
content-type
text/html
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Thu, 27 Apr 2023 10:45:50 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-x4h9
bping.php
lg3.media.net/ Frame D978 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=749&&vgd_cdv=933&vgd_tsce=L116&vgd_cage=1&vgd_mcf=67546&gdpr=0&prid=8PRVCXX19&cid=8CUP40XRI&crid=285501814&vi=1682592349221451208&ugd=4&lf=6&kwrf=https%3A%2F%2Fominous.app&cc=CA&sc=QC&lper=100&wsip=170785047&r=1682592350027&requrl=https%3A%2F%2Fominous.app&ssld=%7B%22QQ8E%22%3A%22uHi.XF.uXA.uWA%22%2C%22QQNN%22%3A%22%3DK%22%2C%22QQQN%22%3A%22g%3D%22%2C%22QQN75%22%3A%22Ymz7LJ1j%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1682592349100194400&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU87559X&vgd_hb_audit_2=277237281&vgd_itype_id=3&vgd_pgid=p01420645342t202304271045&vgd_pgids=1&vgd_uspa=0&hvsid=00001682592350022025035145517668&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 27 Apr 2023 10:45:50 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 27 Apr 2023 10:45:50 GMT
checksync.php
contextual.media.net/ Frame 285F 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af6f5009f9638f931f4917a32e0f1e73656b0a3ba4bde62e4190eb70c30e9eb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11948
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Sat, 29 Apr 2023 10:45:50 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=ominous.app&eid=42532090%2C44759927%2C44759876%2C42532186%2C44759837%2C31071756
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=42532090%2C44759927%2C44759876%2C42532186%2C44759837%2C31071756
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ominous.app&callback=_gfp_s_&client=ca-pub-1683805479985610
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4a082015e88601b38fa981a67ba53a77b6977816615256d784de4e35773985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=ominous.app
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ominous.app
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=layout-body-bottom-banner&cls=na-anchor-bottom&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=layout-body-top-banner&cls=na-anchor-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3707 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1683805479985610&output=html&adk=1812271804&adf=3025194257&lmt=1682592350&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fominous.app%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682592349690&bpp=15&bdt=764&idt=366&shv=r20230424&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3573869413373&frm=20&pv=2&ga_vid=214094548.1682592350&ga_sid=1682592350&ga_hid=90374483&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532090%2C44759927%2C44759876%2C42532186%2C44759837%2C31071756&oid=2&pvsid=4238634670886990&tmod=938395734&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=417
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 10:45:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
smtr
contextual.media.net/ Frame 888E 		75 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349524731568&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=smm_migration_test&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&perf=1&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUP40XRI&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20e78b00d0a5924c2b97a060036ce1fd4c44312e5809941510a13c3eb0222e25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
28567
content-type
text/html
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Thu, 27 Apr 2023 10:45:50 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-klrq
checksync.php
contextual.media.net/ Frame F928 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af6f5009f9638f931f4917a32e0f1e73656b0a3ba4bde62e4190eb70c30e9eb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11948
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Sat, 29 Apr 2023 10:45:50 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-162087016-1&cid=214094548.1682592350&jid=1386525438&_u=YEBAAEAAAAAAACAAI~&z=155142380
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-162087016-1&cid=214094548.1682592350&jid=1386525438&_u=YEBAAEAAAAAAACAAI~&z=155142380
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smtr
contextual.media.net/ Frame 4F61 		69 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349382299116&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=566751162&size=728x90&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=TRK6718&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=Business%20Searches&isid=21&allsc=QC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUP40XRI&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51865333fb521d5f0ec438599320e25f25231c83b1c3b7a0948f28148d6eb41d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
27763
content-type
text/html
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Thu, 27 Apr 2023 10:45:50 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-x4h9
bping.php
lg3.media.net/ Frame DE1D 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=749&&vgd_cdv=933&vgd_tsce=L116&vgd_cage=1&vgd_mcf=67546&gdpr=0&prid=8PRVCXX19&cid=8CUP40XRI&crid=566751162&vi=1682592349382299116&ugd=4&lf=6&kwrf=https%3A%2F%2Fominous.app&cc=CA&sc=QC&lper=100&wsip=170785047&r=1682592350170&requrl=https%3A%2F%2Fominous.app&ssld=%7B%22QQ8E%22%3A%22uHi.XF.uXA.uWA%22%2C%22QQNN%22%3A%22%3DK%22%2C%22QQQN%22%3A%22g%3D%22%2C%22QQN75%22%3A%22Ymz7LJ1j%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1682592349193582268&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU87559X&vgd_hb_audit_2=277237281&vgd_itype_id=3&vgd_pgid=p01420645342t202304271045&vgd_pgids=4&vgd_uspa=0&hvsid=00001682592350166025035145511319&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 27 Apr 2023 10:45:50 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 27 Apr 2023 10:45:50 GMT
checksync.php
contextual.media.net/ Frame D0B6 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
af6f5009f9638f931f4917a32e0f1e73656b0a3ba4bde62e4190eb70c30e9eb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11948
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Sat, 29 Apr 2023 10:45:50 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 4D2A 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR5hhfe5sKbL2BAvHnelclF4uH25noQn-UGZUM7gEhIybTgJyHwk-_EHz1EKEQqnd7jaDOofuONNjE5CKFfvwrBt0GDN0Pff4zoTbfUNbPHZMgjTzfAl2wKQ2NG9sWoYW4DXjOCQGIq1Nj8LVYU43po_bYDNCPKDY1Y_9qoLfkP2MJBsI&dbm_d=AKAmf-AyecroQJ7Wph03nB32DFX7xVy9VYOQbxKvWWCl15YaLOr0TZp-qhRejrqoeHEbTRchq0H0E6wfazp7jRSKcbnmjHkUrM75AHET5ITBKNAzZviFJ31unQ8crYzvkmOglairbzz1GTKz3FMA9u8k7Dxl-dF5Vu4EeAiYE1ZFfAFRJdukPJK6CHy0tLuklxuUMOAJspE_dtINwVjHV6Q5qYQJpXb6oxBXyMxQqEgNnb62UvFnabwtWQF7k2SBdjCZcV1e969yudIK8gsyqiyNqmZ0gseRHRMhHfSaybQ4MRxa8-_SJ5LS6bwbz8c2vI30PUyUVwz2YlZxYH_RjnMB1Ny-tru3-Y14oEK_ykCANW_Ofy-b1zV7MtF8AfWcA8DUuELEZkxJqxHTS2iRAKvAzOFU5sowax-eQtMx9r0PGPjuoCr_xr9zYjQbAvZNaZ2eUmVSH229HKlvmYemOCLCmf8loFG6CmjYBXleW7bC4phVkfJymT20vMOPj8x5HFLIDY3sEp1mvcRmTMLCe5c7-BsRxTYR1XWY3be5DtJK69rqBg45_d9rnNk4Ei-istEYT5NAKSZTTF83zIfNpvldKawKzZ6TGRvXFSKTkO7DRvQFluI8W_FAC8MtCIzLc63LBlzfolxBg7QbiTKirOlpoAJJpAaF9SxUCexg0z-GxRil3-wNjg9hNGtpKCY7dlZ7COWWBj7mt0ZZc6afvI_qoBVHt6x7PVHS3MaaO7Z9BALB6zv_DyQGh4WhFk5LVkDYhlAgh3KaAuaus7WuAfp4tSBvGmZsER03yB3E5hkx2d6p0cErF8De1Go21T_4UW8R7tEOuvNg4EHxyD40DZWq0u7605bYyfu25XnVW4E0hwSAwlprAyqm06m3Bk12R9FAoZFIt9bhqoK4pmk5t6gqnJzv6btaohslr-kbNAEQcb5vNXORMR2MDqwYlzyZFHdKd2cL-MzIGfitLHpzv0Qtz2xDYjlmje0M5wqBrmhmy_0FacbxlPB-vzu81ZlXc0GfUOjnZ5paTCfgMN-ysnJptHQ28Cl4YAE74zolbaAG3isnjGWGMTTZWIzUwNq0kgEHVWBfQQqYMck4jdxEtTjhrN-ize4It_E2vkq0pZZXrZMF472t_hmoADhjEEA3T_I_MvWunrUDkx2BIcqX-M1xD2vJRQdO42KuBFKEGXlMNCXTZQjghLST20wUY_BsBfYiurqmzzxk9Wj1alEpJMu-Bb33xxsNuyWEk9fH1osvIr5ch1GJwQh7swdwPLDEcKYuT1nCixDtoJ0sTjkxtKwb9fZbhlPR9ikVS91fN5Ig5r3iQRRrrcGE6PSfRo8HMf1AbYa_jR5ILtUkpthbVum5cHDh-FTwE2eMqo9Xc_icwCB7fiqzjaOBohPp0hz9xxpVmfYF-GThHLL1kkzb5UP4rjvCv-touQXBVgQ-ausUuvGyKOs4PLSqFRXr19jyslJkpKqARYcXbbxBnCv_hTk6AUbs6Im1pW5keAP3phs66dYvT67TCuZiaY1ovYuTBZ9esnIwGdqv2X4Qf2SGFa85VRGYtO1sgxPN0Vqtb63mZsBXO14Mi-uV8OK8l4J7J8tWYOUSDKHZAfz3Q_OKLV4x31QhtIKEq486HviDoZqU2TJmxW3kPfRjrTOByOYCtyWRgK-9pYXfnDC5w24pNkrpUmhbkmmcRcKXDtRIQB5xjydN2pNcdAF3JkNj3pgIIWeo0bIzxUZG-q2XyIM_P08Kauq0Q2fKQIDVOO611XPvsyVLCKPxuxaYksK3zKg4bxB4-KoL_FsC8Qml4sbZ5BvNf2BtZ1fOqUGjWN_2VY537MJfDAzGdI4yC3RCpFIvi7fnAyxTH_lkh_twbEWkqZ7pXNe8vEjNW9sLpol9-sEAu8WlXZODe84ubZnk0kFcUm6Q9RIutuFzg0Um38685HpjC5sYMEcVkAmmo3_RfbLB0l5u4pMl8I-f0s_Tl0FLyBGWtjI2vfN55TGdPvSNaDn3c29tvGQwyuUaXtQHW-dUchhsPEDVQYBQnCcYyQc_LjB6TkH1a4RUoGrLmLolU3HsstUtVZkME3kTagMy_IX71Mbp_43D7wDZ_uFZi1mNhgV_u8tSpYqGyjppHLHALEM6WdPPgQkIBVh9a4LaZ4-Sg9gQ-wxrIoWiGuYVRXOoUE9YMNocVFq74bYqCkOWwV9j6C8gcYnNkcrPRHjoja54lqEx24j_GVdjsGaOo8PrXmCy4i8Ulxc3p8_GRB26g_xw6untKYfPuxVoDY7vC2HUu5ko7b2HrtxzR0wHYDtl8AlD3aO9SaHVsJXLL_j73IGUEE3PRLQs8doOgher6HzQIze5xadOD_Q5tY8tWrMnKnuJNtR4OPcMKvtn0zZOSGMuCAYlk4mhnETS66cUZID-6OnZuJEvBZdsWCi9wZAfZdnUcn5zxvlysux6GJrH3GMZrPuzIVPnHC3lPOdg0jMIjunM8XiLpuoUZN2l8gqVLF3srCfweFAQBYOKsRcLJcMiLHSmCC9KqfTtwYqk_u1EwTTLSYIo1bNrSOSn5IFguXrdVYFxEgPgXggxWksLCNdK1F-dmGi4_9v4n10dyVIdUCE-04MVRUULgOjyzs_9a8mgjDfb6tK5_vWPr_Ha1IA044YaMgICq4ymLVZD-eZpWdDhnW_6MT-WXnIDQTppOBgheh7asusMvAxk-j90AzT-DGw65IzLd9hZka1ljLalXlZlil5BY2dXnVln_VcsvQdO5r5cHNjbDZtLEekX1wAQqrrUaI--_Ifqzd_JFyl6cF5eDK9b-ZeL7jcAknIB-vaT56odP6E0tiZccabnv5Z088eAcTFXz7ZadX0im5XZdfAbYOf2vJodpkidbbFaqjDi8iczb9QwrlMsAXmmq2Y3zb8F14J-E0-7akpB39H--Py4K3SM4xSAqSk9679tNgf22G-JfPF7w-T4eFIvI6LgYm0ZnrZepoyG7Uzy0aJJvfDd3FOpJi0FM8KC7_n9QJVJqxJvib0RdouM0f-X1EkPMrMmUG8Yvtj5fOkODG2UuDenu-spHNunCtRQ3um5NXNurAcZ7r-bm1Vj_1uL-AuFLporimZkQdaTuLGHJWQ99_MmiQdpjT6gzGHmGl5RVd0pWLk_dxL2Wr5Efkdcq9RzCNIxX50csIfVzRSWz4jFireYspgJg9Aqh8nOReRRvuCfK2Slb1NAKuam7zA1R5OcsAZsXwP9ftiGEqHQ-Ih49WkFwG1DCZqAd6SROFdxp7DM4WThlgvWy5m4T8DlrEmpN6pmyQvvGtaFAxA8HWveQHJe_XUwq4FRP3dhgM5LRprNZ2_UbxMAvW5S6Qn-ZO0DB_tvnTOC10iAeQkoHMpWjtB7YLzfEBJhrx6U3fMrXpKhxzJsvruRPZW5GRtEvZNOQTsggiUq3YfScRJ6q4xq1Ry5DPB6O1unsff7_s7WrpnJ5a0bSq0w&pr=8%3AEB7078BA96337029&cid=CAQSMgBygQiD6tFykYZZPF4wcxJeikpn_iKawAP-0J6tyB92-GKWNWvsE83CPrLJ9UshNX-pGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fominous.app%2F&ds=l&xdt=0&iif=1&cor=4154394780262804000&adk=3563376826&idt=64&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b830a741e3a702c5f232ef38e0f2d4ab8dda52004178cfdb9cc088f73546523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 00:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
35577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10905
x-xss-protection
0
server
cafe
etag
17251650664335745901
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 00:52:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D2A 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 10:45:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/ Frame 4D2A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/omrhp.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 00:54:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
35502
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 May 2023 00:54:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4D2A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssK-FZ6rswhdJXsHW_crgT6KMkQXJ7ev83ksjg31CNAB8z0kgtS8bsRmpDju1RUEWJeZM2OkTuvPRyKZJDrHPANMyZTajTrx6Q7fapMlJDcK9nRl2TRx1Q0H0c6EmKAb1dolUD0DabkdfYIEPa25PS3edZZhicw1rYZlMBqMQk9gxewpHW9CRGc_FYsyEd5XiQ9FRug-6wy-mQ7nDBLwjVXtCy4ZnkvAtHUqpKXqWE-hCBByWsIDxQY3V0JuQecjf3-C4gIrW8glSlX1zMiNL8khHINmBztMlhLhOnHrJcpj4-cUVuBnKjzl7zWa6TiaT8DW23pC0I-vBbhS3DiQiiO-tHPg0uCh5p2zOF04DCIJGA4FIegaGBRCqavpUCQ6ZmCXqxeif9GfqiiFHFPW9reGVtg5YsNtMOHmuge2pvEA21jX25IuTTbQr8RlM1sS6_AlqoBWbZov3PC5yha5Gi629PBRrYpYucN-hMKgfbNMO5yRYiKPLLB0oaxXNSUOAGTCbtJQUZtp_r8LwrEg2Ni6W7jEJHw87lmXd3sfyFYtw4-6hatxthDzP67zLNNVh9ARADQu3Iawwl_sbtrUbmVcZNtZeGVit3_ghOuRvGcyIwNo9uvYTKk6aPWhb9wIhJdCuwmd4fjNy9Z72FMrRBNBfN08gvtE6Qr6dwnQ3jmfLIgTzcTkcufOQ6UtAJ_imvJh56TRhfwqeRDRrzRYABOETmjVGU3QHxYXW24PjJ5ch-cejNPQZ5sAK-etRmTUBA1x03Kk6oSHL9D_dhdosyXkjDsfuIha7cKwtFrK8yjq-sTH0tgjl0hckvVvjMK8vmspLAhxtUZgiVb2SYTzHgGi2VorqSRz9EzE7NdmMPds0pgJXEnbp8GtRcltEc0oV0Lsk9Wl_x9yoaN51mU0UHQFxfRyDXDme3ig1WGpkA7dhsjJ_iJV-H28kmtsyKXzP0y_BUn69WS2kIF_PLfax5RZQ0lXvqMjdbUFK8YxxAWmUUYpFcQ6GPf7C_gzhzmPwClYxaPplziCjALuiWCXvtYR1Br5EOQbRCfjKsGYwiXKrKJ-7CayiuiIFstOhxRDKqbxTGKLQnughHgk3MOijq4UFGBFa22-ZMhlm6t_FeewFLggdIzFhAq1K7cRKsLQyNQ8TkbAkT8Fqj9BLhMAAOMrOnbzEzagQiiwhnD0i9itL3daYXN8W92W6gdRlng&sai=AMfl-YRwC4hoiGdgb4NW62aCNuVyRhJjZgD0DHXSByv7CGK3eZ-MPwmi20_qq8i2yQYicchyuJOHge3S3b9kRMUtS7lW2VnF5bGJ6lr8ngBnq7PxIkJbYFl0jHz1lPlGFMdkz0kj8Q2QeXjyATppIv6Q_0_RiU_DHnNqe4MbqqHxjBmHVpCbl7N4i8zojWg7JgnRsTBSlK7UOqb0Ugs4aqnz4SxE3Rkz7_VrPPdRhYmitwrqnK3dmXyjURoSLro&sig=Cg0ArKJSzF_jCvDt6JbNEAE&uach_m=[UACH]&pr=8:EB7078BA96337029&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230424.43669&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR5hhfe5sKbL2BAvHnelclF4uH25noQn-UGZUM7gEhIybTgJyHwk-_EHz1EKEQqnd7jaDOofuONNjE5CKFfvwrBt0GDN0Pff4zoTbfUNbPHZMgjTzfAl2wKQ2NG9sWoYW4DXjOCQGIq1Nj8LVYU43po_bYDNCPKDY1Y_9qoLfkP2MJBsI&dbm_d=AKAmf-AyecroQJ7Wph03nB32DFX7xVy9VYOQbxKvWWCl15YaLOr0TZp-qhRejrqoeHEbTRchq0H0E6wfazp7jRSKcbnmjHkUrM75AHET5ITBKNAzZviFJ31unQ8crYzvkmOglairbzz1GTKz3FMA9u8k7Dxl-dF5Vu4EeAiYE1ZFfAFRJdukPJK6CHy0tLuklxuUMOAJspE_dtINwVjHV6Q5qYQJpXb6oxBXyMxQqEgNnb62UvFnabwtWQF7k2SBdjCZcV1e969yudIK8gsyqiyNqmZ0gseRHRMhHfSaybQ4MRxa8-_SJ5LS6bwbz8c2vI30PUyUVwz2YlZxYH_RjnMB1Ny-tru3-Y14oEK_ykCANW_Ofy-b1zV7MtF8AfWcA8DUuELEZkxJqxHTS2iRAKvAzOFU5sowax-eQtMx9r0PGPjuoCr_xr9zYjQbAvZNaZ2eUmVSH229HKlvmYemOCLCmf8loFG6CmjYBXleW7bC4phVkfJymT20vMOPj8x5HFLIDY3sEp1mvcRmTMLCe5c7-BsRxTYR1XWY3be5DtJK69rqBg45_d9rnNk4Ei-istEYT5NAKSZTTF83zIfNpvldKawKzZ6TGRvXFSKTkO7DRvQFluI8W_FAC8MtCIzLc63LBlzfolxBg7QbiTKirOlpoAJJpAaF9SxUCexg0z-GxRil3-wNjg9hNGtpKCY7dlZ7COWWBj7mt0ZZc6afvI_qoBVHt6x7PVHS3MaaO7Z9BALB6zv_DyQGh4WhFk5LVkDYhlAgh3KaAuaus7WuAfp4tSBvGmZsER03yB3E5hkx2d6p0cErF8De1Go21T_4UW8R7tEOuvNg4EHxyD40DZWq0u7605bYyfu25XnVW4E0hwSAwlprAyqm06m3Bk12R9FAoZFIt9bhqoK4pmk5t6gqnJzv6btaohslr-kbNAEQcb5vNXORMR2MDqwYlzyZFHdKd2cL-MzIGfitLHpzv0Qtz2xDYjlmje0M5wqBrmhmy_0FacbxlPB-vzu81ZlXc0GfUOjnZ5paTCfgMN-ysnJptHQ28Cl4YAE74zolbaAG3isnjGWGMTTZWIzUwNq0kgEHVWBfQQqYMck4jdxEtTjhrN-ize4It_E2vkq0pZZXrZMF472t_hmoADhjEEA3T_I_MvWunrUDkx2BIcqX-M1xD2vJRQdO42KuBFKEGXlMNCXTZQjghLST20wUY_BsBfYiurqmzzxk9Wj1alEpJMu-Bb33xxsNuyWEk9fH1osvIr5ch1GJwQh7swdwPLDEcKYuT1nCixDtoJ0sTjkxtKwb9fZbhlPR9ikVS91fN5Ig5r3iQRRrrcGE6PSfRo8HMf1AbYa_jR5ILtUkpthbVum5cHDh-FTwE2eMqo9Xc_icwCB7fiqzjaOBohPp0hz9xxpVmfYF-GThHLL1kkzb5UP4rjvCv-touQXBVgQ-ausUuvGyKOs4PLSqFRXr19jyslJkpKqARYcXbbxBnCv_hTk6AUbs6Im1pW5keAP3phs66dYvT67TCuZiaY1ovYuTBZ9esnIwGdqv2X4Qf2SGFa85VRGYtO1sgxPN0Vqtb63mZsBXO14Mi-uV8OK8l4J7J8tWYOUSDKHZAfz3Q_OKLV4x31QhtIKEq486HviDoZqU2TJmxW3kPfRjrTOByOYCtyWRgK-9pYXfnDC5w24pNkrpUmhbkmmcRcKXDtRIQB5xjydN2pNcdAF3JkNj3pgIIWeo0bIzxUZG-q2XyIM_P08Kauq0Q2fKQIDVOO611XPvsyVLCKPxuxaYksK3zKg4bxB4-KoL_FsC8Qml4sbZ5BvNf2BtZ1fOqUGjWN_2VY537MJfDAzGdI4yC3RCpFIvi7fnAyxTH_lkh_twbEWkqZ7pXNe8vEjNW9sLpol9-sEAu8WlXZODe84ubZnk0kFcUm6Q9RIutuFzg0Um38685HpjC5sYMEcVkAmmo3_RfbLB0l5u4pMl8I-f0s_Tl0FLyBGWtjI2vfN55TGdPvSNaDn3c29tvGQwyuUaXtQHW-dUchhsPEDVQYBQnCcYyQc_LjB6TkH1a4RUoGrLmLolU3HsstUtVZkME3kTagMy_IX71Mbp_43D7wDZ_uFZi1mNhgV_u8tSpYqGyjppHLHALEM6WdPPgQkIBVh9a4LaZ4-Sg9gQ-wxrIoWiGuYVRXOoUE9YMNocVFq74bYqCkOWwV9j6C8gcYnNkcrPRHjoja54lqEx24j_GVdjsGaOo8PrXmCy4i8Ulxc3p8_GRB26g_xw6untKYfPuxVoDY7vC2HUu5ko7b2HrtxzR0wHYDtl8AlD3aO9SaHVsJXLL_j73IGUEE3PRLQs8doOgher6HzQIze5xadOD_Q5tY8tWrMnKnuJNtR4OPcMKvtn0zZOSGMuCAYlk4mhnETS66cUZID-6OnZuJEvBZdsWCi9wZAfZdnUcn5zxvlysux6GJrH3GMZrPuzIVPnHC3lPOdg0jMIjunM8XiLpuoUZN2l8gqVLF3srCfweFAQBYOKsRcLJcMiLHSmCC9KqfTtwYqk_u1EwTTLSYIo1bNrSOSn5IFguXrdVYFxEgPgXggxWksLCNdK1F-dmGi4_9v4n10dyVIdUCE-04MVRUULgOjyzs_9a8mgjDfb6tK5_vWPr_Ha1IA044YaMgICq4ymLVZD-eZpWdDhnW_6MT-WXnIDQTppOBgheh7asusMvAxk-j90AzT-DGw65IzLd9hZka1ljLalXlZlil5BY2dXnVln_VcsvQdO5r5cHNjbDZtLEekX1wAQqrrUaI--_Ifqzd_JFyl6cF5eDK9b-ZeL7jcAknIB-vaT56odP6E0tiZccabnv5Z088eAcTFXz7ZadX0im5XZdfAbYOf2vJodpkidbbFaqjDi8iczb9QwrlMsAXmmq2Y3zb8F14J-E0-7akpB39H--Py4K3SM4xSAqSk9679tNgf22G-JfPF7w-T4eFIvI6LgYm0ZnrZepoyG7Uzy0aJJvfDd3FOpJi0FM8KC7_n9QJVJqxJvib0RdouM0f-X1EkPMrMmUG8Yvtj5fOkODG2UuDenu-spHNunCtRQ3um5NXNurAcZ7r-bm1Vj_1uL-AuFLporimZkQdaTuLGHJWQ99_MmiQdpjT6gzGHmGl5RVd0pWLk_dxL2Wr5Efkdcq9RzCNIxX50csIfVzRSWz4jFireYspgJg9Aqh8nOReRRvuCfK2Slb1NAKuam7zA1R5OcsAZsXwP9ftiGEqHQ-Ih49WkFwG1DCZqAd6SROFdxp7DM4WThlgvWy5m4T8DlrEmpN6pmyQvvGtaFAxA8HWveQHJe_XUwq4FRP3dhgM5LRprNZ2_UbxMAvW5S6Qn-ZO0DB_tvnTOC10iAeQkoHMpWjtB7YLzfEBJhrx6U3fMrXpKhxzJsvruRPZW5GRtEvZNOQTsggiUq3YfScRJ6q4xq1Ry5DPB6O1unsff7_s7WrpnJ5a0bSq0w&pr=8%3AEB7078BA96337029&cid=CAQSMgBygQiD6tFykYZZPF4wcxJeikpn_iKawAP-0J6tyB92-GKWNWvsE83CPrLJ9UshNX-pGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fominous.app%2F&ds=l&xdt=0&iif=1&cor=4154394780262804000&adk=3563376826&idt=64&cac=0&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 27 Apr 2023 10:45:50 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4D2A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 21:41:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Apr 2024 21:41:39 GMT
5817053623760253815
s0.2mdn.net/simgad/ Frame 4D2A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5817053623760253815
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f173480309cee66c8eefecc61aefd5fc637a7c8b9c39aa5bf56ce588be66908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 10:47:18 GMT
x-content-type-options
nosniff
age
431912
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10217
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 14:55:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 10:47:18 GMT
pubcid.php
hbx.media.net/ Frame 285F 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 11:15:50 GMT
sync
gum.criteo.com/ Frame 285F 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
782274
expires
60
usync.html
eus.rubiconproject.com/ Frame 9D58
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:50 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 27 Apr 2023 10:45:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 4782
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Drkt%26refUrl%3D%26vid%3D259235024332559395014551920...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923502433255939501455192000V10&ovsid=970314639146934161
235 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923502433255939501455192000V10&ovsid=970314639146934161
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Thu, 27 Apr 2023 10:45:50 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 27 Apr 2023 10:45:50 GMT
Location
https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923502433255939501455192000V10&ovsid=970314639146934161
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6B21 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923502433255939501455192000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.199 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30174
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Thu, 27 Apr 2023 19:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 285F
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923502433255939501455192000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923502433255939501455192000V10&ovsid=decfe44b-5937-452b-a2bb-10acb393241f
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923502433255939501455192000V10&ovsid=decfe44b-5937-452b-a2bb-10acb393241f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:50 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-175
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923502433255939501455192000V10&ovsid=decfe44b-5937-452b-a2bb-10acb393241f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 285F
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=21f695bf234f21c6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=con&refUrl=&vid=25923502433255939501455192000V10&ovsid=AAAL_7OAqxJrjwNRzPCUAAAAAAA&expiration=1682678750&is_secure=true
61 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=con&refUrl=&vid=25923502433255939501455192000V10&ovsid=AAAL_7OAqxJrjwNRzPCUAAAAAAA&expiration=1682678750&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=con&refUrl=&vid=25923502433255939501455192000V10&ovsid=AAAL_7OAqxJrjwNRzPCUAAAAAAA&expiration=1682678750&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame 285F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3255939501455192...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=opx&refUrl=&vid=25923502433255939501455192000V10&ovsid=1992e179-10b1-4921-ab48-6392dc699f26
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=opx&refUrl=&vid=25923502433255939501455192000V10&ovsid=1992e179-10b1-4921-ab48-6392dc699f26
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=opx&refUrl=&vid=25923502433255939501455192000V10&ovsid=1992e179-10b1-4921-ab48-6392dc699f26
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 285F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923502433255939501...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923502433255...
  • https://ad.turn.com/r/cs?pid=45&rndcb=2518602974
  • https://sync.1rx.io/usersync/turn/4302964438783897919?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
61 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:51 GMT

Redirect headers

Location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
Date
Thu, 27 Apr 2023 10:45:50 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX24c0e95324a04ff187785c0d5d00bce7005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cksync
cs.media.net/ Frame 285F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzI1NTkzOTUwMTQ1NTE5MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
61 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 285F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923502433255939501455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923502433255939...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=dxu&refUrl=&vid=25923502433255939501455192000V10&ovsid=ina472NS1PRZ8i5
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=dxu&refUrl=&vid=25923502433255939501455192000V10&ovsid=ina472NS1PRZ8i5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:49 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0326d53a5183e5237@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=dxu&refUrl=&vid=25923502433255939501455192000V10&ovsid=ina472NS1PRZ8i5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 285F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=103ae0e6-45fe-416f-ab05-f9a3783bd017
61 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=103ae0e6-45fe-416f-ab05-f9a3783bd017
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=103ae0e6-45fe-416f-ab05-f9a3783bd017
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1806417
content-length
0
expires
Thu, 27 Apr 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 285F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-rlFPAvpE2pmb9gXNPyxkXjVhnAVzkgvOOdlKCw--~A&expires=5&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=&gdpr_consent=&gdpr_pd=
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 27 Apr 2023 10:45:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 285F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=Q-Hu3qFbH4RyVP4Uyuff&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKRFVEHKM3RIZREQNCSPFLFANCVPF2WM...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=Q-Hu3qFbH4RyVP4Uyuffhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=259235024332559395014551...
60 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=Q-Hu3qFbH4RyVP4Uyuffhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923502433255939501455192000V10&vsid=3255939501455192000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:50 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=Q-Hu3qFbH4RyVP4Uyuffhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923502433255939501455192000V10&vsid=3255939501455192000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 285F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3255939501455192000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3255939501455192000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
date
Thu, 27 Apr 2023 10:45:50 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame 285F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
usync.html
eus.rubiconproject.com/ Frame 40CA 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:50 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
log
c21lg-d.media.net/ Frame 285F 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=d62e1745-0f9c-4697-b81e-20cac6a1e692&cs=15&vsid=3255939501455192000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Apr 2023 10:45:50 GMT
content-length
35
content-type
image/gif
sync
gum.criteo.com/ Frame F928 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
694222
expires
60
usync.html
eus.rubiconproject.com/ Frame BF3D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:50 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 27 Apr 2023 10:45:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync
cs.media.net/ Frame F928
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzI1NTkzOTUwMTQ1NTE5MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
61 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 57BD
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Drkt%26refUrl%3D%26vid%3D259235031832559395014551920...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923503183255939501455192000V10&ovsid=970314639146934161
235 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923503183255939501455192000V10&ovsid=970314639146934161
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Thu, 27 Apr 2023 10:45:50 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 27 Apr 2023 10:45:50 GMT
Location
https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=rkt&refUrl=&vid=25923503183255939501455192000V10&ovsid=970314639146934161
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame F928
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fde49070-57cc-47c7-a65f-ec13d9c20caa
61 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fde49070-57cc-47c7-a65f-ec13d9c20caa
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:49 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fde49070-57cc-47c7-a65f-ec13d9c20caa
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1580031
content-length
0
expires
Thu, 27 Apr 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F928
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedi...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=f4131b475de143d6800932f1544bfb7f&ssp=medianet&bsw_param=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&consent=&gdpr_pd=1&expires=7
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent=&gdpr_pd=1
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent=&gdpr_pd=1
Date
Thu, 27 Apr 2023 10:45:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame F928
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3255939501455192000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3255939501455192000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
date
Thu, 27 Apr 2023 10:45:50 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame F928
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6953 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923503183255939501455192000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.199 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30174
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Thu, 27 Apr 2023 19:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame F928
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923503183255939501455192000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923503183255939501455192000V10&ovsid=c8589067-49cb-4863-99e8-aa602eafc634
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923503183255939501455192000V10&ovsid=c8589067-49cb-4863-99e8-aa602eafc634
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:50 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=son&refUrl=&vid=25923503183255939501455192000V10&ovsid=c8589067-49cb-4863-99e8-aa602eafc634
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame F928
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=282c157121a121c6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=con&refUrl=&vid=25923503183255939501455192000V10&ovsid=AAAL_7OAqxJrkANVbnJaAAAAAAA&expiration=1682678750&is_secure=true
61 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=con&refUrl=&vid=25923503183255939501455192000V10&ovsid=AAAL_7OAqxJrkANVbnJaAAAAAAA&expiration=1682678750&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=con&refUrl=&vid=25923503183255939501455192000V10&ovsid=AAAL_7OAqxJrkANVbnJaAAAAAAA&expiration=1682678750&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame F928
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3255939501455192...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=opx&refUrl=&vid=25923503183255939501455192000V10&ovsid=1992e179-10b1-4921-ab48-6392dc699f26
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=opx&refUrl=&vid=25923503183255939501455192000V10&ovsid=1992e179-10b1-4921-ab48-6392dc699f26
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=9&vsid=3255939501455192000V10&type=opx&refUrl=&vid=25923503183255939501455192000V10&ovsid=1992e179-10b1-4921-ab48-6392dc699f26
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame F928
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923503183255939501...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923503183255...
  • https://ad.turn.com/r/cs?pid=45&rndcb=3835280182
  • https://sync.1rx.io/usersync/turn/4230906844745969983?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
61 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
Date
Thu, 27 Apr 2023 10:45:50 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX24c0e95324a04ff187785c0d5d00bce7005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cksync.php
contextual.media.net/ Frame F928
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923503183255939501455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923503183255939...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=dxu&refUrl=&vid=25923503183255939501455192000V10&ovsid=ina472NS1PRZ8i5
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=dxu&refUrl=&vid=25923503183255939501455192000V10&ovsid=ina472NS1PRZ8i5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:49 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-00f66e654e4cf80cd@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=dxu&refUrl=&vid=25923503183255939501455192000V10&ovsid=ina472NS1PRZ8i5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F928
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E6...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=259235031832559395014551...
60 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923503183255939501455192000V10&vsid=3255939501455192000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:50 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923503183255939501455192000V10&vsid=3255939501455192000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4D2A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssK-FZ6rswhdJXsHW_crgT6KMkQXJ7ev83ksjg31CNAB8z0kgtS8bsRmpDju1RUEWJeZM2OkTuvPRyKZJDrHPANMyZTajTrx6Q7fapMlJDcK9nRl2TRx1Q0H0c6EmKAb1dolUD0DabkdfYIEPa25PS3edZZhicw1rYZlMBqMQk9gxewpHW9CRGc_FYsyEd5XiQ9FRug-6wy-mQ7nDBLwjVXtCy4ZnkvAtHUqpKXqWE-hCBByWsIDxQY3V0JuQecjf3-C4gIrW8glSlX1zMiNL8khHINmBztMlhLhOnHrJcpj4-cUVuBnKjzl7zWa6TiaT8DW23pC0I-vBbhS3DiQiiO-tHPg0uCh5p2zOF04DCIJGA4FIegaGBRCqavpUCQ6ZmCXqxeif9GfqiiFHFPW9reGVtg5YsNtMOHmuge2pvEA21jX25IuTTbQr8RlM1sS6_AlqoBWbZov3PC5yha5Gi629PBRrYpYucN-hMKgfbNMO5yRYiKPLLB0oaxXNSUOAGTCbtJQUZtp_r8LwrEg2Ni6W7jEJHw87lmXd3sfyFYtw4-6hatxthDzP67zLNNVh9ARADQu3Iawwl_sbtrUbmVcZNtZeGVit3_ghOuRvGcyIwNo9uvYTKk6aPWhb9wIhJdCuwmd4fjNy9Z72FMrRBNBfN08gvtE6Qr6dwnQ3jmfLIgTzcTkcufOQ6UtAJ_imvJh56TRhfwqeRDRrzRYABOETmjVGU3QHxYXW24PjJ5ch-cejNPQZ5sAK-etRmTUBA1x03Kk6oSHL9D_dhdosyXkjDsfuIha7cKwtFrK8yjq-sTH0tgjl0hckvVvjMK8vmspLAhxtUZgiVb2SYTzHgGi2VorqSRz9EzE7NdmMPds0pgJXEnbp8GtRcltEc0oV0Lsk9Wl_x9yoaN51mU0UHQFxfRyDXDme3ig1WGpkA7dhsjJ_iJV-H28kmtsyKXzP0y_BUn69WS2kIF_PLfax5RZQ0lXvqMjdbUFK8YxxAWmUUYpFcQ6GPf7C_gzhzmPwClYxaPplziCjALuiWCXvtYR1Br5EOQbRCfjKsGYwiXKrKJ-7CayiuiIFstOhxRDKqbxTGKLQnughHgk3MOijq4UFGBFa22-ZMhlm6t_FeewFLggdIzFhAq1K7cRKsLQyNQ8TkbAkT8Fqj9BLhMAAOMrOnbzEzagQiiwhnD0i9itL3daYXN8W92W6gdRlng&sai=AMfl-YRwC4hoiGdgb4NW62aCNuVyRhJjZgD0DHXSByv7CGK3eZ-MPwmi20_qq8i2yQYicchyuJOHge3S3b9kRMUtS7lW2VnF5bGJ6lr8ngBnq7PxIkJbYFl0jHz1lPlGFMdkz0kj8Q2QeXjyATppIv6Q_0_RiU_DHnNqe4MbqqHxjBmHVpCbl7N4i8zojWg7JgnRsTBSlK7UOqb0Ugs4aqnz4SxE3Rkz7_VrPPdRhYmitwrqnK3dmXyjURoSLro&sig=Cg0ArKJSzF_jCvDt6JbNEAE&uach_m=[UACH]&pr=8:EB7078BA96337029&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=115&vt=11&dtpt=113&dett=2&cstd=0&cisv=r20230424.43669&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CR5hhfe5sKbL2BAvHnelclF4uH25noQn-UGZUM7gEhIybTgJyHwk-_EHz1EKEQqnd7jaDOofuONNjE5CKFfvwrBt0GDN0Pff4zoTbfUNbPHZMgjTzfAl2wKQ2NG9sWoYW4DXjOCQGIq1Nj8LVYU43po_bYDNCPKDY1Y_9qoLfkP2MJBsI&dbm_d=AKAmf-AyecroQJ7Wph03nB32DFX7xVy9VYOQbxKvWWCl15YaLOr0TZp-qhRejrqoeHEbTRchq0H0E6wfazp7jRSKcbnmjHkUrM75AHET5ITBKNAzZviFJ31unQ8crYzvkmOglairbzz1GTKz3FMA9u8k7Dxl-dF5Vu4EeAiYE1ZFfAFRJdukPJK6CHy0tLuklxuUMOAJspE_dtINwVjHV6Q5qYQJpXb6oxBXyMxQqEgNnb62UvFnabwtWQF7k2SBdjCZcV1e969yudIK8gsyqiyNqmZ0gseRHRMhHfSaybQ4MRxa8-_SJ5LS6bwbz8c2vI30PUyUVwz2YlZxYH_RjnMB1Ny-tru3-Y14oEK_ykCANW_Ofy-b1zV7MtF8AfWcA8DUuELEZkxJqxHTS2iRAKvAzOFU5sowax-eQtMx9r0PGPjuoCr_xr9zYjQbAvZNaZ2eUmVSH229HKlvmYemOCLCmf8loFG6CmjYBXleW7bC4phVkfJymT20vMOPj8x5HFLIDY3sEp1mvcRmTMLCe5c7-BsRxTYR1XWY3be5DtJK69rqBg45_d9rnNk4Ei-istEYT5NAKSZTTF83zIfNpvldKawKzZ6TGRvXFSKTkO7DRvQFluI8W_FAC8MtCIzLc63LBlzfolxBg7QbiTKirOlpoAJJpAaF9SxUCexg0z-GxRil3-wNjg9hNGtpKCY7dlZ7COWWBj7mt0ZZc6afvI_qoBVHt6x7PVHS3MaaO7Z9BALB6zv_DyQGh4WhFk5LVkDYhlAgh3KaAuaus7WuAfp4tSBvGmZsER03yB3E5hkx2d6p0cErF8De1Go21T_4UW8R7tEOuvNg4EHxyD40DZWq0u7605bYyfu25XnVW4E0hwSAwlprAyqm06m3Bk12R9FAoZFIt9bhqoK4pmk5t6gqnJzv6btaohslr-kbNAEQcb5vNXORMR2MDqwYlzyZFHdKd2cL-MzIGfitLHpzv0Qtz2xDYjlmje0M5wqBrmhmy_0FacbxlPB-vzu81ZlXc0GfUOjnZ5paTCfgMN-ysnJptHQ28Cl4YAE74zolbaAG3isnjGWGMTTZWIzUwNq0kgEHVWBfQQqYMck4jdxEtTjhrN-ize4It_E2vkq0pZZXrZMF472t_hmoADhjEEA3T_I_MvWunrUDkx2BIcqX-M1xD2vJRQdO42KuBFKEGXlMNCXTZQjghLST20wUY_BsBfYiurqmzzxk9Wj1alEpJMu-Bb33xxsNuyWEk9fH1osvIr5ch1GJwQh7swdwPLDEcKYuT1nCixDtoJ0sTjkxtKwb9fZbhlPR9ikVS91fN5Ig5r3iQRRrrcGE6PSfRo8HMf1AbYa_jR5ILtUkpthbVum5cHDh-FTwE2eMqo9Xc_icwCB7fiqzjaOBohPp0hz9xxpVmfYF-GThHLL1kkzb5UP4rjvCv-touQXBVgQ-ausUuvGyKOs4PLSqFRXr19jyslJkpKqARYcXbbxBnCv_hTk6AUbs6Im1pW5keAP3phs66dYvT67TCuZiaY1ovYuTBZ9esnIwGdqv2X4Qf2SGFa85VRGYtO1sgxPN0Vqtb63mZsBXO14Mi-uV8OK8l4J7J8tWYOUSDKHZAfz3Q_OKLV4x31QhtIKEq486HviDoZqU2TJmxW3kPfRjrTOByOYCtyWRgK-9pYXfnDC5w24pNkrpUmhbkmmcRcKXDtRIQB5xjydN2pNcdAF3JkNj3pgIIWeo0bIzxUZG-q2XyIM_P08Kauq0Q2fKQIDVOO611XPvsyVLCKPxuxaYksK3zKg4bxB4-KoL_FsC8Qml4sbZ5BvNf2BtZ1fOqUGjWN_2VY537MJfDAzGdI4yC3RCpFIvi7fnAyxTH_lkh_twbEWkqZ7pXNe8vEjNW9sLpol9-sEAu8WlXZODe84ubZnk0kFcUm6Q9RIutuFzg0Um38685HpjC5sYMEcVkAmmo3_RfbLB0l5u4pMl8I-f0s_Tl0FLyBGWtjI2vfN55TGdPvSNaDn3c29tvGQwyuUaXtQHW-dUchhsPEDVQYBQnCcYyQc_LjB6TkH1a4RUoGrLmLolU3HsstUtVZkME3kTagMy_IX71Mbp_43D7wDZ_uFZi1mNhgV_u8tSpYqGyjppHLHALEM6WdPPgQkIBVh9a4LaZ4-Sg9gQ-wxrIoWiGuYVRXOoUE9YMNocVFq74bYqCkOWwV9j6C8gcYnNkcrPRHjoja54lqEx24j_GVdjsGaOo8PrXmCy4i8Ulxc3p8_GRB26g_xw6untKYfPuxVoDY7vC2HUu5ko7b2HrtxzR0wHYDtl8AlD3aO9SaHVsJXLL_j73IGUEE3PRLQs8doOgher6HzQIze5xadOD_Q5tY8tWrMnKnuJNtR4OPcMKvtn0zZOSGMuCAYlk4mhnETS66cUZID-6OnZuJEvBZdsWCi9wZAfZdnUcn5zxvlysux6GJrH3GMZrPuzIVPnHC3lPOdg0jMIjunM8XiLpuoUZN2l8gqVLF3srCfweFAQBYOKsRcLJcMiLHSmCC9KqfTtwYqk_u1EwTTLSYIo1bNrSOSn5IFguXrdVYFxEgPgXggxWksLCNdK1F-dmGi4_9v4n10dyVIdUCE-04MVRUULgOjyzs_9a8mgjDfb6tK5_vWPr_Ha1IA044YaMgICq4ymLVZD-eZpWdDhnW_6MT-WXnIDQTppOBgheh7asusMvAxk-j90AzT-DGw65IzLd9hZka1ljLalXlZlil5BY2dXnVln_VcsvQdO5r5cHNjbDZtLEekX1wAQqrrUaI--_Ifqzd_JFyl6cF5eDK9b-ZeL7jcAknIB-vaT56odP6E0tiZccabnv5Z088eAcTFXz7ZadX0im5XZdfAbYOf2vJodpkidbbFaqjDi8iczb9QwrlMsAXmmq2Y3zb8F14J-E0-7akpB39H--Py4K3SM4xSAqSk9679tNgf22G-JfPF7w-T4eFIvI6LgYm0ZnrZepoyG7Uzy0aJJvfDd3FOpJi0FM8KC7_n9QJVJqxJvib0RdouM0f-X1EkPMrMmUG8Yvtj5fOkODG2UuDenu-spHNunCtRQ3um5NXNurAcZ7r-bm1Vj_1uL-AuFLporimZkQdaTuLGHJWQ99_MmiQdpjT6gzGHmGl5RVd0pWLk_dxL2Wr5Efkdcq9RzCNIxX50csIfVzRSWz4jFireYspgJg9Aqh8nOReRRvuCfK2Slb1NAKuam7zA1R5OcsAZsXwP9ftiGEqHQ-Ih49WkFwG1DCZqAd6SROFdxp7DM4WThlgvWy5m4T8DlrEmpN6pmyQvvGtaFAxA8HWveQHJe_XUwq4FRP3dhgM5LRprNZ2_UbxMAvW5S6Qn-ZO0DB_tvnTOC10iAeQkoHMpWjtB7YLzfEBJhrx6U3fMrXpKhxzJsvruRPZW5GRtEvZNOQTsggiUq3YfScRJ6q4xq1Ry5DPB6O1unsff7_s7WrpnJ5a0bSq0w&pr=8%3AEB7078BA96337029&cid=CAQSMgBygQiD6tFykYZZPF4wcxJeikpn_iKawAP-0J6tyB92-GKWNWvsE83CPrLJ9UshNX-pGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fominous.app%2F&ds=l&xdt=0&iif=1&cor=4154394780262804000&adk=3563376826&idt=64&cac=0&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 27 Apr 2023 10:45:50 GMT
usync.js
eus.rubiconproject.com/ Frame 40CA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e63be18f76f8a666e2da042531d73757e3c8edf729cc4d989876ddaaac292e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&us_privacy=1---&geo=na&co=ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 00:57:54 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=51114
content-length
10019
expires
Fri, 28 Apr 2023 00:57:44 GMT
usync.js
eus.rubiconproject.com/ Frame 9D58 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e63be18f76f8a666e2da042531d73757e3c8edf729cc4d989876ddaaac292e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 00:57:54 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=51114
content-length
10019
expires
Fri, 28 Apr 2023 00:57:44 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 26EB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
47063
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 21:41:27 GMT
expires
Thu, 25 Apr 2024 21:41:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame BF3D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e63be18f76f8a666e2da042531d73757e3c8edf729cc4d989876ddaaac292e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 00:57:54 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=51114
content-length
10019
expires
Fri, 28 Apr 2023 00:57:44 GMT
sync
gum.criteo.com/ Frame D0B6 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7853d125e096ce670a93f9a2c2ea4b69d0b4e93e2f1e994ad9c0f1451b4901c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1965226
expires
60
usync.html
eus.rubiconproject.com/ Frame 0EC9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:50 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 27 Apr 2023 10:45:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.php
contextual.media.net/ Frame D0B6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fde49070-57cc-47c7-a65f-ec13d9c20caa
61 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fde49070-57cc-47c7-a65f-ec13d9c20caa
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fde49070-57cc-47c7-a65f-ec13d9c20caa
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1785078
content-length
0
expires
Thu, 27 Apr 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D0B6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=medianet&bsw=e35e5ce0-4b68-439d-baef-b7d94ee737e1
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=medianet&bsw=e35e5ce0-4b68-439d-baef-b7d94ee737e1&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NWE3MDMwZjc1MjE4MmJiOQ&gdpr=0&gdpr_consent=&us_privacy=&ssp=medianet&bsw_param=e35e5ce0-4b68-439d-baef-b7d94ee737e1
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent=&gdpr_pd=
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:51 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e35e5ce0-4b68-439d-baef-b7d94ee737e1&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Thu, 27 Apr 2023 10:45:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync
cs.media.net/ Frame D0B6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3667a4d2-74f0-4697-8852-71ce6e0827e8
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E53A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923504633255939501455169000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.199 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30174
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 27 Apr 2023 10:45:50 GMT
expires
Thu, 27 Apr 2023 19:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame D0B6
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=son&refUrl=&vid=25923504633255939501455169000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=son&refUrl=&vid=25923504633255939501455169000V10&ovsid=c8589067-49cb-4863-99e8-aa602eafc634
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=son&refUrl=&vid=25923504633255939501455169000V10&ovsid=c8589067-49cb-4863-99e8-aa602eafc634
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:50 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-31
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=son&refUrl=&vid=25923504633255939501455169000V10&ovsid=c8589067-49cb-4863-99e8-aa602eafc634
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame D0B6
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=6a3291e248372397&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=con&refUrl=&vid=25923504633255939501455169000V10&ovsid=AAAL_7OAqxJrlQNoBwqVAAAAAAA&expiration=1682678750&is_secure=true
61 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=con&refUrl=&vid=25923504633255939501455169000V10&ovsid=AAAL_7OAqxJrlQNoBwqVAAAAAAA&expiration=1682678750&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=con&refUrl=&vid=25923504633255939501455169000V10&ovsid=AAAL_7OAqxJrlQNoBwqVAAAAAAA&expiration=1682678750&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame D0B6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Dr1%26refUrl%3D%26vid%3D25923504633255939501...
  • https://ad.turn.com/r/cs?pid=45&rndcb=1970222864
  • https://sync.1rx.io/usersync/turn/4375022032821825855?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455192000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
61 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:51 GMT

Redirect headers

Location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455192000V10&type=r1&refUrl=&vid=25923503183255939501455192000V10&ovsid=RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005
Date
Thu, 27 Apr 2023 10:45:50 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX24c0e95324a04ff187785c0d5d00bce7005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cksync
cs.media.net/ Frame D0B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=9&google_nid=media&google_cm=1&google_hm=MzI1NTkzOTUwMTQ1NTE2OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
61 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=9&google_gid=CAESEAxjf2kvV8AQ6wZKd3SAdEA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D0B6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3255939501455169000V10%26type%3Ddxu%26refUrl%3D%26vid%3D25923504633255939501455...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=dxu&refUrl=&vid=25923504633255939501455169000V10&ovsid=ina472NS1PRZ8i5
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=dxu&refUrl=&vid=25923504633255939501455169000V10&ovsid=ina472NS1PRZ8i5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:50 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0e80c80edc5e53ad9@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3255939501455169000V10&type=dxu&refUrl=&vid=25923504633255939501455169000V10&ovsid=ina472NS1PRZ8i5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame D0B6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E6...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=259235046332559395014551...
60 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923504633255939501455169000V10&vsid=3255939501455169000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:50 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923504633255939501455169000V10&vsid=3255939501455169000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame D0B6
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3255939501455169000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=7a352333-39c7-493d-b9f4-9c478b01590c&cs=1
date
Thu, 27 Apr 2023 10:45:50 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame 9106 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9106 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9106 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 9106 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349221451208&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzaga8fOnRrolnfOur8Na&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349221451208&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzaga8fOnRrolnfOur8Na&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 28 Apr 2023 10:45:50 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:31:17 GMT
server
nginx
etag
W/"642e9165-15b5c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Apr 2023 10:45:50 GMT
truncated
/ Frame 888E 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 888E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 888E 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 888E 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349524731568&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=smm_migration_test&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&perf=1&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349524731568&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=smm_migration_test&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&perf=1&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 28 Apr 2023 10:45:50 GMT
usync.js
eus.rubiconproject.com/ Frame 0EC9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e63be18f76f8a666e2da042531d73757e3c8edf729cc4d989876ddaaac292e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 00:57:54 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=51114
content-length
10019
expires
Fri, 28 Apr 2023 00:57:44 GMT
truncated
/ Frame 4F61 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4F61 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4F61 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame 4F61 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349382299116&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=566751162&size=728x90&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=TRK6718&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=Business%20Searches&isid=21&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349382299116&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=566751162&size=728x90&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=TRK6718&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=Business%20Searches&isid=21&allsc=QC
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
25720
expires
Fri, 28 Apr 2023 10:45:50 GMT
OpenSans_Semibold.woff
contextual.media.net/__media__/fonts/OpenSans_Semibold/ Frame 4F61 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349382299116&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=566751162&size=728x90&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=TRK6718&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=Business%20Searches&isid=21&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349382299116&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=566751162&size=728x90&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=TRK6718&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=Business%20Searches&isid=21&allsc=QC
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 27 Apr 2023 10:45:50 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
21704
expires
Fri, 28 Apr 2023 10:45:50 GMT
log
c21lg-d.media.net/ Frame D0B6 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=vYQwPQvJK-INWMisUoXQlXdEM5Nv3zon&cs=15&vsid=3255939501455169000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 27 Apr 2023 10:45:50 GMT
content-length
35
content-type
image/gif
bql.php
lg3.media.net/ Frame 9106 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=7212&&vgd_canary=0&vgd_l2type=scs_newfl&fp=CCh76OUo57g4HBgx8_e0drV6ZfLF1sHbhlHj4m5cA3_zctwh2F5AM5MkmJuUx6GBsPV51vI2NQ8aZFsVc-oC5Dz1BSShG9Gf9Gp0d7fZfwvug6CrEa4nZsaJdUvgMHxrB6NQ1ib07Yw%3D&cme=voVAK_6TR1eyp6mErs03neXOSZakBkQ_nVU8xpRuYTxisa-1kHOtR0NN3S0z5AzyXijCiDynTrSv37JSRoOSgCENNnOXqcMZAmEzYYtNhJHuUWBmhJjJr421q7cA3L8-meoS_sLDd6qw-np56pFQR3W3FbjI28paVWXNzrUGhorF-NvQTljFItghZa2uRcn_9il3VS-AoRjZdLTBgc4-N5lbb8PQFnwol0jp5QZaDeU%3D%7C%7CQR3ARCIwbxnJC1ZnKK194bwEwNTO_6HzckTmStXyUvqYSwmRndpeKt1nQ3enQ4YsqMNH6LPmcmsxfX42t-s5i8xJNPrUnNTlyg-6cp2S7p_A95nEWHVqbOXnVR65ckUbHH_kWz1f9tBUNfHnOmR32aI8XOiwG3szRnymYdYUbH8RH88guVwMA9YSM622XbOXONSrwQ8xT8-Kd9X7pFzjpsfOrZ-eJgWIWOGjFpLSHboq8PK3uA301ntxre8de5XQ%7Cu8A6SM53vAfOjwLrYX543-dkfTN4xuq2%7CFqzG-NDXIfebsAkK01nLTtGdwb_fLlLE%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD4k8qTyBCKTBgF4Ek4tCnexF_l4ixmCsas%3D%7Cxrl5Md8q4--QedGOOk1Z4KXGhzpzP_ZPQBskBoGmkOQ%3D%7C&subBdr=196&bdrid=294&ksu=355&fdkt=307&vgde_kbbh=ffoyxQJuO&kwd[]=Abandoned+Houses+Near+Me&kwt[]=307&kbc[]=159914&kwp[]=1&kid[]=329999280&kbc2[]=0%7Cactr%3D1.695%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.5089%7C24%3D2763%7C25%3D14%7C22%3D0.5018%7C7%3D0.0029%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D201%7C27%3D3%7C13%3D0.0466%7C14%3D042705%7C15%3D1%7C1%3D0.36%7Cr%3D1%7C2%3D2.47%7Cps%3D1.154%7C3%3D0.12%7C4%3D2.09&ktd[]=4123185578240&ktrkt[]=Abandoned+Houses+Near+Me&kwd[]=Free+Abandoned+Property&kwt[]=307&kbc[]=159914&kwp[]=2&kid[]=351380625&kbc2[]=0%7Cactr%3D1.395%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1647%7C24%3D616%7C25%3D1%7C22%3D0.1679%7C7%3D0.0014%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D1013%7C27%3D3%7C13%3D0.0392%7C14%3D042705%7C15%3D0%7C1%3D0.12%7Cr%3D6%7C2%3D1.86%7Cps%3D1.154%7C3%3D0.08%7C4%3D2.46&ktd[]=4507722812948736&ktrkt[]=Free+Abandoned+Property&kwd[]=Abandoned+Mansions+You+Can+Buy&kwt[]=307&kbc[]=159914&kwp[]=3&kid[]=350766552&kbc2[]=0%7Cactr%3D0.554%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0976%7C24%3D1084%7C25%3D1%7C22%3D0.0987%7C7%3D0.0013%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D306%7C27%3D6%7C13%3D0.0466%7C14%3D042705%7C15%3D1%7C1%3D0.28%7Cr%3D4%7C2%3D1.78%7Cps%3D1.154%7C3%3D0.13%7C4%3D1.65&ktd[]=4123185578240&ktrkt[]=Abandoned+Mansions+You+Can+Buy&kwd[]=Cheap+Abandoned+Mansions+for+Sale&kwt[]=307&kbc[]=23934&kwp[]=4&kid[]=351004570&kbc2[]=0%7Cactr%3D0.770%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0062%7C24%3D1124%7C25%3D0%7C22%3D0.0101%7C7%3D0.0010%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D15833%7C27%3D144%7C13%3D0.0628%7C14%3D042705%7C15%3D1%7C1%3D0.75%7Cr%3D3%7C2%3D3.75%7Cps%3D1.154%7C3%3D0.09%7C4%3D2.63&ktd[]=4507173057134848&ktrkt[]=Cheap+Abandoned+Mansions+for+Sale&kwd[]=Abandoned+Farms+for+Sale&kwt[]=307&kbc[]=45697&kwp[]=5&kid[]=700204&kbc2[]=0%7Cactr%3D0.661%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0273%7C24%3D518%7C25%3D0%7C22%3D0.0210%7C7%3D0.0006%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D255603%7C27%3D4803%7C13%3D0.0608%7C14%3D042705%7C15%3D0%7C1%3D0.72%7Cr%3D11%7C2%3D2.06%7Cps%3D1.154%7C3%3D0.07%7C4%3D4.00&ktd[]=4507722812883200&ktrkt[]=Abandoned+Farms+for+Sale&kwd[]=Electronic+Payment+Processing&kwt[]=375&kbc[]=132371&kwp[]=6&kid[]=9573930&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0220%7C24%3D258%7C25%3D0%7C22%3D0.0386%7C7%3D0.0002%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D554051%7C27%3D1005%7C13%3D0.2648%7C14%3D042705%7C15%3D0%7C1%3D0.31%7Cr%3D7%7C2%3D11.80%7Cps%3D0.968%7C3%3D1.20%7C4%3D3.64&ktd[]=4503874538832128&ktrkt[]=Electronic+Payment+Processing&kwd[]=Best+Ways+To+Invest+In+Gold&kwt[]=375&kbc[]=157571&kwp[]=7&kid[]=316482289&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0892%7C24%3D2%7C25%3D0%7C22%3D0.2292%7C7%3D0.0002%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D943958%7C27%3D1032%7C13%3D0.1098%7C14%3D042705%7C15%3D0%7C1%3D3.18%7Cr%3D14%7C2%3D13.81%7Cps%3D0.968%7C3%3D0.43%7C4%3D3.95&ktd[]=4503874538832128&ktrkt[]=Best+Ways+To+Invest+In+Gold&kwd[]=Free+Dental+Implants&kwt[]=375&kbc[]=115981&kwp[]=8&kid[]=11543551&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0610%7C24%3D2%7C25%3D0%7C22%3D0.2292%7C7%3D0.0003%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D8643046%7C27%3D16107%7C13%3D0.1065%7C14%3D042705%7C15%3D0%7C1%3D1.43%7Cr%3D13%7C2%3D10.23%7Cps%3D0.968%7C3%3D0.19%7C4%3D4.08&ktd[]=4503874538832128&ktrkt[]=Free+Dental+Implants&v=1&geo=45.49%7C-73.58&dlper=20&lper=100&lpid=&tsid=15062&hint=&cc=CA&wsip=170774595&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22Ymz7LJ1j%22%2C%22QQ8E%22%3A%22uHi.XF.uXA.uWA%22%2C%22QQQN%22%3A%22g%3D%22%7D&cid=8CUP40XRI&vi=1682592349221451208&vsid=3255939501455169&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=010&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L116-S116&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU87559X&vgd_hb_audit_2=277237281&vgd_refdomain=ominous.app&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=38437&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_ifrmode=13&vgd_l1rakh=1682592349100194400&tsrc=entity&sttm=1682592350022&upk=1682592350.8445&hvsid=00001682592350022025035145517668&verid=3111299&vgd_matchstr=hr%3D0&sbdrId=196&vgd_ecrid=S0300080800127000970025099999900&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D16276&vgd_mcf=67546&vgd_vstrid=3255939501455169&vgde_bdata=QOfvzxjj~77vff9iu~8xLjMjvX9~myJLEYv9.fh~e8QMQOvFXH~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9Hfh9A~8xLjMGvh9uh.XH~xLjM7UNv9~Q7Ovj1zO8zyoE1yJo7mEoG1zzJL~j1Q7v~e8QMxLjMGv9.Xu~8Evf6%20xxt~kGGv9~e8QMxLjMjvH9~L88Ex1v9%2C9~J7vuF~LNvu~LEQMQOvf9fA9Hfh9X~e8QMGvFXu.ui~xLjMGv9.uH~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvX9~yN17vX9u9Au~GGvuiF~eev9~jfLMGvu999~JLEYv9.fh~ejfLMxLjMUNv949~csRvuE~GYvu~Q8OvfWXX9uWuH~QOvou~x8OvfV1Z8aUVuCL2xTXtR_~G7OvFFA9Ah9hFF9i99HXuiAXWffFfFX9XuAFuXHWAFHHWiWuhAAWAhfAhf9AHWXHFHuiuHAFHWWififhu9iXhhiAf9iiAXWH99HX9XF9~UGMQLNvUGG~eBxvou~OfEMjvu9~AENkvHff.A~x8YvAWu~eBMYJOv9.Fi~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iW~exLjMGv9.Hf~QQvuF99-uf99~NNv%3DK~UGMOjvzS1~x8BvFF~NJv9~LEQMGvHi.Hi~exLjMjvA9~%3DVvfiu9~UGMxNvu~z7Qvf~UGMxjvJz~UGMNNUQvu~7Gvou~GQQMD%2F0vcIR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcIR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvf.AW~8Q8kv9~jNvu~UGM77v9~G8Ov9.fh~UGME7vqmYJE1yJ~ONvh~ejfLMGvui.Fi~8exLjMjvA9~QxEEj5M71yM8Ovj1zO8zyoE1yJo7mEoG1zzJL~NGOEv9.fh9~OYYvw1LYmz5~QOvou~O7NvJ1Q7MQN~LJkMNz7vu~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.fh9~875EJM8OvA~QJjjJLM71yM8Ovj1zO8zyoE1yJo7mEoG1zzJL~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-fX9~GQGvA~GQEvou~7Y-vfHi&vgd_bhv_kbb=-1&vgd_cfud=220907&vgd_scsver=444&vgd_optout=0&vgd_ydspr=1&vgd_rensize=970_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_dtc=east_sc&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A250&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001682592350022025035145517668&rc=0&rand=1682592350492&acid=559802c33e7b45a79432dad69ae7ba39&matm=1682592350492&vgd_ltimesrc=1&vgd_ltime=903&vgd_rtime=734&vgd_etm=14&vgd_l1hcsd=Sks67%7C2783&vgd_l1ch=1&vgd_lhl=2863&vgd_pgid=p01420645342t202304271045&vgd_csip=rtb-common-cc65979b9-5wqt8.SC&vgd_sbSup=1&vgd_nrrs=38437&vgd_cdv=933&vgd_cntrdt=SL%7CDIV-rc_36e3f6818527ff%7CBODY&vgd_crefurl=https%3A%2F%2Fominous.app%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349221451208&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzaga8fOnRrolnfOur8Na&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 27 Apr 2023 10:45:50 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 27 Apr 2023 10:45:50 GMT
cksync.php
contextual.media.net/ Frame 9D58
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&gdpr_consent=1---&khaos=LGZ01HYR-17-DMTG
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LGZ01HYR-17-DMTG&gdpr_consent=1---
61 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LGZ01HYR-17-DMTG&gdpr_consent=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 27 Apr 2023 10:45:50 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LGZ01HYR-17-DMTG&gdpr_consent=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
pagead2.googlesyndication.com/bg/ Frame 26EB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 17:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
494031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14156
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 17:31:59 GMT
bql.php
lg3.media.net/ Frame 888E 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=7289&&vgd_canary=0&vgd_l2type=scs_newfl&fp=CCh76OUo57g4HBgx8_e0drV6ZfLF1sHbhlHj4m5cA3_zctwh2F5AM5MkmJuUx6GBsPV51vI2NQ8aZFsVc-oC5Dz1BSShG9Gf9Gp0d7fZfwvug6CrEa4nZsaJdUvgMHxrB6NQ1ib07Yw%3D&cme=l6WjeWYXQJ1CXeS_aF_IsY6lLu93LIYnumMCGoCPUTYtM5WzmkjDiKdvzCjLgA7z4wgVk6WdnJLLx2nUgdRA8hEFsdPsDJ0e6-Agr_pMXpgMdasUitmBkMNveGIRe3iWDfRVq1Gb6L2yoyL9yEjmHUbtKKcahsk9ne8PO-mLkT288nZtIZpAl4zwv1dx2OEtd6uC1M1Ue0S56Ry40Cq_hqUvDNhJM4fEDmxFQO-t-K0%3D%7C%7Ca0AmFUYXmD4k8qTyBCKTBgF4Ek4tCnexF_l4ixmCsas%3D%7Cxrl5Md8q4--QedGOOk1Z4KXGhzpzP_ZPQBskBoGmkOQ%3D%7CDsxY7e36s5ElX3A2bY3O_BLZPWrDUKgtQQWFZGKPkIeqQEWCZPSMAtCr9PIkp4hmCrc0apYu-lKv1cbxlXBcwz2RHp6RRNW35-2Lqsv-wI7NWpM0Is_NLPnT11a4pIukbFIUDpCUOwldt_XCObtRJmAJTRKil34tKiYGLyKcszc9tuzwNulb5vV62A7_3x4wlPlOBSNkFksm4rpEFFzyxx6pKv7MB9_doKnRKiVXViswbmgzDOSh6Z-rCDIUSgJ7LdAlTcTIUII%3D%7Cu8A6SM53vAfOjwLrYX543-dkfTN4xuq2%7CFqzG-NDXIfebsAkK01nLTtGdwb_fLlLE%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7C&subBdr=196&bdrid=294&ksu=355&fdkt=307&vgde_kbbh=ffoyxQJuO&kwd[]=Abandoned+Houses+Near+Me&kwt[]=307&kbc[]=159914&kwp[]=1&kid[]=329999280&kbc2[]=0%7Cactr%3D1.695%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.5089%7C24%3D2763%7C25%3D14%7C22%3D0.5018%7C7%3D0.0029%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D201%7C27%3D3%7C13%3D0.0466%7C14%3D042705%7C15%3D1%7C1%3D0.36%7Cr%3D1%7C2%3D2.47%7Cps%3D1.154%7C3%3D0.12%7C4%3D2.09&ktd[]=4123185578240&ktrkt[]=Abandoned+Houses+Near+Me&kwd[]=Free+Abandoned+Property&kwt[]=307&kbc[]=159914&kwp[]=2&kid[]=351380625&kbc2[]=0%7Cactr%3D1.395%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1647%7C24%3D616%7C25%3D1%7C22%3D0.1679%7C7%3D0.0014%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D1013%7C27%3D3%7C13%3D0.0392%7C14%3D042705%7C15%3D0%7C1%3D0.12%7Cr%3D5%7C2%3D1.86%7Cps%3D1.154%7C3%3D0.08%7C4%3D2.46&ktd[]=4507722812948736&ktrkt[]=Free+Abandoned+Property&kwd[]=Abandoned+Mansions+You+Can+Buy&kwt[]=307&kbc[]=159914&kwp[]=3&kid[]=350766552&kbc2[]=0%7Cactr%3D0.554%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0976%7C24%3D1084%7C25%3D1%7C22%3D0.0987%7C7%3D0.0013%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D306%7C27%3D6%7C13%3D0.0466%7C14%3D042705%7C15%3D1%7C1%3D0.28%7Cr%3D3%7C2%3D1.78%7Cps%3D1.154%7C3%3D0.13%7C4%3D1.65&ktd[]=4123185578240&ktrkt[]=Abandoned+Mansions+You+Can+Buy&kwd[]=Cheap+Abandoned+Mansions+for+Sale&kwt[]=307&kbc[]=23934&kwp[]=4&kid[]=351004570&kbc2[]=0%7Cactr%3D0.770%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0062%7C24%3D1124%7C25%3D0%7C22%3D0.0101%7C7%3D0.0010%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D15833%7C27%3D144%7C13%3D0.0628%7C14%3D042705%7C15%3D1%7C1%3D0.75%7Cr%3D2%7C2%3D3.75%7Cps%3D1.154%7C3%3D0.09%7C4%3D2.63&ktd[]=4507173057134848&ktrkt[]=Cheap+Abandoned+Mansions+for+Sale&kwd[]=Abandoned+Farms+for+Sale&kwt[]=307&kbc[]=45697&kwp[]=5&kid[]=700204&kbc2[]=0%7Cactr%3D0.661%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0273%7C24%3D518%7C25%3D0%7C22%3D0.0210%7C7%3D0.0006%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D255603%7C27%3D4803%7C13%3D0.0608%7C14%3D042705%7C15%3D0%7C1%3D0.72%7Cr%3D9%7C2%3D2.06%7Cps%3D1.154%7C3%3D0.07%7C4%3D4.00&ktd[]=4507722812883200&ktrkt[]=Abandoned+Farms+for+Sale&kwd[]=Electronic+Payment+Processing&kwt[]=375&kbc[]=132371&kwp[]=6&kid[]=9573930&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0220%7C24%3D258%7C25%3D0%7C22%3D0.0386%7C7%3D0.0002%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D554051%7C27%3D1005%7C13%3D0.2648%7C14%3D042705%7C15%3D0%7C1%3D0.31%7Cr%3D6%7C2%3D11.80%7Cps%3D0.968%7C3%3D1.20%7C4%3D3.64&ktd[]=4503874538832128&ktrkt[]=Electronic+Payment+Processing&kwd[]=Best+Ways+To+Invest+In+Gold&kwt[]=375&kbc[]=157571&kwp[]=7&kid[]=316482289&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0892%7C24%3D2%7C25%3D0%7C22%3D0.2292%7C7%3D0.0002%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D943958%7C27%3D1032%7C13%3D0.1098%7C14%3D042705%7C15%3D0%7C1%3D3.18%7Cr%3D13%7C2%3D13.81%7Cps%3D0.968%7C3%3D0.43%7C4%3D3.95&ktd[]=4503874538832128&ktrkt[]=Best+Ways+To+Invest+In+Gold&kwd[]=Free+Dental+Implants&kwt[]=375&kbc[]=115981&kwp[]=8&kid[]=11543551&kbc2[]=%23c%3A796132%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0610%7C24%3D2%7C25%3D0%7C22%3D0.2292%7C7%3D0.0003%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D8643046%7C27%3D16107%7C13%3D0.1065%7C14%3D042705%7C15%3D0%7C1%3D1.43%7Cr%3D11%7C2%3D10.23%7Cps%3D0.968%7C3%3D0.19%7C4%3D4.08&ktd[]=4503874538832128&ktrkt[]=Free+Dental+Implants&v=1&geo=45.49%7C-73.58&dlper=20&lper=100&lpid=&tsid=15062&hint=&cc=CA&wsip=170774658&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22Ymz7LJ1j%22%2C%22QQ8E%22%3A%22uHi.XF.uXA.uWA%22%2C%22QQQN%22%3A%22g%3D%22%7D&cid=8CUP40XRI&vi=1682592349524731568&vsid=3255939501455192&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=010&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L116-S116&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU87559X&vgd_hb_audit_2=277237281&vgd_refdomain=ominous.app&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=38437&vgd_nrrmf=41000c80a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_ifrmode=13&vgd_l1rakh=1682592349119382999&tsrc=entity&sttm=1682592350128&upk=1682592350.19609&hvsid=00001682592350129025035145513998&verid=3111299&vgd_matchstr=hr%3D0&sbdrId=196&vgd_ecrid=S0300080800127000970025099999900&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D16276&vgd_mcf=67546&vgd_vstrid=3255939501455192&vgde_bdata=QOfvzxjj~77vff9iu~8xLjMjvX9~myJLEYv9.9A~e8QMQOvFXf~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9Hfh9X~8xLjMGvh9iW.hH~xLjM7UNv9~Q7Ovkmm7JLoG1zzJL~j1Q7v~e8QMxLjMGv9.Xu~8Evf6%20xxt~kGGv9~e8QMxLjMjvH9~L88Ex1v9%2C9~J7vuW~LNvf%2Chf~LEQMQOvf9fA9Hfh9H~e8QMGvuAX.Wi~xLjMGv9.uH~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvi.huhF~xLjMjvX9~yN17vX9u9Au~GGvuiF~eev9~QYYMYxjv9.hH~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~csRvR~GYvu.9X~QYYMQOvf9fA9Hfh9H~Q8OvfWXX9uWuH~QOvou~x8OvfV1Z8bDwxzj7i0I%2FT7~G7OvFFA9Ah9hFF9i99HXuiAFHuXHWf99fuhAXFfH9W9Wi9fXX9WFuF9fiXFiWAhAHhi9HFfWAXFXAAHXf99uWu9WhHAfHAXHW9uAAFAf~UGMQLNvUGG~eBxvou~OfEMjvu9~AENkvAFF.Hi~x8YvAWu~eBMYJOv9.Hu~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.iW~exLjMGv9.Hu~QQvuF99-uf99~NNv%3DK~UGMOjvzS1~x8BvHi~NJv9~LEQMGvHH.HX~exLjMjvA9~%3DVvfiu9~UGMxNvu~z7Qvf~UGMxjvJz~UGMNNUQvu~7Gvou~GQQMD%2F0vcIR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcIR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvf.HF~8Q8kv9~jNvu~UGM77v9~G8Ov9.9f~UGME7vqmYJE1yJ~ONvh~ejfLMGvuf.F~8exLjMjvA9~QxEEj5M71yM8Ovkmm7JLoG1zzJL~NGOEv9.9A9~OYYvQYYMY8yL178mzM7JQ7~QOvou~O7NvJ1Q7MQN~LJkMNz7vu~O1jyvQYY~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.9A9~875EJM8OvA~QJjjJLM71yM8Ovkmm7JLoG1zzJL~N1LL8JLVOv9~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-fX9~GQGvA~GQEvou~7Y-vfHW&vgd_bhv_kbb=-1&vgd_cfud=220907&vgd_scsver=444&vgd_optout=0&vgd_ydspr=1&vgd_rensize=970_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_dtc=east_sc&vgd_mbr=1&vgd_pgids=4&tdAdd[]=uiparams%3D%3Brend_w%3A970%3Brend_h%3A250&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001682592350129025035145513998&rc=0&rand=1682592350586&acid=47ff0c6fd8d04e6fa0f7fbbe3c426617&matm=1682592350586&vgd_ltimesrc=1&vgd_ltime=894&vgd_rtime=789&vgd_etm=9&vgd_l1hcsd=Sks67%7C2783&vgd_l1ch=1&vgd_lhl=2917&vgd_pgid=p01420645342t202304271045&vgd_csip=rtb-common-apm-86b7445f95-jx28m.SC&vgd_sbSup=1&vgd_nrrs=38437&vgd_cdv=933&vgd_cntrdt=SL%7CDIV-rc_5616d17ecefbf0b%7CBODY&vgd_crefurl=https%3A%2F%2Fominous.app%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349524731568&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=285501814&size=970x250&cc=CA&sc=QC&chnm=smm_migration_test&pid=8PO2H3S30&tpid=T1T5TFO&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&perf=1&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=General%20Search&isid=2&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 27 Apr 2023 10:45:50 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 27 Apr 2023 10:45:50 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:31:17 GMT
server
nginx
etag
W/"642e9165-15b5c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 28 Apr 2023 10:45:50 GMT
log
lg3.media.net/ Frame 9E8E 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUP40XRI&vi=1682592349524731568&hvsid=00001682592350129025035145513998&cdv=933&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=286&l2s_downloadTime=3&l2s_total=290&l2s_start=339&l2s_sslTime=0&l2s_trfSize=28.2&l2s_decSize=75.3&l2s_encSize=27.9&l2s_nhp=h2&l1s_dnsTime=0&l1s_connectionTime=0&l1s_waitTime=135&l1s_downloadTime=12&l1s_total=148&l1s_start=7&l1s_sslTime=0&l1s_trfSize=61.3&l1s_decSize=156.0&l1s_encSize=61.0&l1s_nhp=h2&gdpr=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 27 Apr 2023 10:45:50 GMT
tap.php
pixel.rubiconproject.com/ Frame 40CA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3667a4d2-74f0-4697-8852-71ce6e0827e8&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3667a4d2-74f0-4697-8852-71ce6e0827e8&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3667a4d2-74f0-4697-8852-71ce6e0827e8&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 40CA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=92FWyOYCQD-awuWlNW9-lw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=92FWyOYCQD-awuWlNW9-lw&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=92FWyOYCQD-awuWlNW9-lw&gdpr=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SY9R7G9XG1RZ3EH4Z9VG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=92FWyOYCQD-awuWlNW9-lw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 40CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPafdzw9F4Las9ooFtooqQ4&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPafdzw9F4Las9ooFtooqQ4&google_cver=1
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEPafdzw9F4Las9ooFtooqQ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 40CA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGZ01HYR-17-DMTG&gdpr=0&us_privacy=1---
0
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGZ01HYR-17-DMTG&gdpr=0&us_privacy=1---
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E852D693C03944A0B711E48C15DC776F Ref B: YMQ01EDGE0812 Ref C: 2023-04-27T10:45:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6Tw9gBn4jR3gQVayPFg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGZ01HYR-17-DMTG&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 40CA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWE2NWM0MjgzMzU2MmZmMDVmMjY0YWM2ZDFjMWM4MGUwMGE4ODYwYQ&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWE2NWM0MjgzMzU2MmZmMDVmMjY0YWM2ZDFjMWM4MGUwMGE4ODYwYQ&gdpr=0&us_privacy=1---
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWE2NWM0MjgzMzU2MmZmMDVmMjY0YWM2ZDFjMWM4MGUwMGE4ODYwYQ&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 40CA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdaMDFIWVItMTctRE1URw==&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEMaqdSWo37nIDLjAz0h838k&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdaMDFIWVItMTctRE1URw==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdaMDFIWVItMTctRE1URw==&google_push=&gdpr=0
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdaMDFIWVItMTctRE1URw==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 40CA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FWQ42qI2T8GdyYichqAnCA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FWQ42qI2T8GdyYichqAnCA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FWQ42qI2T8GdyYichqAnCA&gdpr=0
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2HE2936R2J38QXD42BET
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FWQ42qI2T8GdyYichqAnCA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 40CA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/d3Lmpvxj9gHGYlL9TbTNAMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DvQUA_1E2oKtxmJMz0SFHvA7qhi5acn78viB2A--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DvQUA_1E2oKtxmJMz0SFHvA7qhi5acn78viB2A--~A
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 27 Apr 2023 10:45:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-DvQUA_1E2oKtxmJMz0SFHvA7qhi5acn78viB2A--~A
content-length
0
bql.php
lg3.media.net/ Frame 4F61 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5598&&vgd_canary=0&vgd_l2type=scs_newfl&fp=CCh76OUo57g4HBgx8_e0drV6ZfLF1sHbhlHj4m5cA3_zctwh2F5AM5MkmJuUx6GBsPV51vI2NQ-kT_njpuJXdE-9LMOQOFM8UejQ7_yzTuhVGjJqW_QnXT-YIS5Xo49deMm8iiIGsEE%3D&cme=b_YuBzbrmhfZOE1eDUwVoeAneueUpYWH3CdUgbKK9yS2L40aZmLD63UF9UKjfcuqqVLAss9ZuvghkJj4aYhy81AXklxQMgCc0mOT0IBmnCxFneTObqi1QySg3y3Qs3_UPOHnhxcFP3yLSijrZZk2pG5JO271G9Y1SkWhaH0uBrPwRj6EhIEUjAu6klGFhHq-FtHvfUqPqoRkt12jfbzZ6zxsNSzl-QUvYU_c0K805Iw%3D%7C%7CFqzG-NDXIfebsAkK01nLTtGdwb_fLlLE%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD4k8qTyBCKTBgF4Ek4tCnexF_l4ixmCsas%3D%7Cxrl5Md8q4--QedGOOk1Z4KXGhzpzP_ZPQBskBoGmkOQ%3D%7CCrVPB2HcAywVwZJtL1I1B2HcYKj1_A6IE3aTzsFXrcoaoBjWp45g6-KA9cIDDTydGFnuiZJ60cxvmsi-NfTdVzXngv61DdBAheS7LqHkiWBYSdf_5JeBKGZe5UgGo7Fa47pIvtGMh0LAygsHokxw4d92OXX10SA6aAw6PETZ9v2IKjHYHqbZ-2q19kb8drvpUgDjqFbGEGQb3qAIA16B2upXtTg2VYNsWKdh--0zLh4ZXtqatJPsYj7E2CpRephj%7Cu8A6SM53vAfOjwLrYX543-dkfTN4xuq2%7C&subBdr=196&bdrid=294&ksu=355&fdkt=307&vgde_kbbh=ffoyxQJuO&kwd[]=Abandoned+Houses+Near+Me&kwt[]=307&kbc[]=159914&kwp[]=1&kid[]=329999280&kbc2[]=0%7Cactr%3D1.695%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.5089%7C24%3D2763%7C25%3D14%7C22%3D0.5018%7C7%3D0.0029%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D201%7C27%3D3%7C13%3D0.0505%7C14%3D042705%7C15%3D0%7C1%3D0.38%7Cr%3D1%7C2%3D2.50%7Cps%3D1.154%7C3%3D0.12%7C4%3D2.09&ktd[]=4123185578240&ktrkt[]=Abandoned+Houses+Near+Me&kwd[]=Free+Abandoned+Property&kwt[]=307&kbc[]=159914&kwp[]=2&kid[]=351380625&kbc2[]=0%7Cactr%3D1.395%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1647%7C24%3D616%7C25%3D1%7C22%3D0.1679%7C7%3D0.0014%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D1013%7C27%3D3%7C13%3D0.0182%7C14%3D042705%7C15%3D0%7C1%3D0.12%7Cr%3D8%7C2%3D1.86%7Cps%3D1.154%7C3%3D0.08%7C4%3D2.46&ktd[]=4507722812948736&ktrkt[]=Free+Abandoned+Property&kwd[]=Abandoned+Mansions+You+Can+Buy&kwt[]=307&kbc[]=159914&kwp[]=3&kid[]=350766552&kbc2[]=0%7Cactr%3D0.554%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0976%7C24%3D1084%7C25%3D1%7C22%3D0.0987%7C7%3D0.0013%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D306%7C27%3D6%7C13%3D0.0505%7C14%3D042705%7C15%3D1%7C1%3D0.33%7Cr%3D3%7C2%3D1.90%7Cps%3D1.154%7C3%3D0.13%7C4%3D1.65&ktd[]=4123185578240&ktrkt[]=Abandoned+Mansions+You+Can+Buy&kwd[]=Cheap+Abandoned+Mansions+for+Sale&kwt[]=307&kbc[]=23934&kwp[]=4&kid[]=351004570&kbc2[]=0%7Cactr%3D0.770%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0062%7C24%3D1124%7C25%3D0%7C22%3D0.0101%7C7%3D0.0010%7C8%3D042702%7C9%3D0%7C11%3D0%7C26%3D15833%7C27%3D144%7C13%3D0.0690%7C14%3D042705%7C15%3D0%7C1%3D0.82%7Cr%3D2%7C2%3D3.77%7Cps%3D1.154%7C3%3D0.09%7C4%3D2.63&ktd[]=4507173057134848&ktrkt[]=Cheap+Abandoned+Mansions+for+Sale&v=1&geo=45.49%7C-73.58&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=CA&wsip=170774595&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22Ymz7LJ1j%22%2C%22QQ8E%22%3A%22uHi.XF.uXA.uWA%22%2C%22QQQN%22%3A%22g%3D%22%7D&cid=8CUP40XRI&vi=1682592349382299116&vsid=3255939501455192&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=010&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L116-S116&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU87559X&vgd_hb_audit_2=277237281&vgd_refdomain=ominous.app&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=38437&vgd_nrrmf=1001c80a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_ifrmode=13&vgd_l1rakh=1682592349193582268&tsrc=entity&sttm=1682592350166&upk=1682592350.23980&hvsid=00001682592350166025035145511319&verid=3111299&vgd_matchstr=hr%3D0&sbdrId=196&vgd_ecrid=S0300080813018200728009099999900&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D16276&vgd_mcf=67546&vgd_vstrid=3255939501455192&vgde_bdata=QOfvzxjj~77vff9iu~8xLjMjvX9~myJLEYv9.uA~e8QMQOvFXf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9Hfh9X~8xLjMGvFfAf.Hh~xLjM7UNv9~Q7Ovj15mx7oGmO5oGm77mYoG1zzJL~j1Q7v~e8QMxLjMGv9.hW~8Evf6%20xxt~kGGv9~e8QMxLjMjvH9~L88Ex1v9%2C9~J7vuA~LNvu~LEQMQOvf9fA9Hfh9H~e8QMGvi9h.Ff~xLjMGv9.uF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8vfW~xLjMjvX9~yN17vX9u9Au~GGvuiF~eev9~jfLMGvu999~JLEYv9.uA~ejfLMxLjMUNv949~csRvR~GYvu.9X~Q8OvN111NGhiNiAHWhAfGNOk11JkfffX1Ak9~QOvou~x8OvfV1Z8hdj2s_1%3DcrTAl~G7OvFFA9Ah9hFF9i99HXuiAXWffFfFX9XuAFuXHWAFHHWiWuhAhi9hifWHWAiu9HWuHhuHX9WHWff9uAiHWfAAhFAWuXhiHhii9uhiWH~UGMQLNvUGG~eBxvou~OfEMjvu9~AENkvFhi.fX~x8YvXuu~eBMYJOv9.Hu~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iW~exLjMGv9.Hu~QQvuF99-uf99~NNv%3DK~UGMOjvzS1~x8BvXF~NJv9~LEQMGvXX.HF~exLjMjvA9~%3DVvfiu9~UGMxNvu~z7Qvu~UGMxjvJz~UGMNNUQvu~7Gvou~GQQMD%2F0vcIR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcIR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvf.HF~8Q8kv9~jNvu~UGM77v9~G8Ov9.uA~UGME7vqmYJE1yJ~ONvh~ejfLMGvA.hH~8exLjMjvA9~QxEEj5M71yM8Ovj15mx7oGmO5oGm77mYoG1zzJL~NGOEv9.uA9~OYYvw1LYmz5~QOvou~O7NvJ1Q7MQN~LJkMNz7vu~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.uA9~875EJM8OvA~QJjjJLM71yM8Ovj15mx7oGmO5oGm77mYoG1zzJL~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~zQlvu~7yQvhfW-i9~GQGvA~GQEvou~7Y-vfHF&vgd_bhv_kbb=-1&vgd_cfud=221007&vgd_scsver=444&vgd_optout=0&vgd_ydspr=1&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_dtc=east_sc&vgd_mbr=1&vgd_pgids=4&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001682592350166025035145511319&rc=0&rand=1682592350644&acid=85ec1515a5294b7797fd113e717e824f&matm=1682592350644&vgd_ltimesrc=1&vgd_ltime=834&vgd_rtime=762&vgd_etm=7&vgd_l1hcsd=Sks67%7C2783&vgd_l1ch=1&vgd_lhl=2860&vgd_pgid=p01420645342t202304271045&vgd_csip=rtb-common-cc65979b9-5wqt8.SC&vgd_sbSup=1&vgd_nrrs=38437&vgd_cdv=933&vgd_cntrdt=SL%7CDIV-rc_26bd7d70729b90c%7CBODY&vgd_crefurl=https%3A%2F%2Fominous.app%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.$5l&&vi=1682592349382299116&gdpr=0&tsce=L116&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=566751162&size=728x90&cc=CA&sc=QC&chnm=HARMONY&pid=8PO2H3S30&tpid=TRK6718&https=1&vif=1&requrl=https%3A%2F%2Fominous.app&kwrf=https%3A%2F%2Fominous.app&nse=5&ugd=4&adt1=8CU87559X&adt2=277237281&itid=3&bae=B4qgzagaNa&bcpf=B4qgzag8fOnRrolnfOur8aNa&bdrId=294&ntv=0&matchstring=hr%3D0&sff=0&kttle=Ominous&mcf=67546&katpre=1&katbid=-102&ydspr=1&pgid=p01420645342t202304271045&essld=uHi.XF.uXA.uWA~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&adv=Business%20Searches&isid=21&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 27 Apr 2023 10:45:50 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 27 Apr 2023 10:45:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 26EB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwdF-XlJKZJuyAZGzzwWno4S4DQAAAAA4AeAEAg&bg=!TU6lThrNAAYfNdXmPzU7ADkAdvg8Wm_jRVBFu-gX-AChFkNPsPLEpH9c7ikLfvp4EWPaH63nuiQXhfaQPHaTYHSBYBulyc288ngCAAAATFIAAAACaAEHmQLyDY2e7bWIQcJ6WlVcJJRNWk0Puqh9Wiwwa4U_iRieejPYrhAll258izbq1w96y0F6Du8wl3yi2MCDU0NR8osMmfNMWN41l9_ZM1hCeb4ieieudVlEsZ7glS-h4hxDAJUnLiZJXN7ROZwN0HK_eg3D-uZjB428wzHoA1vnOZXg_eZbn3Twau7heoxUPahVGBP1d4TfdI0l9vlzHwr1fNMW4iNXyL8PfxqEw2iXMA2RrKMBZCF4A5XQopzY-cyCa7HluSgRg3dI8uV7BOVJbaL29fuqw6E0GgejblpFlF336eLKAbjU9ZN5AaBYRN9VxC2B3XII0Z8KKLLwbYldLGrY0Vgv1twGAYZ7G8mrYTRh-1pGPxoQfp84rVG7uIsi2lHRdLQqViKwyAvmQLfX9qfz2RnwJ2LkUo9UBj3nhuxMjk7kIuzcfnopcZ_ssDfYW9MepGfs7_Ng8rdSV5CllI-2rbbYkYQLTQXYNGBm_FArjcdSI2AwayQM-W3WEI8Ox6oD0dpy5z7eCBpKrQ3rdabOLRNqVWZ3LxYperX5VDnR-31EhCKJ1Xdcv8gdb9ryGr-nStgDUJGJFJgSzNsqMQ20DszwZrhwabD4t2L607Fzfav-H3OVcmbmMrugkcFubhe0AIwedLZV3aV_khI2OvHjiAXUo5M1PMqP2jlIoqYJqu5vo31HTbsapu1KcxmKt7kcwHc1ljnBGHoQw4KckZp00Qw_EQv9IK6sw9AE5j9NL_ZwjAKRp0NZuae-_1Jff0O8cuX36WLkT29CExKsjjTcUcnjmbhAQ7N3j4VCjzkKR7UJErEpmLx11_cw1fLORKMTCbXqv8WMAdBlXDNYHWVElzLUInvYcNNaLJfqcGNZeMw_oZF0ZhmZoDfEJB7XuW2kH-QO2EZbXmEIJbn54H6F6aHPzOFIICDKk_BEWwQCX1-Y3r5B8HC58hezk0j5ihwmOor4WyIsNKByidV9YlcZ0NNXJUNX2Md74Ha9Is8aFSXbMQ
Requested by
Host: ominous.app
URL: https://ominous.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.3.150 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-3-150.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ominous.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Thu, 27 Apr 2023 10:45:51 GMT
strict-transport-security
max-age=15768000
httpapi
api2.amplitude.com/2/ 		94 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.3.150 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-3-150.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a961d6afeb265db894ff0648ac7e59523c10d6c8eea08e9cb32fc90b5716a778
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 27 Apr 2023 10:45:51 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-644a525f-5e4cb6e71f958c8129f1801a
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
dbe3f7c7-89ba-4c64-b5e7-0e832a5811ca
tracker.nitropay.com/viewability/ 		0
160 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/viewability/dbe3f7c7-89ba-4c64-b5e7-0e832a5811ca?viewable=true&timeInView=1000
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
7be67a714b51ca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
d24a989d-6f2d-4d43-ac4b-36ad7e3517e5
tracker.nitropay.com/viewability/ 		0
160 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/viewability/d24a989d-6f2d-4d43-ac4b-36ad7e3517e5?viewable=true&timeInView=1001
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
7be67a714b52ca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
09f78248-6515-4979-b6b0-caea661967cf
tracker.nitropay.com/viewability/ 		0
160 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/viewability/09f78248-6515-4979-b6b0-caea661967cf?viewable=true&timeInView=1000
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
7be67a71ab96ca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230424&st=env
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24b69e8c7a23c687d25c4aa7d5d340b051e7e160d40056d9676b909ba2d8ba0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11234
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 629E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ominous.app
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 10:45:50 GMT
server
Kestrel
server-processing-duration-in-ticks
777361
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 629E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ominous.app&sn=ChromeSyncframe&so=0&topUrl=ominous.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=LM83m3xVZjlzY3ZaR01ITFBhZTFaSnZ0Z3RWL0REdG1Wczd6YW9Ld0htTTFxcGtkdzAyeU5aTDhaYnFmc0drRUZIQnM5bFczeGJDWFM1dnAreGlHTTJmVkR5WGhHQnRBY08vMG1oY0plZkV0aFpLc2Y2SGh1cGxrQlB2RT...
449 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LM83m3xVZjlzY3ZaR01ITFBhZTFaSnZ0Z3RWL0REdG1Wczd6YW9Ld0htTTFxcGtkdzAyeU5aTDhaYnFmc0drRUZIQnM5bFczeGJDWFM1dnAreGlHTTJmVkR5WGhHQnRBY08vMG1oY0plZkV0aFpLc2Y2SGh1cGxrQlB2RTdCb2RJQ1JZdVp1WDBNaWVXWU4vQy9Xdm5YK21YQU5UdzZCaEhOR29mOFB5cXB1QW4za2pneUVHYldqZklHbUs3djNISmk4NVpFSWc5d1VXMjNHQTE3M3ZEQ1ZjM21UVFVnWnVZZm1oV2NUOXdYOFg4QU4reEVSSzlhUXMvNGkxNzlINXZoRWROSTdsa250YUJVMnkyejFwQmx4U3Y5Zz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
804342dc70f8049653e8bfca36d7bba45625d06c1063b9348b76a090b370df90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1863277
expires
0

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=LM83m3xVZjlzY3ZaR01ITFBhZTFaSnZ0Z3RWL0REdG1Wczd6YW9Ld0htTTFxcGtkdzAyeU5aTDhaYnFmc0drRUZIQnM5bFczeGJDWFM1dnAreGlHTTJmVkR5WGhHQnRBY08vMG1oY0plZkV0aFpLc2Y2SGh1cGxrQlB2RTdCb2RJQ1JZdVp1WDBNaWVXWU4vQy9Xdm5YK21YQU5UdzZCaEhOR29mOFB5cXB1QW4za2pneUVHYldqZklHbUs3djNISmk4NVpFSWc5d1VXMjNHQTE3M3ZEQ1ZjM21UVFVnWnVZZm1oV2NUOXdYOFg4QU4reEVSSzlhUXMvNGkxNzlINXZoRWROSTdsa250YUJVMnkyejFwQmx4U3Y5Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
518552
content-length
0
expires
0
log
hblg.media.net/ Frame 7D85 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AewFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQ_ARANTU5ODAyYzMzZTdiNDVhNzk0MzJkYWQ2OWFlN2JhMznCuLKIAswEBENBFm9taW5vdXMuYXBwEjhDVTg3NTU5WC5sYW5kaW5nLXBhZ2UtdG9wLWJhbm5lcg45NzB4MjUwDmVhc3Rfc2MEMjMMUFJFQklEEjhQUlcyM0hHNQ5CSURfQVBJAC5sYW5kaW5nLXBhZ2UtdG9wLWJhbm5lcgIwOnJ0Yi1jb21tb24tY2M2NTk3OWI5LTV3cXQ4LlNDQFMwMzAwMDgwODAwMTI3MDAwOTcwMDI1MDk5OTk5OTAwAjAABgEwZ2VuLXZibHRfcHJlYmlkX3Rlc3RfMl8xRjIwMjMwNDI2MjMxMl9nZW4tdmJsdF9wcmViaWRfdGVzdF8yJmdlbi12Ymx0X3ByZWJpZF9hbGyKASRNRURJQS5ORVQgRVhDSEFOR0UCAmQ&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:51 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 27 Apr 2023 10:45:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 10:45:51 GMT
log
hblg.media.net/ Frame A442 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AewFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQ_ARAODVlYzE1MTVhNTI5NGI3Nzk3ZmQxMTNlNzE3ZTgyNGbCuLKIAswEBENBFm9taW5vdXMuYXBwEjhDVTg3NTU5WDJsYXlvdXQtYm9keS1ib3R0b20tYmFubmVyDDcyOHg5MA5lYXN0X3NjBDIzDFBSRUJJRBI4UFJXMjNIRzUOQklEX0FQSQAybGF5b3V0LWJvZHktYm90dG9tLWJhbm5lcgIwOnJ0Yi1jb21tb24tY2M2NTk3OWI5LTV3cXQ4LlNDQFMwMzAwMDgwODEzMDE4MjAwNzI4MDA5MDk5OTk5OTAwAjAABgEwZ2VuLXZibHRfcHJlYmlkX3Rlc3RfMl8wRjIwMjMwNDI2MjMxMl9nZW4tdmJsdF9wcmViaWRfdGVzdF8yJmdlbi12Ymx0X3ByZWJpZF9hbGxSJE1FRElBLk5FVCBFWENIQU5HRQICZA&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:51 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 27 Apr 2023 10:45:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 10FB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
47047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 21:41:44 GMT
expires
Thu, 25 Apr 2024 21:41:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4B8F 		783 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
57a6bf01021a32f2868528a5434b18e0491af387e4fe98eb6d201f0fa7279791
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ze74A8wv5XjrF6ZvfcSlIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-ze74A8wv5XjrF6ZvfcSlIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 27 Apr 2023 10:45:51 GMT
expires
Thu, 27 Apr 2023 10:45:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
pagead2.googlesyndication.com/bg/ Frame 10FB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BnousL5ILBVKPox_BhCtx9cLC8w-HAhp3a1hPLgmzAw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 17:31:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
494032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14156
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 17:31:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4B8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230424&jk=4238634670886990&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 10FB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Stdu2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4D2A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-XVsCQ1VXxoQgbpwV641bc0V5bdUoi2u_NOe3_Fi6AQDAg23JrS_wIJTFnfiofyEPZSqFtKgGWAJthb3KeK6WUCQR8N2TgaI&sig=Cg0ArKJSzDz5L41vv8SWEAE&id=lidar2&mcvt=1004&p=0,0,90,728&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682592349815&rpt=546&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-VY926P02G8&cv=1&v=3&t=t&pid=1364466621&rv=34q0&es=1&e=gtm.load&eid=9&u=AgAAAAAIAAAAACA&h=Ag&tc=10&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:51 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D2A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5168246816246&version=m202301230201&ct=76&x=8&cor=4154394780262804000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bqi.php
lg3.media.net/ Frame D978 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2362&lf=3&&vgd_hb_audit_1=8CU87559X&vgd_hb_audit_2=277237281&vgd_itype_id=3&vgd_tsce=L116&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=933&vgd_cage=1&vgd_rensize=970_250&vgd_ren_page_h=3493&gdpr=0&prid=8PRVCXX19&cid=8CUP40XRI&crid=285501814&requrl=https%3A%2F%2Fominous.app&vi=1682592349221451208&ugd=4&cc=CA&sc=QC&bdrid=294&subBdr=196&vgd_kwrf=https%3A%2F%2Fominous.app&startTime=1682592350012&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1682592349100194400&l1ch=1&l1hcsd=l1!Sks67|2783&cref=https%3A%2F%2Fominous.app%2F&tsrc=entity&sttm=1682592350022&upk=1682592350.8445&hvsid=00001682592350022025035145517668&acid=559802c33e7b45a79432dad69ae7ba39&verid=3111299&vgd_bdata=sd2%3Dnull~tt%3D22091~iurl_l%3D50~ogerpm%3D0.27~vis_sd%3D654~dc2%3D1~bat%3D0%2C0%2C0~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2023042703~iurl_b%3D7017.54~url_tkc%3D0~std%3Dlanding-page-top-banner~last%3D~vis_url_b%3D0.51~ip%3D2JquuX~fbb%3D0~vis_url_l%3D40~riipua%3D0%2C0~et%3D16~rc%3D1~rps_sd%3D2023042705~vis_b%3D651.19~url_b%3D0.14~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D50~gcat%3D501031~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.27~vl2r_url_kc%3D0E0~MFB%3D1p~bm%3D1~sid%3D285501814~sd%3D-1~uid%3D2IaGiOkI1KrZuL5XBT~btd%3D6630370766090045193582262650513615483644898173383723720348546419143648892927109577932099358400450560~kb_src%3Dkbb~vwu%3D-1~d2p_l%3D10~3pcf%3D422.3~uim%3D381~vw_med%3D0.69~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.98~vurl_b%3D0.42~ss%3D1600x1200~cc%3DCA~kb_dl%3Dn%2Fa~uiw%3D66~ce%3D0~rps_b%3D49.49~vurl_l%3D30~CI%3D2910~kb_uc%3D1~nts%3D2~kb_ul%3Den~kb_ccks%3D1~tb%3D-1~bss_RVP%3DMNB%2CNED~ct%3Dmontreal~bss_KTW%3DMNB%2CNED~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.38~isif%3D0~lc%3D1~kb_tt%3D0~bid%3D0.27~kb_pt%3DHomepage~dc%3D7~vl2r_b%3D19.69~ivurl_l%3D30~supply_tag_id%3Dlanding-page-top-banner%7Ecbdp%3D0.270%7Edmm%3Dharmony%7Esd%3D-1%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.270%7Eitype_id%3D3%7Eseller_tag_id%3Dlanding-page-top-banner%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~nsz%3D2~tgs%3D728x90%7C970x250~bsb%3D3~bsp%3D-1~tmx%3D249&matchstring=hr%3D0&vgd_matchstr=hr%3D0&vgd_sc=QC&infr=1&stime=1682592349773&vgd_ecrid=S0300080800127000970025099999900&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p01420645342t202304271045&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 27 Apr 2023 10:45:51 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 27 Apr 2023 10:45:51 GMT
bqi.php
lg3.media.net/ Frame DE1D 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2365&lf=3&&vgd_hb_audit_1=8CU87559X&vgd_hb_audit_2=277237281&vgd_itype_id=3&vgd_tsce=L116&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=933&vgd_cage=1&vgd_rensize=728_90&vgd_ren_page_h=3493&gdpr=0&prid=8PRVCXX19&cid=8CUP40XRI&crid=566751162&requrl=https%3A%2F%2Fominous.app&vi=1682592349382299116&ugd=4&cc=CA&sc=QC&bdrid=294&subBdr=196&vgd_kwrf=https%3A%2F%2Fominous.app&startTime=1682592350162&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1682592349193582268&l1ch=1&l1hcsd=l1!Sks67|2783&cref=https%3A%2F%2Fominous.app%2F&tsrc=entity&sttm=1682592350166&upk=1682592350.23980&hvsid=00001682592350166025035145511319&acid=85ec1515a5294b7797fd113e717e824f&verid=3111299&vgd_bdata=sd2%3Dnull~tt%3D22091~iurl_l%3D50~ogerpm%3D0.13~vis_sd%3D652~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2023042705~iurl_b%3D6232.47~url_tkc%3D0~std%3Dlayout-body-bottom-banner~last%3D~vis_url_b%3D0.78~ip%3D2JquuX~fbb%3D0~vis_url_l%3D40~riipua%3D0%2C0~et%3D13~rc%3D1~rps_sd%3D2023042704~vis_b%3D907.62~url_b%3D0.16~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D28~url_l%3D50~gcat%3D501031~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.13~vl2r_url_kc%3D0E0~MFB%3DB~bm%3D1.05~sid%3Dcaaacb79c9348732bcdfaaef2225a3f0~sd%3D-1~uid%3D2IaGi7jlZFTaCMDL3z~btd%3D6630370766090045193582262650513615483644898173790792848391048147145084822013948233763815794799017984~kb_src%3Dkbb~vwu%3D-1~d2p_l%3D10~3pcf%3D679.25~uim%3D511~vw_med%3D0.41~dmm_strg%3Dharmony~d2p_b%3D1~ogd2p_b%3D0.98~vurl_b%3D0.41~ss%3D1600x1200~cc%3DCA~kb_dl%3Dn%2Fa~uiw%3D56~ce%3D0~rps_b%3D55.46~vurl_l%3D30~CI%3D2910~kb_uc%3D1~nts%3D1~kb_ul%3Den~kb_ccks%3D1~tb%3D-1~bss_RVP%3DMNB%2CNED~ct%3Dmontreal~bss_KTW%3DMNB%2CNED~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D2.46~isif%3D0~lc%3D1~kb_tt%3D0~bid%3D0.13~kb_pt%3DHomepage~dc%3D7~vl2r_b%3D3.74~ivurl_l%3D30~supply_tag_id%3Dlayout-body-bottom-banner%7Ecbdp%3D0.130%7Edmm%3Dharmony%7Esd%3D-1%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.130%7Eitype_id%3D3%7Eseller_tag_id%3Dlayout-body-bottom-banner%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~nsz%3D1~tgs%3D728x90~bsb%3D3~bsp%3D-1~tmx%3D246&matchstring=hr%3D0&vgd_matchstr=hr%3D0&vgd_sc=QC&infr=1&stime=1682592349890&vgd_ecrid=S0300080813018200728009099999900&vgd_uspa=0&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p01420645342t202304271045&vgd_pgids=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.136.24 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-136-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 27 Apr 2023 10:45:51 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 27 Apr 2023 10:45:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230424&jk=4238634670886990&bg=!wMOlw5fNAAYfNdXmPzU7ADkAdvg8Ws373NUub_i9MLMHL8su8LF2034P_7uifSC81QITrfe4LFDebawOPIaJjHQP2H1EpZRhWqQCAAAATFIAAAACaAEHCgBnFaHYGfpTS1UWGkh7FiLDJA2qjkqpUwfRHjR8fIwLb0g-6LFkY5Gqkh5-U4Mt7W9DgHk7XZSCpGHU2MtLVz2i-utkzYTd7m8AOCmOxsAu2g-gf7nJj7DOh5oGnOQFQmiLnIJh_AfLBZkC5esoBcA-qCom-276XZP9ypxgCR1AtqQlQu4rrSqbEXNAoMw_fAJg52JUnk5DJil3O3tItV60llGhNhBkfjGl-OaIj3mA26JK-DJMoIvmsZD-YBdcpI7880j9mZbIcmXbq2PoA8Z2s7ImPTVFhFmKB9z5Fa3f5kCpNs00tigxJF0Rly0hTSY7eIemJlxSUveGiAfwnKcJapgsE4pzve7R71l2ufoeLWiRexRYBcJtKMiOCvK_UFej3VxJjJ9PaN-jGID2uW_nUkhc-at2Az7oOGSGv_kwhly7ih5-5frqWmniDYxE10bur4Vl2zs_W4WU3Od7OS9DBM8CZGObRhQUCTDS7plLEjTSbPN0VJcERrKDp-T-vI9AymbWp6G2roD6Xazyfxuw-F2CbfNFY_VJ3By7hwxvme6aFiZ5J9LDzNt0yTH-dS9Ey9Q4lWDdyTcq5LxsaX1AKuEIHyM2Yc9qckQm6ER3Zb24vzYqXz3PhQM2PNDS_9ts6AuFLHzUuCcCFWdbxrzBvSRDX5P737BbjTWUR-2bMMgIVPmxbl9ZkVhZKstT99-yUqCsn3yO81BuVDjGWJ57mzzpFDLvboIuwCRM8yWblKt496dI1pgl-G6_gf5e6kcn5iDf_angV0EmAT3ldeRQSzMfW-eLMtP-Lids0RqIymB6Q4Sv_9NZO4I4WNUnAPjyhzKiq_1t8gXmgN-PIYg91Fi__kEyh9B1eBwwPY2q3ghmGX-gJ2Ip-HmseILfKNV53uMwzUJ5hR8j6maCFdYGl9qFpp74KC9xzQ-gXwllU1Vy-mFNrIn0sTSosX25qjiDlYe1GmwIJILGr2NqMiaAV79t3_Qic9S8SWJdbynmMCjNZkcZlR5aiSZCKicMGiARNADJY1COcVogFsQkxjT-HFOb0zTSkljthInBWouG9V7NA8IKXu6UHmG0YCeG-KeQjMcZ39lIpORd2UWag2tJ3IItcCpXq18qtXUaZ5f9JQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rid
match.adsrvr.org/track/ 		108 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=aqo03op&fmt=json
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.27.4/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
d2ae1c702d9decde95b658cc242547a950e1c8925be0948cd411b8f5284fdae3

Request headers

Referer
https://ominous.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Apr 2023 10:45:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ominous.app
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 27 May 2023 10:45:52 GMT
checksync.php
contextual.media.net/ Frame C977 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8daaf4ca85d9c6bd4e96f1b7ba0603db21b85fd1d0b6f934d51c34b7d388cdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11949
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:55 GMT
expires
Sat, 29 Apr 2023 10:45:55 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame F2A5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.186 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 27 Apr 2023 10:45:55 GMT
ETag
"623de86a-cf34"
Expires
Fri, 28 Apr 2023 10:45:57 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 87AF 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8daaf4ca85d9c6bd4e96f1b7ba0603db21b85fd1d0b6f934d51c34b7d388cdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11949
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:55 GMT
expires
Sat, 29 Apr 2023 10:45:55 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9FCE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.186 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 27 Apr 2023 10:45:55 GMT
ETag
"623de86a-cf34"
Expires
Fri, 28 Apr 2023 10:45:57 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C4E3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.186 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 27 Apr 2023 10:45:55 GMT
ETag
"623de86a-cf34"
Expires
Fri, 28 Apr 2023 10:45:57 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame D7DB 		749 B
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c9bf08a38885026a0434982bf9b277121bf5e267f5ad4d931d30c66c4c407124

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
479
content-type
text/html
date
Thu, 27 Apr 2023 10:45:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 1649 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8daaf4ca85d9c6bd4e96f1b7ba0603db21b85fd1d0b6f934d51c34b7d388cdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11949
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:55 GMT
expires
Sat, 29 Apr 2023 10:45:55 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame A808 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:55 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 4EAC 		749 B
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c9bf08a38885026a0434982bf9b277121bf5e267f5ad4d931d30c66c4c407124

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
479
content-type
text/html
date
Thu, 27 Apr 2023 10:45:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
us-u.openx.net/w/1.0/ Frame 5346 		749 B
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c9bf08a38885026a0434982bf9b277121bf5e267f5ad4d931d30c66c4c407124

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
479
content-type
text/html
date
Thu, 27 Apr 2023 10:45:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
us-u.openx.net/w/1.0/ Frame 56C4 		749 B
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c9bf08a38885026a0434982bf9b277121bf5e267f5ad4d931d30c66c4c407124

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
479
content-type
text/html
date
Thu, 27 Apr 2023 10:45:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7838 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.186 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 27 Apr 2023 10:45:55 GMT
ETag
"623de86a-cf34"
Expires
Fri, 28 Apr 2023 10:45:57 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 1348 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1491.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8daaf4ca85d9c6bd4e96f1b7ba0603db21b85fd1d0b6f934d51c34b7d388cdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ominous.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11949
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 10:45:55 GMT
expires
Sat, 29 Apr 2023 10:45:55 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ecm3
s.amazon-adsystem.com/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=2360c84e-2ac0-4d74-b867-65a1b42fb132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z8CSK98YC24WVS5FF0BX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6157626493583308704
68 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6157626493583308704
Protocol
H2
Server
52.6.78.119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:55 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 27 Apr 2023 10:45:55 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.183; 149.56.153.183; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d838c728-605e-4b82-bfe7-8d59aa39caa5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=6157626493583308704
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58280/ 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58280/sync?uid=2360c84e-2ac0-4d74-b867-65a1b42fb132&_origin=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=2360c84e-2ac0-4d74-b867-65a1b42fb132&gdpr=0&gdpr_consent=
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=3fca88de6e552397&is_secure=true&networkId=44410&version=1&nuid=2360c84e-2ac0-4d74-b867-65a1b42fb132&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAL9QsExC16sQMc5iPPAAAAAAA&expiration=1682678754&nuid=2360c84e-2ac0-4d74-b867-65a1b42fb132&is_secure=true&g...
68 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAL9QsExC16sQMc5iPPAAAAAAA&expiration=1682678754&nuid=2360c84e-2ac0-4d74-b867-65a1b42fb132&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
52.6.78.119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ominous.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:55 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAL9QsExC16sQMc5iPPAAAAAAA&expiration=1682678754&nuid=2360c84e-2ac0-4d74-b867-65a1b42fb132&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame D7DB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAF0ZbVagA9
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAF0ZbVagA9&_test=ZEpSYwAF0ZbVagA9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAF0ZbVagA9&_test=ZEpSYwAF0ZbVagA9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12823-YUL
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682592355.090845,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAF0ZbVagA9&_test=ZEpSYwAF0ZbVagA9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
4579eea2-2b1d-e188-f9d0-0b0991d1c0b3
pr-bh.ybp.yahoo.com/sync/openx/ Frame D7DB 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4579eea2-2b1d-e188-f9d0-0b0991d1c0b3?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:84b6:1844:cd73:e0bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame D7DB 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8968f49b-a71b-c83b-0809-9f6b06b5c61a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KN2CX6DFC0PHE35YQ75N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D7DB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame D7DB 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmRkMTViMmMtNzJjNi0yZDY1LWRkZTctNDc0NWE0NjRjMzlh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D7DB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ny75r2x0
sync-tm.everesttech.net/ct/upi/pid/ Frame 4EAC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAAASTVawA9
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAAASTVawA9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H2
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yul12823-YUL
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
495
x-timer
S1682592355.090870,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
4032

Redirect headers

x-served-by
cache-yul12823-YUL
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1682592355.062957,VS0,VE14
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAAASTVawA9
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
4579eea2-2b1d-e188-f9d0-0b0991d1c0b3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4EAC 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4579eea2-2b1d-e188-f9d0-0b0991d1c0b3?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:84b6:1844:cd73:e0bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 4EAC 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8968f49b-a71b-c83b-0809-9f6b06b5c61a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PAWCGNQSEPPGZNCGXBMP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4EAC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 4EAC 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmRkMTViMmMtNzJjNi0yZDY1LWRkZTctNDc0NWE0NjRjMzlh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4EAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 56C4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAFzP6W2wBS
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAFzP6W2wBS&_test=ZEpSYwAFzP6W2wBS
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAFzP6W2wBS&_test=ZEpSYwAFzP6W2wBS
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12823-YUL
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682592355.091028,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAFzP6W2wBS&_test=ZEpSYwAFzP6W2wBS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
4579eea2-2b1d-e188-f9d0-0b0991d1c0b3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 56C4 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4579eea2-2b1d-e188-f9d0-0b0991d1c0b3?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:84b6:1844:cd73:e0bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 56C4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8968f49b-a71b-c83b-0809-9f6b06b5c61a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BK2RTTQ2SWK5VGDMP8BJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 56C4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 56C4 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmRkMTViMmMtNzJjNi0yZDY1LWRkZTctNDc0NWE0NjRjMzlh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 56C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5346
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZEpSYwAFz5yXBABS
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAFz5yXBABS&_test=ZEpSYwAFz5yXBABS
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAFz5yXBABS&_test=ZEpSYwAFz5yXBABS
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12823-YUL
pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682592355.131863,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZEpSYwAFz5yXBABS&_test=ZEpSYwAFz5yXBABS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
4579eea2-2b1d-e188-f9d0-0b0991d1c0b3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5346 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4579eea2-2b1d-e188-f9d0-0b0991d1c0b3?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:84b6:1844:cd73:e0bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 5346 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8968f49b-a71b-c83b-0809-9f6b06b5c61a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
97NE2406X6EEM78C6SJZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5346
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3667a4d2-74f0-4697-8852-71ce6e0827e8&ttd_puid=d1be88e6-bbb1-73c1-c807-1dfc6e860dfa&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 5346 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmRkMTViMmMtNzJjNi0yZDY1LWRkZTctNDc0NWE0NjRjMzlh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5346
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=040762c5-8f84-45b0-af5f-1707685648e8&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Apr 2023 10:45:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMz-RJ9J2LvKNI7KaGpuRM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A808 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e63be18f76f8a666e2da042531d73757e3c8edf729cc4d989876ddaaac292e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 10:45:55 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 00:57:54 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=51109
content-length
10019
expires
Fri, 28 Apr 2023 00:57:44 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EE30 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923551533255939501455169000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.199 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30169
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 27 Apr 2023 10:45:55 GMT
expires
Thu, 27 Apr 2023 19:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 87AF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E6...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=259235515332559395014551...
0
0
async_usersync
ib.adnxs.com/ Frame F2A5 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:55 GMT
AN-X-Request-Uuid
8a92d218-cd9c-4182-ab32-f1aae6b70c49
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF6E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923552143255939501455169000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.199 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30169
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 27 Apr 2023 10:45:55 GMT
expires
Thu, 27 Apr 2023 19:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame C977
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E6...
0
0
async_usersync
ib.adnxs.com/ Frame 9FCE 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:55 GMT
AN-X-Request-Uuid
b971cbd9-1215-433c-aaa6-cb50d82abb91
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7838 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:55 GMT
AN-X-Request-Uuid
b3f0e9de-1027-4e3a-b693-4fde97f48bb4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F44C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923552333255939501455169000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.199 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30169
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 27 Apr 2023 10:45:55 GMT
expires
Thu, 27 Apr 2023 19:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 1348
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E6...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=259235523332559395014551...
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 436B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3255939501455169000V10%26type%3Dpba%26refUrl%3D%26vid%3D25923552473255939501455169000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU87559X&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.72.156.199 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-156-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30169
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 27 Apr 2023 10:45:55 GMT
expires
Thu, 27 Apr 2023 19:08:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 1649
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=H1lgDrkgF98Gm0QVUxOh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E6...
0
0
async_usersync
ib.adnxs.com/ Frame C4E3 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.113 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Apr 2023 10:45:55 GMT
AN-X-Request-Uuid
b0458235-ff43-46b9-92f8-f3fea046ed9c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923551533255939501455169000V10&vsid=3255939501455169000V10
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMRRGQZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=1&ovsid=H1lgDrkgF98Gm0QVUxOhhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=25923552333255939501455169000V10&vsid=3255939501455169000V10
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGFWGORDSNNTUMOJYI5WTAUKWKV4E62DIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDKOJSGM2TKMRUG4ZTENJVHEZTSNJQGE2DKNJRGY4TAMBQKYYTAJTWONUWIPJTGI2TKOJTHE2TAMJUGU2TCNRZGAYDAVRRGA

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless object| dataLayer object| nitroAds object| Sentry object| __SENTRY__ object| ads object| nads object| napbjsChunk object| napbjs object| _pbjsGlobals object| mnet object| googletag function| __uspapi function| $ function| jQuery number| uidEvent object| bootstrap object| FontAwesomeKitConfig string| sidebarLoadLimit function| hideExcessRowsOnTable function| addClickHandler function| onShowMoreEvent function| hideRowsBeyond function| toggleViewAllButton function| toggleViewMoreButton function| showAllRows function| closeBanner function| defer function| toggleSubmenu function| hideAllSubmenu function| handleToggleSubMenuEvent function| handleHideInnerDropdown object| google_tag_manager object| google_tag_data function| goToSite object| Livewire object| livewire string| livewire_app_url string| livewire_token function| deferLoadingAlpine object| Criteo string| GoogleAnalyticsObject function| ga function| uuidv4 string| DEVICE_ID function| getDeviceId object| userId string| deviceId object| amplitude object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData object| analyticsConnectorInstances number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_image_requests object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| googDdmPs object| _mNDetails function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| GoogleGcLKhOms

67 Cookies

Domain/Path Name / Value
ominous.app/ Name: XSRF-TOKEN
Value: eyJpdiI6ImRlVkgwUjFBTVVNbTY4NGM1RXZINkE9PSIsInZhbHVlIjoiL3JGbWNIaGJMRHdKUUlUNTJnc292cVdKYkRLMS9ZVFV4UkpzUnlJd0hPbUhCZFRhcVY2R29COEQzOVgvSUJjdWdkYzBDRDRTdzJ0eGdiZTk5eHcxNGZJQkxkZDFWcVZIank2TFlMQktiZzdWcFNPL01RTHFvOHBXWHdBZ2RKc2UiLCJtYWMiOiJhZTFhMGEzNjc1N2I3YzRiMWUxZTg4OWQ0MjQxZmE0MmUyYzI1OGYzMmY1ZWJmNWQyODQwZGViYWVlMDg3MWY5IiwidGFnIjoiIn0%3D
ominous.app/ Name: ominous_session
Value: eyJpdiI6InlVdW01OVdpTnE4UWcxQnl0RWlFTWc9PSIsInZhbHVlIjoidnN3UkMvYmYvSnh6OUdIM1NEWktDKzU2Zm5zaVF3MmhYSEhYd3FGcWxEbFhtOXVnOW1ueG5YTitYZFVNM1dVSzNzUEJJa2FpY21mWlFhMSsxeVVuYXo4d1JZYXFHY3JQbVE2R3JoWWxlN1l5U3dsenNQckxIOFZnZ001UnQ2bGQiLCJtYWMiOiJjMmQzYjJhMWMzZTM3NzlhYzdkOWUyZTBhMWMyNTAwZmFjYWE4NDJhYWYzMzJiZTk4Mjg3NjE5ODhjOGViMjA1IiwidGFnIjoiIn0%3D
ominous.app/ Name: xmvDw8AtDtWC9t07SipxVwAWvKgKPvPgNqQaQXUw
Value: eyJpdiI6InRvM2FqRE0xZUtUN1NsSlArM21ESUE9PSIsInZhbHVlIjoiVkhVMTJoQ0didkJ1c091ell6Q2xOTzdVTlF0ZmtRcC94Qjc4dVBpcXo0UVhGQjBvUDdsNmFwS2duSFl5VnQwVklOTXJCZVZxRUFhL1BEdktoalh5ekwyUys4NWVNNWo1OHNkeGNVWWFmTElYUUg3K2hRTVQvTXgxTCtqWlZBU0FkNzlzaVBrQ09ZaWgwOU1kUm4xeDk2eENBR3ZBbUxML0lmY3ZQM05CMGZNN1lyN251SzlLaDRvcEdEekhhcXp5cUIxcWdOS3pUb1NpYk5mL3hCOHZZcXFnaWpZUWdwNUgyMDFBeVVleTVONGMxZW04TU0ydm00Q0lxandNNHNDMUpYang0WFJPanF4TkduZ2Y5djE4OUpSam5rdUJlQmp0blNCQ09HczQ3WndNQk04dCtKK3lUQ3pncUUrRVExNWIrVXFwSnhzNGZvNlZ6K2FBRWJGVGhaUk5Gb1hPTlZrbVJEQXIyL0NudjdjPSIsIm1hYyI6ImQwYmViMWRjNmI2YmMzMGYxOTkwYThhMDg1ODA1YjU2ZGVmYzg5YjlkMDhlODZlNjljZGEwNjM0ZWU4ODZiOTciLCJ0YWciOiIifQ%3D%3D
.nitropay.com/ Name: __cf_bm
Value: Nry9jvOySwdBgzCKcekn.SndC6W8S_siVVff.z1LdyI-1682592349-0-AffU96sKO/Tti7HRgAli1tt7j15GUC/e4fhvizs5KhWEOeP4eDd8EVgvviE28Ccd4FpsGrZlOpkcUZbn5Fn7OJo=
ominous.app/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.openx.net/ Name: i
Value: 0212b7bf-1236-4c36-92d1-d5140aa13e07|1682592349
.adnxs.com/ Name: icu
Value: ChgI5YA9EAoYASABKAEw3aSpogY4AUABSAEQ3aSpogYYAA..
.adnxs.com/ Name: uuid2
Value: 6157626493583308704
.rubiconproject.com/ Name: khaos
Value: LGZ01HYR-17-DMTG
.ominous.app/ Name: _gid
Value: GA1.2.552896782.1682592350
.ominous.app/ Name: _gat_UA-162087016-1
Value: 1
.ominous.app/ Name: AMP_MKTG_e2225c9c37
Value: JTdCJTdE
.ominous.app/ Name: _ga_VY926P02G8
Value: GS1.1.1682592349.1.0.1682592349.0.0.0
.ominous.app/ Name: _ga
Value: GA1.1.214094548.1682592350
.sharethrough.com/ Name: stx_user_id
Value: db467f48-abbb-4e52-ba3e-6ce1ed34298d
.ominous.app/ Name: AMP_e2225c9c37
Value: JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMjU5NDk2YzRiLThiMjAtNDkwOC1iODY5LTZiYzliMTU1NzVlNyUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjgyNTkyMzQ5OTE4JTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY4MjU5MjM0OTY3NSU3RA==
.doubleclick.net/ Name: IDE
Value: AHWqTUlez7E4yjXUNgl45AFDgvaSulK1DP8D5ZhO_xUB1QZz8BQZcGoZt8Mu-quyDK0
.ominous.app/ Name: __gads
Value: ID=988aef9bc4cead25-2288a71b6cdf0031:T=1682592350:RT=1682592350:S=ALNI_MYKBTazjtP0PjF2VfALZ6pURorwog
.ominous.app/ Name: __gpi
Value: UID=00000be5edca73c6:T=1682592350:RT=1682592350:S=ALNI_Mb2ETDZAEHkwn3C3A2KibOBG5L9CQ
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTO2BBKWxiaGZoZCfIa62eZRiaZlXh4WWSEmAAB6zPMkAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDY0MTO2BBKWxiaGZoZCfIa62eZRiaZlXh4WWSEmAAB6zPMkAAAA
.criteo.com/ Name: uid
Value: fde49070-57cc-47c7-a65f-ec13d9c20caa
.media.net/ Name: visitor-id
Value: 3255939501455169000V10
.media.net/ Name: data-o
Value: 1992e179-10b1-4921-ab48-6392dc699f26~~9
.bidswitch.net/ Name: c
Value: 1682592350
.bidswitch.net/ Name: tuuid_lu
Value: 1682592350
.w55c.net/ Name: wfivefivec
Value: ina472NS1PRZ8i5
.go.sonobi.com/ Name: __uis
Value: c8589067-49cb-4863-99e8-aa602eafc634
.go.sonobi.com/ Name: HAPLB8S
Value: s8531|ZEpSY
.adsrvr.org/ Name: TDID
Value: 3667a4d2-74f0-4697-8852-71ce6e0827e8
.media.net/ Name: data-rk
Value: 970314639146934161~~9
.mfadsrvr.com/ Name: c
Value: 1682592350
.mfadsrvr.com/ Name: tuuid_lu
Value: 1682592350
.mfadsrvr.com/ Name: tuuid
Value: 7a352333-39c7-493d-b9f4-9c478b01590c
.w55c.net/ Name: matchmedianet
Value: 5
.zemanta.com/ Name: zuid
Value: H1lgDrkgF98Gm0QVUxOh
.bidswitch.net/ Name: tuuid
Value: e35e5ce0-4b68-439d-baef-b7d94ee737e1
.dotomi.com/ Name: DotomiTest
Value: 6a3291e248372397
.media.net/ Name: data-g
Value: CAESEAxjf2kvV8AQ6wZKd3SAdEA~~9
.mfadsrvr.com/ Name: ssh
Value: !medianet,1682592350
.media.net/ Name: data-c-ts
Value: 1682592350
.yahoo.com/ Name: A3
Value: d=AQABBF5SSmQCED4M5g4HBBNBC9F39GqLsfgFEgEBAQGjS2RUZAAAAAAA_eMAAA&S=AQAAAhzNYAmAVnqCvTeWXOo1cO8
.media.net/ Name: data-ttd
Value: 3667a4d2-74f0-4697-8852-71ce6e0827e8~~1
.media.net/ Name: data-c
Value: fde49070-57cc-47c7-a65f-ec13d9c20caa~~1
.media.net/ Name: data-so
Value: c8589067-49cb-4863-99e8-aa602eafc634~~9
.bluekai.com/ Name: bku
Value: ikG99a8uuZEEoM9T
.bluekai.com/ Name: bkpa
Value: KJ0WpX+rtp9xCKs7Dj5J1NnA5OWDPYimu/3AJx8JiEF4AOiI+n95Gm7Eays0fI3LwreX2242qUzw8zwibK5II2y2cad884934MpCb4Lxyhdl2rt0tITFptIltI2gDq/YH9aidUe2msdrdr8m3dB+5q485uo9Fa2lkIFcKPm9VOd45T4PFQYhVHtwb2UZXmkvLuNvqCFGj1VoA8mF8lJo1bYrKUOhucBwNAuw4kqmjMdJFrEV8LZUhWVKzSiSCqsjyYQ6LD/Wl+C1uudfn2zfWIcaksP0Biu8NOJaxM50q06aT2xLchmhGJmmPPLektbWMkPjGsPKsT2+0vl8l0IkF1hMukVjqH82PUcoZYzziEFprDNrXpuj3kHZ3s129KMROM7OGL6j54qH3zHODPivs4V0OhmEBTXXrXRENYHLG189llRCzItDHywWqJwxjs3+iktq0PLNR9+zVpUiUOWppSe7Zjiigl8av/s6D2uNx10GQ9cGhRTjtzhjcW5AdyR9u+Izxy==
.media.net/ Name: data-mf
Value: 7a352333-39c7-493d-b9f4-9c478b01590c~~1
.turn.com/ Name: uid
Value: 4230906844745969983
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCLzzz5rTxeM7EAUYBSACKAIyCwjg47XE6cXjOxAFOAE.
.media.net/ Name: data-xu
Value: ina472NS1PRZ8i5~~9
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005%22%7D
.admixer.net/ Name: am-uid
Value: f4131b475de143d6800932f1544bfb7f
sync-dmp.mobtrakk.com/ Name: pid
Value: NWE3MDMwZjc1MjE4MmJiOQ
.media.net/ Name: data-co
Value: AAAL_7OAqxJrlQNoBwqVAAAAAAA~~9
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.media.net/ Name: data-bs
Value: e35e5ce0-4b68-439d-baef-b7d94ee737e1~~1
.linkedin.com/ Name: bcookie
Value: "v=2&eb143198-2668-4a48-8d70-f211d232921a"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2566:u=1:x=1:i=1682592350:t=1682678750:v=2:sig=AQE73nH1smXcFhUKQ1U4MbBvMVhtG7xy"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005%22%7D
.media.net/ Name: data-r
Value: LGZ01HYR-17-DMTG~~1
.media.net/ Name: data-r1
Value: RX-24c0e953-24a0-4ff1-8778-5c0d5d00bce7-005~~9
.ominous.app/ Name: cto_bundle
Value: Bb4s8V9Zd29TcUs0RE1nc1l4dDglMkZHOEdSUkdCOG8xenZleEl1WXhqVWJLSlA3Q2l3eSUyRiUyQnViS0MwYzl3clU5MFZJTm1VMFNtdmlCeE54YjNnMHdJWDB0Tkp1RTZhTzElMkZ6YjhvdHU4WHQlMkJMJTJGbnUlMkZUb3VJSktNekt5c3FHUVhKJTJCNUY4QWMlMkJZJTJGeUljVVFCY1dONDBtd2dSVE5RQSUzRCUzRA
.amazon-adsystem.com/ Name: ad-id
Value: AxkdTxGCKkUDi13HqKBX93s
.rubiconproject.com/ Name: audit
Value: 1|clb2f5t+FPoN+pUwg4d49O1WuCoMxA8a+JUixCbOKdpLfYM1RPAn/FpdJtxnSPCkAIcJDxS9HBD89cCgrBcyMzH4Wm0It/pK7G/yE0X6tE8=
ominous.app/ Name: na-unifiedid
Value: %7B%22TDID%22%3A%223667a4d2-74f0-4697-8852-71ce6e0827e8%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-03-27T10%3A45%3A52%22%7D

4 Console Messages

Source Level URL
Text
security warning URL: https://s.nitropay.com/ads-1491.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://s.nitropay.com/ads-1491.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://s.nitropay.com/ads-1491.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://s.nitropay.com/ads-1491.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.ca
adservice.google.com
api2.amplitude.com
b1sync.zemanta.com
beacon-iad2.rubiconproject.com
bidder.criteo.com
browser.sentry-cdn.com
btlr.sharethrough.com
c21lg-d.media.net
cdn.amplitude.com
cdn.jsdelivr.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cs.media.net
d1yq13nlsgs4vq.cloudfront.net
d3bpzgarlwg4yy.cloudfront.net
dis.criteo.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ggsoftware-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hblg.media.net
hbx.media.net
ib.adnxs.com
inv-nets.admixer.net
ka-f.fontawesome.com
kit.fontawesome.com
lg3.media.net
match.adsrvr.org
match.sharethrough.com
medianet-match.dotomi.com
mug.criteo.com
ominous.app
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
px.ads.linkedin.com
qsearch-a.akamaihd.net
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.nitropay.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
stx-match.dotomi.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tracker.nitropay.com
ups.analytics.yahoo.com
us-u.openx.net
warp.media.net
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
b1sync.zemanta.com
contextual.media.net
104.117.182.8
104.126.112.26
104.72.156.186
104.72.156.199
13.249.176.142
142.251.40.162
151.101.130.49
184.28.136.24
199.127.204.142
199.127.204.163
199.38.167.131
2001:4860:4802:34::178
2001:4de0:ac18::1:a:1a
204.62.13.72
209.54.182.161
23.192.31.127
23.192.32.8
2600:1f18:4e9:5a07:84b6:1844:cd73:e0bd
2600:9000:20ea:9200:1f:50c5:ed80:21
2600:9000:24eb:2000:15:4410:4a80:21
2602:803:c002:200::43
2602:803:c002:200::54
2606:4700::6812:1634
2606:4700::6812:24e
2606:4700::6812:34e
2606:4700:e0::ac40:650a
2606:ae80:1451:20::1690
2607:f8b0:4004:c17::9c
2607:f8b0:4006:808::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2006
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2004
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2002
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:1ec:21::14
2a04:4e42:600::485
2a04:4e42:600::729
3.135.132.32
34.107.148.139
34.200.65.202
35.207.24.140
35.211.178.172
35.244.159.8
52.10.3.150
52.223.40.198
52.55.204.172
52.6.78.119
52.95.115.255
54.162.158.9
64.74.236.159
65.8.20.13
68.67.160.132
68.67.179.113
69.166.1.10
69.173.151.100
74.119.119.139
74.119.119.150
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
067a2eb0be482c154a3e8c7f0610adc7d70b0bcc3e1c0869ddad613cb826cc0c
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a82535c73515e49d31db5612def9ceae21575236542f7976b742b17a10b4925
0ac607afaa76f8d64e91dabf12f3f424e0b48f0e3ce3a54e0bfba3a327ddedde
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0cada596dd75eef62d25159fc6031e138beefc20b13d10cf35fc22ea2a67d011
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1424986b293ef2fc355a1f80529b95d4f46c68cb34ca3e45a6af004d0dd2ac0b
15ab566cb3d318fee2f94510a0051a324d2172fb84b1b37c8a6d4ab6405d1c32
16667fccea2590975061e0e4867a4ecfd6a5ab8983d99f95a3367402da1644c1
190f31076226e975b0e611ac4c5e4326fe42625dcc6d163bfd56a982a11b1316
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1a8c652d73dde99388bc8650ab5749b8d9c6814531604f7d7526d2d31dbc4e32
1c4dcd77ed1c9917c299952dc2ac06c35657113c35c1ad10587f285c3208aac9
1cf77a7d678024f1ed1e39bf959f293ce73bc1791eaff5770e017013c7799b71
1e63be18f76f8a666e2da042531d73757e3c8edf729cc4d989876ddaaac292e9
20e78b00d0a5924c2b97a060036ce1fd4c44312e5809941510a13c3eb0222e25
243a567864ca659fb15ae50d03e0d34c5023011fc1c1e9bcc12650bd97d98c66
24567c99fffbd97c227bc781582ae13ce1e374aaf229a167e26463d4a218b786
24b69e8c7a23c687d25c4aa7d5d340b051e7e160d40056d9676b909ba2d8ba0e
2515e37eee31f5ef3d659b21dcc84dc6ea732b06872da51078b5b526de34c0c1
25a67bff61c8945e6907faa5aa4f4a115b0cfb26a05ab1c66e3d88f8e11185db
25a874deccd45214477d1c9e31c777b4979aaecc24ef1b46cf360be4d7c624ad
25ae93202d8c89fc5828f070d7c24b7855680d7b838d4ae61bacf60b9a871a91
29728f8e1e55338657b77672ea52ff27b8a45b6a8fa9ff222fae2bc8998b593c
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2b4a082015e88601b38fa981a67ba53a77b6977816615256d784de4e35773985
2dc185dae8339f3c53b088691da23bea8e6accb3940cec93d38ec314075069dd
3012ec62a232ce810a0e2fd7a33aa9eaf410c38f20a0ef1fa666b1881ef937e1
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e
340a17cf576768c9a93d12af966a24aa40bf7cda378348b7e2b2a42f362ce608
372ac3b0e9bb9e6d313b3cbc8ee31392d29847de50e1472333f499f771fe9689
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
39c8b9a639e49d4c420d87dd1184287e428e2a0645f3c6253537e0ec1a1c2959
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
3b845976b6ea8ee74d0ce33b2c45b60ffe696a7bf77bcf22e52ffa02577423d6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51865333fb521d5f0ec438599320e25f25231c83b1c3b7a0948f28148d6eb41d
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
52fa6c0342e3edfd31e1234a553feac943c7959dd116737f8de7caac00707111
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a6bf01021a32f2868528a5434b18e0491af387e4fe98eb6d201f0fa7279791
58ff980a9e6d7689b3e00f781c9ae32f31e76890e4bb97293e216e3759c0f821
597e63e22463bcac39dee83409cf10bef8a08b120ae6e450f3c1d0efec53cd5b
5bc574ab0cdf0da40047074d1a68acc52357c3f5c88856d2f5bc8cdbdd4d68e6
5cbe69d2e86edc73000bee3b03f7e875bc70ca329f757c7437bdf2e2da9d3d32
5eb421d7cb7bc35fff7139c11625d11134e18ff696dd23bcff0a95d26bc63ee7
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66909991487a411a536c226f3d2bd04b86d8ccd973b74ebe8773ae0c3809e191
6f173480309cee66c8eefecc61aefd5fc637a7c8b9c39aa5bf56ce588be66908
7033c723f1d726bff910c01ca657d43b9d26db7efeab822c281290724bd5c95b
70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7853d125e096ce670a93f9a2c2ea4b69d0b4e93e2f1e994ad9c0f1451b4901c1
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ac7380d6bb5dcc80cde85b7baf833033176a08c7130fc58032b25c97b43d5c6
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
804342dc70f8049653e8bfca36d7bba45625d06c1063b9348b76a090b370df90
80df6a3c7ccb534a32950d97fac86291599cff889eced0b8ea1071737d88a0a7
815bf85c1e383b740cc7486270f1f2221c344edf321d265094dff90c9952aaf9
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88dbb99f883e5b64ed7d7f4ee0fa44826c9fb0439675331f01c0d49b82ab32ce
8bbd4f0a0b94386c1d2f39e1cccc49a6361c34b1c696cbaf30fe3ca31dd3a07d
8cff87bf6407e8d31ab936375d461f9d767aca01ec897d737ba7ccc9acb6f226
8d023bbb00a2528347212ed9c1c580fd5f31ca212f128e72476b5528ec06e888
8daaf4ca85d9c6bd4e96f1b7ba0603db21b85fd1d0b6f934d51c34b7d388cdaf
8e59a0601cb4a680806291644b9c249ea27aec282ce9d37a1ffdec86dbcbf092
93d166e72368ff382a0b005f5cc7d3533085caa1dab4d48440da106f053381dc
94ae5b917865d0f7473dac47e4d0e9a30e72228ffd8fb6c89e4ac3191031bfb3
9674973f183b8ec873a8e3a7efd9b16eaca142ea10158ea17b901cc36c89799e
99833e5fff02de17ea428c508bce20fedb8733b0ffb14d4426db0861ff08ea9b
9b830a741e3a702c5f232ef38e0f2d4ab8dda52004178cfdb9cc088f73546523
a49c64fad73d4340f7f2ffdec97df05f0c02ad8d1698ea39160fef82c6b3edf4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6564795e8a033073ea7a23b58d8abc54f27eb9e5c1cff0d7aa4a5b16eb66607
a961d6afeb265db894ff0648ac7e59523c10d6c8eea08e9cb32fc90b5716a778
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aa8aced0472d3200c2c3861fcc40fc0f3dea3f493cc2bd82bc20292d1dd5937a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af59041c11cf929a2d34e75e190b5da8ef037bd0fbe81a863c3bdcf430dd6b76
af6f5009f9638f931f4917a32e0f1e73656b0a3ba4bde62e4190eb70c30e9eb8
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1905723ae988435adf5b9784b3aab1530fe9fe260d66552afe95e30234491a6
b1ed5cd319e1b6bcac2b0d2ab3ebe5474d72327ef3d700fd553f4cf1b5d23a35
b23239d1741ec7eacf76d99391c256d4d3b4fb1a65e34d21c9b785be1fd330c8
b4d320a57b838ff6f61323e28b051f107c16e13793c0d3613d2e487512b2fc00
c1c426ab3a7b8380db7caa561eeb035eb337165d484bbfd558fb16839ff9564d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4ad9051c15c81f9f014c203738c0fb3701f33e463112ec065aba9c162703c0d
c6dd5816afe651c313a26e19ebaedf4aede28a8c295911f0108429952edd1f2b
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7f6616ff5097caa73a55e5c35bc67907555a146a0b3d116202bd891a5437f74
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c9bf08a38885026a0434982bf9b277121bf5e267f5ad4d931d30c66c4c407124
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbadfe571e531b531c68616e22c283438074cb74a39853f7128bb5b8918f27c8
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cd02ed94d7c92a0c79025342fe86df3c4a9bfb6adf8ddbab618b1419beaec075
cfb1f3be68745228aac54a7cbb67e1c144ebe9a2c1aa1dc0d6955a0062f824e8
d0785a7dc13419fa639eb71734c2d2c117cc7e803dd9b65f2469ff331914422b
d0b70655251edb5aa4cc05eea1fe799e76b393ec6727d723d9a8ae3051988a85
d144babd74738640f3133de675f5fa21c7fb58bfbd430dbd967ca813403afbfd
d2ae1c702d9decde95b658cc242547a950e1c8925be0948cd411b8f5284fdae3
d3f8f3383dca72606a49e4f9c8053ff9f94d7c78f2c0938057fd373e8b81020c
d77ea474f365140c7dcd30a281e4a8dd3a3d842b33440106d40dca2081ad19a7
d80ceedd5d6efa890ef5c34d28de1b834a98598c8e37bc159f315c85766013e5
da53c4eb5325ad3a0130f2bc5729bd147c606989319b9a4c1ed4f49d2ea0b501
dc2a917f87a4db33d788b8767100c0ef069475bcf7fe110c3c3c31957b09b37e
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8b4b42691a681452804d0e5138ca5c6855678a896b7f1c24bc1896652e156de
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f1d9b5c9b7151831c1e446fcbb2404477bd954e75412742d37015abee69226
f447c190911cea10f1ed2d1eaf8284775a5eea16dd248a530463c0fcc486bb67
f5887cf38f7d6fb4e3abdd7512e5e7415a52f50447f096126a496b9c44096a53
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1
fe355fe68c0a1cba0112709fcc6ce36a8bc03950247919b8f6c5842311d93e95