article.oriclehearing.com Open in urlscan Pro
52.8.128.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.newsbreakmail.com/redirect/aHR0cHM6Ly9hcnRpY2xlLm9yaWNsZWhlYXJpbmcuY29tL2NsZWFyaGVhcmluZy8%2FZj0xd1BTemV0cktvV20mb...
Effective URL:
https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&ext...
Submission: On November 07 via api (November 7th 2023, 1:02:16 am UTC) from CA — Scanned from CA

Summary HTTP 75 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 22 domains to perform 75 HTTP transactions. The main IP is 52.8.128.218, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is article.oriclehearing.com.
TLS certificate: Issued by R3 on September 24th 2023. Valid for: 3 months.

This is the only time article.oriclehearing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.237.172.162 44.237.172.162	16509 (AMAZON-02) (AMAZON-02)
27	52.8.128.218 52.8.128.218	16509 (AMAZON-02) (AMAZON-02)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.149.114.185 34.149.114.185	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
1	172.253.62.102 172.253.62.102	15169 (GOOGLE) (GOOGLE)
2	172.253.122.97 172.253.122.97	15169 (GOOGLE) (GOOGLE)
1	130.211.5.208 130.211.5.208	15169 (GOOGLE) (GOOGLE)
3	104.21.3.201 104.21.3.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.253.122.138 172.253.122.138	15169 (GOOGLE) (GOOGLE)
2	23.39.185.6 23.39.185.6	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1 4	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	13.107.213.40 13.107.213.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	69.147.92.12 69.147.92.12	14777 (YAHOO) (YAHOO)
2	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
2	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
2	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
1	142.251.167.99 142.251.167.99	15169 (GOOGLE) (GOOGLE)
3	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
2	157.240.244.35 157.240.244.35	32934 (FACEBOOK) (FACEBOOK)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
4	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	107.178.240.159 107.178.240.159	() ()
75	26

1 44.237.172.162 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-172-162.us-west-2.compute.amazonaws.com

www.newsbreakmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.8.128.218 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-128-218.us-west-1.compute.amazonaws.com

article.oriclehearing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.114.185 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 185.114.149.34.bc.googleusercontent.com

www.4ahjdj2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f102.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.5.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.5.211.130.bc.googleusercontent.com

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.3.201 (None, )

ASN13335 (CLOUDFLARENET, US)

go.oriclehearing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.39.185.6 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-185-6.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.213.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.147.92.12 (Ashburn, United States)

ASN14777 (YAHOO, US)
PTR: e2.ycpi.vip.dca.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.99 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.244.35 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.96.124.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.240.159 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	oriclehearing.com article.oriclehearing.com go.oriclehearing.com	1 MB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 s.clarity.ms — Cisco Umbrella Rank: 7840 c.clarity.ms — Cisco Umbrella Rank: 1405	29 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 366 c.bing.com — Cisco Umbrella Rank: 236	16 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 849	1 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 2	769 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	2 KB
3	4ahjdj2.com www.4ahjdj2.com — Cisco Umbrella Rank: 253443	37 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	216 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 9133	562 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 648	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 847	21 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	178 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914	47 KB
1	mixpanel.com api-js.mixpanel.com	377 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1417	632 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3740	18 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1969	50 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	27 KB
1	newsbreakmail.com 1 redirects www.newsbreakmail.com — Cisco Umbrella Rank: 195838	759 B
75	22

	Domain	Requested by
27	article.oriclehearing.com	article.oriclehearing.com
4	s.clarity.ms	www.clarity.ms
3	ct.pinterest.com	s.pinimg.com article.oriclehearing.com
3	www.clarity.ms	article.oriclehearing.com www.clarity.ms bat.bing.com
3	bat.bing.com	article.oriclehearing.com bat.bing.com
3	go.oriclehearing.com	article.oriclehearing.com go.oriclehearing.com
3	www.4ahjdj2.com	article.oriclehearing.com www.googletagmanager.com www.4ahjdj2.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	article.oriclehearing.com
2	www.google.ca	article.oriclehearing.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	s.yimg.com	article.oriclehearing.com s.yimg.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	article.oriclehearing.com
2	stackpath.bootstrapcdn.com	article.oriclehearing.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	c.bing.com	1 redirects
1	sp.analytics.yahoo.com	article.oriclehearing.com
1	www.google.com	article.oriclehearing.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdn.mxpnl.com	article.oriclehearing.com
1	www.googleoptimize.com	article.oriclehearing.com
1	fonts.googleapis.com	article.oriclehearing.com
1	cdnjs.cloudflare.com	article.oriclehearing.com
1	www.newsbreakmail.com	1 redirects
75	28

This site contains links to these domains. Also see Links.

Domain
go.oriclehearing.com

Subject Issuer	Validity	Valid
article.oriclehearing.com R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
4ahjdj2.com Starfield Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
go.oriclehearing.com GTS CA 1P5	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-16` - `2023-11-14`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-11-06` - `2023-12-27`	2 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
Frame ID: CD33CF07A45A03E206F84CCAD3BD39F3
Requests: 73 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: C9337EA7A20B7367589ACF650CD08C6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oricle Crystal Clear Hearing

Page URL History Show full URLs

https://www.newsbreakmail.com/redirect/aHR0cHM6Ly9hcnRpY2xlLm9yaWNsZWhlYXJpbmcuY29tL2NsZWFyaGVhcmluZy8%2FZ... HTTP 302
https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oric... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

75
Requests

99 %
HTTPS

0 %
IPv6

22
Domains

28
Subdomains

26
IPs

3
Countries

1927 kB
Transfer

3463 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://go.oriclehearing.com/action/1?vid=efvliJXvL4t8Mkx6Qoy4E27ksnx&rn=1wPT4L59B7nu&f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
Title: Oricle

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.newsbreakmail.com/redirect/aHR0cHM6Ly9hcnRpY2xlLm9yaWNsZWhlYXJpbmcuY29tL2NsZWFyaGVhcmluZy8%2FZj0xd1BTemV0cktvV20mbj0xd1BUNEw1OUI3bnUmdHM9MjdSU1RQVUg0QWhDJmNhbXBhaWduPU5MLU9yaWNsZS1QYWludGluZy0xMC0yJmV4dGVybmFsPW52c3NfMDFlMjgyM2ItMTIwZC00OWM4LThiM2YtYTU3MjQ4YTAwNWI0XzE3MTY2MDc4ODk1NjU4MTg4ODEmQUZJRD1OQiZpc19ub3ZhPXRydWUmbmJfY2lkPTAxZTI4MjNiLTEyMGQtNDljOC04YjNmLWE1NzI0OGEwMDViNF8xNzE2NjA3ODg5NTY1ODE4ODgxJmJ1Y2tldD1kbWdfbG9jYWxfZW1haWxfYnVja2V0XzEwJm1lc3NhZ2VfaWQ9Rzc3a2NuRi0xUVZHRmNsSCZ0YWc9bW9ybmluZyZleHBzPW5sX2J1Y2tldF9leHBfMjNfNS12MCUyQ25sX2NvbnRlbnRfMjNfMi12MTklMkNubF9tb25ldGl6YXRpb25fMjNfMi12MTAlMkNubF9wcmVyb2xsb3V0XzIzXzEtdjElMkNub3ZhX3RyYWZmaWNfZXhwX2Z1bGxfMDQtdjImZW1haWw9ZDZmc210eGJxaiU0MHByaXZhdGVyZWxheS5hcHBsZWlkLmNvbSZldmVudF9uYW1lPWVtYWlsTGlua0NsaWNrJm1ldGE9ZXlKemRXSnpYM1J2Y0dsaklqb2dJbXh2WTJGc0lpd2dJbVp5WlhFaU9pQWlaR0ZwYkhraUxDQWljMlZ1WkY5MGN5STZJREUyT1RneU5URXdNRElzSUNKc2FXNXJJam9nSW5KeGVqZzNPVzVCSWl3Z0luQnZjeUk2SUNKaWIyUjVJaXdnSW1Ga1gybGtJam9nSWpFM01UWTJNRGM0T0RrMU5qVTRNVGc0T0RFaUxDQWlibTkyWVY5emJtRndjMmh2ZEY5cFpDSTZJQ0l3TVdVeU9ESXpZaTB4TWpCa0xUUTVZemd0T0dJelppMWhOVGN5TkRoaE1EQTFZalJmTVRjeE5qWXdOemc0T1RVMk5UZ3hPRGc0TVNKOQ%3D%3D HTTP 302
https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CD7632A2BE424B38B301C3A17B0E2B7E&RedC=c.clarity.ms&MXFR=263F255C13026F2721C0369E17026159 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CD7632A2BE424B38B301C3A17B0E2B7E&MUID=2F938A0896E464ED0E5399CA97CE65EC

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
article.oriclehearing.com/clearhearing/
Redirect Chain

https://www.newsbreakmail.com/redirect/aHR0cHM6Ly9hcnRpY2xlLm9yaWNsZWhlYXJpbmcuY29tL2NsZWFyaGVhcmluZy8%2FZj0xd1BTemV0cktvV20mbj0xd1BUNEw1OUI3bnUmdHM9MjdSU1RQVUg0QWhDJmNhbXBhaWduPU5MLU9yaWNsZS1QYWlu...
https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881...

70 KB
19 KB

449ms
277ms

Document
text/html

52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a301816641c7948445201ff057bec6e78cbbae4b7f3626d2a3e3c266cc1b8eb2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, proxy-revalidate, s-maxage=0
cf-edge-cache: no-cache
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 01:02:09 GMT
link: <https://article.oriclehearing.com/wp-json/>; rel="https://api.w.org/", <https://article.oriclehearing.com/wp-json/wp/v2/pages/3747>; rel="alternate"; type="application/json", <https://article.oriclehearing.com/?p=3747>; rel=shortlink
server: nginx
strict-transport-security: max-age=0; includeSubdomains
vary: Accept-Encoding

Redirect headers

content-length: 1825
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 01:02:08 GMT
location: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
nb-device: desktop
nb-os-name: Windows
server: nginx
vary: Origin

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 79ms
36ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: article.oriclehearing.com
URL: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 479172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO3YIcdVnOfLP5YsbdecMJhDZAyx%2Fn4sQDUVRF5b2UE1LzM4QXofusKe4el1FCiY%2B1rmy6TkRkhIpHy8XM6ADcA2CfhprWta%2FyqqJWPLiSelFSCmJM0r9wMK2OQZdIetcQzTGuRt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8221a62d0932a1d8-YYZ
expires: Sun, 27 Oct 2024 01:02:09 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 77 KB
23 KB 94ms
51ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 411221
cdn-cachedat: 2021-08-02 20:29:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e280bdd2776e5a1219224d20b4a086ed
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8221a62d088f36aa-YYZ
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 73ms
31ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617, 617
age: 19903943
cdn-cachedat: 2021-04-13 02:55:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 59da3ae3b9404365378a2aa473c14f04
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 8221a62d088e36aa-YYZ
cdn-requestpullsuccess: True

GET
H2 200 everflow.js Show response
www.4ahjdj2.com/scripts/sdk/ 60 KB
19 KB 130ms
61ms Script
text/javascript 34.149.114.185
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.4ahjdj2.com/scripts/sdk/everflow.js
Requested by: Host: article.oriclehearing.com
URL: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.114.185 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 185.114.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 951d9feb056cc5c823f133b5a43c87ef35e57ce13ed83a50e4e3d18da8420617

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 9d58f404-c4f5-4c72-b177-9615dd2c5974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 style.min.css
article.oriclehearing.com/wp-includes/css/dist/block-library/ 93 KB
15 KB 120ms
118ms Stylesheet
text/css 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Sat, 20 May 2023 09:04:23 GMT
server: nginx
etag: W/"1732d-5fc1c52e7f9b8"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 classic-themes.min.css
article.oriclehearing.com/wp-includes/css/ 217 B
410 B 84ms
81ms Stylesheet
text/css 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Mon, 06 Mar 2023 15:03:40 GMT
server: nginx
etag: W/"d9-5f63c99b64079"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 119ms
45ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CDancing+Script%3A400%2C700%7COpen+Sans%3A400%2C700&display=swap&ver=6.1.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

65d3dceec7a8cc86bf259dfc15e4ff17b30d7bff0899f8efe25b52cda0972279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 01:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:57:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 01:02:09 GMT

GET
H2 200 all.css
article.oriclehearing.com/wp-content/themes/barkpost_theme/css/ 66 KB
13 KB 149ms
147ms Stylesheet
text/css 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/css/all.css?ver=6.1.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9b430acc7d1bb169c4807aa177f9f0bc0eef144b1a69484aef2477d61dbc14d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 07 Oct 2021 12:58:00 GMT
server: nginx
etag: W/"10622-5cdc2d00650b0"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
article.oriclehearing.com/wp-content/themes/barkpost_theme/ 56 KB
13 KB 86ms
85ms Stylesheet
text/css 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/style.css?ver=6.1.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

69f4ceba5b75055120aa0836ec0fde4ddc1da3e8b665dc2e645029e031e106c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 07 Oct 2021 12:58:01 GMT
server: nginx
etag: W/"de52-5cdc2d008062d"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 custom.css
article.oriclehearing.com/wp-content/themes/barkpost_theme/ 33 KB
8 KB 153ms
152ms Stylesheet
text/css 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/custom.css?ver=6.1.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a42b8a8617c0eda1f37317b6643400c752d424693a30160fed80e5697448dd1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 04 May 2023 14:29:37 GMT
server: nginx
etag: W/"84f6-5fadf008baa75"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
article.oriclehearing.com/wp-includes/js/jquery/ 88 KB
34 KB 157ms
156ms Script
application/javascript 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Mon, 06 Mar 2023 15:03:40 GMT
server: nginx
etag: W/"15e54-5f63c99b726f2"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
article.oriclehearing.com/wp-includes/js/jquery/ 11 KB
5 KB 183ms
182ms Script
application/javascript 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 07 Oct 2021 12:58:03 GMT
server: nginx
etag: W/"2bd8-5cdc2d02de157"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 128 KB
50 KB 130ms
53ms Script
application/javascript 172.253.62.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5XNPXJT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f102.1e100.net

Software

Google Tag Manager /

Resource Hash

c50975bb6b15394a7c98a42f11b1db402637c3193e5e21b2e894bb69949e339a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50386
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:15:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Nov 2023 01:02:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 126ms
50ms Script
application/javascript 172.253.122.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MRX3CP0SE4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

545f2ba93140dac7dddd0cb3900f22eebd5cf0e32a19aad71ee5b24b36e8711b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85800
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Nov 2023 01:02:09 GMT

GET
H2 200 custom.css
article.oriclehearing.com/wp-content/themes/barkpost_theme/ 33 KB
8 KB 132ms
131ms Stylesheet
text/css 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/custom.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a42b8a8617c0eda1f37317b6643400c752d424693a30160fed80e5697448dd1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 04 May 2023 14:29:37 GMT
server: nginx
etag: W/"84f6-5fadf008baa75"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 logo.png
article.oriclehearing.com/wp-content/uploads/2021/10/ 4 KB
4 KB 160ms
159ms Image
image/png 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/uploads/2021/10/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

120ad6ac93409947acc8de85a8b084cea5d0e5efcef8d87c3913947efc99df0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 07 Oct 2021 13:08:37 GMT
server: nginx
etag: W/"e7c-5cdc2f5f740b5"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 badge_rating_bbb.png
article.oriclehearing.com/wp-content/themes/barkpost_theme/images/ 17 KB
18 KB 132ms
131ms Image
image/png 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/images/badge_rating_bbb.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f0fb061225817c55a2d1f504a55146bb2ed299104a918cc8a531e189d35b762c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Fri, 17 Feb 2023 07:58:54 GMT
server: nginx
etag: W/"45be-5f4e0af51163b"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 flat_facebook.png
article.oriclehearing.com/wp-content/themes/barkpost_theme/images/ 1 KB
1 KB 87ms
80ms Image
image/png 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/images/flat_facebook.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

86faea951acf25de0ab7861e17972d269e0b27ad0abe1f42114c7474d099a734

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Fri, 17 Feb 2023 07:58:54 GMT
server: nginx
etag: W/"431-5f4e0af511a23"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 flat_twitter.png
article.oriclehearing.com/wp-content/themes/barkpost_theme/images/ 2 KB
2 KB 87ms
81ms Image
image/png 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/images/flat_twitter.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

75f1695e83fa2eddbe9aff0809db1f0d629056580af2d142039d7d3a15a4d1d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Fri, 17 Feb 2023 07:58:54 GMT
server: nginx
etag: W/"651-5f4e0af511a23"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 flat_pinterest.png
article.oriclehearing.com/wp-content/themes/barkpost_theme/images/ 2 KB
2 KB 88ms
82ms Image
image/png 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/images/flat_pinterest.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

709a82775a5c00e282ae46e88f3d23e19f56afbacae3af754c10d4772933aeb0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Fri, 17 Feb 2023 07:58:54 GMT
server: nginx
etag: W/"72d-5f4e0af511a23"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 flat_instagram.png
article.oriclehearing.com/wp-content/themes/barkpost_theme/images/ 2 KB
2 KB 89ms
84ms Image
image/png 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/images/flat_instagram.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6a5190de2db224583303b311528b5ae24e217f88190bc85ebc038ef51febf2a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Fri, 17 Feb 2023 07:58:54 GMT
server: nginx
etag: W/"7f8-5f4e0af511a23"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 header.webp
article.oriclehearing.com/wp-content/uploads/2023/10/ 103 KB
103 KB 155ms
151ms Image
image/webp 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/uploads/2023/10/header.webp

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

58605a4209ce19755673e3d22b75aab9f4992c1552a290e6d8a5b5d70d6039b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 26 Oct 2023 17:46:33 GMT
server: nginx
etag: "19aac-608a22716ba48"
content-type: image/webp
accept-ranges: bytes
content-length: 105132

GET
H2 200 AUTHOR-PHOTO-1.jpg
article.oriclehearing.com/wp-content/uploads/2023/07/ 114 KB
113 KB 92ms
88ms Image
image/jpeg 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/uploads/2023/07/AUTHOR-PHOTO-1.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2e89406b085ebd37e238ada1364356eaaf8bc9cf51ea0acb8cb20f8447aca25c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Fri, 14 Jul 2023 10:28:52 GMT
server: nginx
etag: W/"1c696-6006fea489c88"
vary: Accept-Encoding
content-type: image/jpeg

GET
H2 200 premium_photo-1682098047043-1eb0990bfc7f-3.jpg
article.oriclehearing.com/wp-content/uploads/2023/07/ 76 KB
76 KB 155ms
151ms Image
image/jpeg 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/uploads/2023/07/premium_photo-1682098047043-1eb0990bfc7f-3.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf5232c93113d610588f5752b07236d4c8412bc5f20a13fd763a510677812077

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Fri, 14 Jul 2023 10:28:49 GMT
server: nginx
etag: W/"13160-6006fea1a83c0"
vary: Accept-Encoding
content-type: image/jpeg

GET
H2 200 Screen-Shot-2023-04-25-at-12.45.47-PM.png
article.oriclehearing.com/wp-content/uploads/2023/04/ 408 KB
409 KB 148ms
144ms Image
image/png 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/uploads/2023/04/Screen-Shot-2023-04-25-at-12.45.47-PM.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9807c6576dc8ce3636c55114313fd16308d8a639163c1309e62d11e0e0d6e861

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Tue, 25 Apr 2023 19:45:57 GMT
server: nginx
etag: W/"66171-5fa2e5f4c2290"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 oricle-propic03.jpeg
article.oriclehearing.com/wp-content/uploads/2021/12/ 6 KB
6 KB 154ms
151ms Image
image/jpeg 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/uploads/2021/12/oricle-propic03.jpeg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d09f689bb08276ae72ed89a8dde079134ba83d0e0dc9fd1b66777e47d4ba4115

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Tue, 14 Dec 2021 00:18:12 GMT
server: nginx
etag: W/"17e4-5d3101ff65889"
vary: Accept-Encoding
content-type: image/jpeg

GET
H2 200 navigation.js Show response
article.oriclehearing.com/wp-content/themes/barkpost_theme/js/ 3 KB
1 KB 88ms
82ms Script
application/javascript 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/js/navigation.js?ver=1.1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

960deecec99fa9f409481875149b5fc45c818119aea5bad16b1212b9e1bb8b71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 07 Oct 2021 12:58:01 GMT
server: nginx
etag: W/"c01-5cdc2d006dd4f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 skip-link-focus-fix.js Show response
article.oriclehearing.com/wp-content/themes/barkpost_theme/js/ 716 B
664 B 87ms
81ms Script
application/javascript 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/js/skip-link-focus-fix.js?ver=1.1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

93c964e1bd5719c525c73073cf64f4c2b03dd6d4fa846d5bce3142596b3f1e97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 07 Oct 2021 12:58:01 GMT
server: nginx
etag: W/"2cc-5cdc2d006e137"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 script.js Show response
article.oriclehearing.com/wp-content/themes/barkpost_theme/js/ 4 KB
1 KB 88ms
83ms Script
application/javascript 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-content/themes/barkpost_theme/js/script.js?ver=1.1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4d54a5c3e9b7fba1f2d1745ab369c4b67b16ea006d59fcac6e87c28242c770da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 07 Oct 2021 12:58:01 GMT
server: nginx
etag: W/"f83-5cdc2d006dd4f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-emoji-release.min.js Show response
article.oriclehearing.com/wp-includes/js/ 18 KB
6 KB 88ms
85ms Script
application/javascript 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://article.oriclehearing.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Mon, 06 Mar 2023 15:03:40 GMT
server: nginx
etag: W/"48b9-5f63c99b7618a"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 56ms
17ms Script
text/javascript 130.211.5.208
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: article.oriclehearing.com
URL: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.5.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 208.5.211.130.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 00:29:08 GMT
content-encoding: gzip
age: 1981
x-guploader-uploadid: ABPtcPrRLOkHwzKe4fKC8SP6Ik7OZoCDtiOPkwV1_6gLEVFccRHmI41-jy9lpd62qc0OG8R2d0opIZRT1nqL7lU06Zt9NA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
last-modified: Fri, 05 May 2023 17:33:19 GMT
server: UploadServer
etag: "6eb612a000fc103e2769e576a68fc412"
vary: Accept-Encoding
x-goog-generation: 1683307999305716
x-goog-hash: crc32c=6XUl6A==, md5=brYSoAD8ED4naeV2po/EEg==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=86400
x-goog-stored-content-length: 17969
accept-ranges: bytes
expires: Wed, 08 Nov 2023 00:29:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
94 KB 152ms
79ms Script
application/javascript 172.253.122.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7VNCXZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a22b16c7d37458e2478368d1ff176144fbb3cf8d8a1defd3ff64dbe7ca96219a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96224
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:12:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Nov 2023 01:02:09 GMT

GET
H2 200 lumetricv2.min.js Show response
go.oriclehearing.com/integration/ 10 KB
4 KB 271ms
154ms Script
application/javascript 104.21.3.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.oriclehearing.com/integration/lumetricv2.min.js?v=3.1.0
Requested by: Host: article.oriclehearing.com
URL: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0778ddc68a45b41218028fe108ebacecd5250e6d39fe2c9fe10f03482d810a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 30 May 2023 16:44:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-lum-execution-time: 55.79Âµs
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jfkh3GVxWX6yNZvP%2FZ8Cg3b%2BgAxt14GFrPvqI%2BlxvrokFgSC1Aot%2Bder6Q7ExBeJz1GimhLS5nhtjDCiimYZ0SepjfBBV64s1RTJQKAjy8FdS45bdvQevOVbeKw5rN93fEnosE%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-lum-instance: edge-5d74b4975f-f5fxt
cf-ray: 8221a62edea73a08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 author1small.png
article.oriclehearing.com/wp-content/uploads/2020/08/ 1 KB
1 KB 126ms
125ms Image
image/png 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/uploads/2020/08/author1small.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

431d7155a3c44b2c79a1464e9f36e9ec0ccfb68055075a03366422f1e0b38999

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 07 Oct 2021 12:58:01 GMT
server: nginx
etag: W/"504-5cdc2d00d0f35"
vary: Accept-Encoding
content-type: image/png

GET
H2 200 ear_chanel.jpg
article.oriclehearing.com/wp-content/uploads/2023/07/ 349 KB
348 KB 125ms
124ms Image
image/jpeg 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/uploads/2023/07/ear_chanel.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

35d12559436604c6d6b16385466a7d9c0a438514cb8ef2ed9384639c1bbf2ba8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=0; includeSubdomains
last-modified: Fri, 14 Jul 2023 10:28:46 GMT
server: nginx
etag: W/"57515-6006fe9e9ea58"
vary: Accept-Encoding
content-type: image/jpeg

GET
H2 200 buds.webp
article.oriclehearing.com/wp-content/uploads/2023/10/ 165 KB
165 KB 125ms
124ms Image
image/webp 52.8.128.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://article.oriclehearing.com/wp-content/uploads/2023/10/buds.webp

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.8.128.218 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-128-218.us-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

92d21f1b9b45098caa8299779f82154adc8a89cd4d7bf3680cbf603dce1bfefc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:09 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=0; includeSubdomains
last-modified: Thu, 26 Oct 2023 17:50:18 GMT
server: nginx
etag: "2930a-608a2347438a0"
content-type: image/webp
accept-ranges: bytes
content-length: 168714

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 111ms
35ms Script
text/javascript 172.253.122.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7VNCXZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 00:07:26 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3284
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 07 Nov 2023 02:07:26 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 133ms
33ms Script
application/javascript 23.39.185.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7VNCXZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.185.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-185-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3ecb14e3a68aa5523afe335478459f1fdf77926da2dc7df11f37033e0ceb885

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "499e2f4da7d8c903c9e112f3f30857c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1790

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/663458261/ 4 KB
2 KB 123ms
50ms Script
text/javascript 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/663458261/?random=1699318929989&cv=11&fst=1699318929989&bg=ffffff&guid=ON&async=1&gtm=45He3b60v850528878&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540private&hn=www.googleadservices.com&frm=0&tiba=Oricle%20Crystal%20Clear%20Hearing&auid=1882921100.1699318930&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7VNCXZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

03b9f8c57d6e8769a3b89b4651710b6caa76cc2ab0bb148fb2c2360629fc231d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1550
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 106ms
35ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7VNCXZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Nov 2023 01:02:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ceXIkLiTmvQcdQHmOWiYZ8XlwYzN/gNFjwbFSL4foz0aGINJ6IKHwe8laCO9Hd2WXX6Ob4LqLdNrDeE6TH42cw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 123ms
51ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 07 Nov 2023 01:02:09 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D4FEA5C171BF4CA790787E8786704E8F Ref B: YTO01EDGE0816 Ref C: 2023-11-07T01:02:10Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H2 200 gvthkhqs2k Show response
www.clarity.ms/tag/ 650 B
1013 B 145ms
73ms Script
application/x-javascript 13.107.213.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gvthkhqs2k?ref=gtm2
Requested by: Host: article.oriclehearing.com
URL: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 600a80ab2c56688ab27390bdc465cfadfc3a449fc3b3272fcdb3219bbad430cd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: -1
date: Tue, 07 Nov 2023 01:02:10 GMT
x-azure-ref: 20231107T010210Z-yds6guvu9x6631yz02pvr1q4840000000bhg00000002w08m
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 219ms
35ms Script
application/javascript 69.147.92.12
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.147.92.12 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

e2.ycpi.vip.dca.yahoo.com

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:01:56 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: KTF57FA2NK0RCTA6
age: 15
x-amz-server-side-encryption: AES256
x-amz-id-2: b36ZQG6cfLaYPiwFuJHbk+5KcpUP/H7c7j4VGWi4SqK9bmqJ/vttWifwT8DYDr2wN8baQ/0k09Q=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 98ms
40ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MRX3CP0SE4&gtm=45je3b60v889606485z8850528878&_p=1699318929603&_gaz=1&gcd=11l1l1l1l1&cid=1779839864.1699318930&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699318930&sct=1&seg=0&dl=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540privaterelay.appleid.com%26event_name%3DemailLinkClick%26meta%3DeyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&dt=Oricle%20Crystal%20Clear%20Hearing&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1396
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MRX3CP0SE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://article.oriclehearing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 115ms
43ms Ping
text/plain 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MRX3CP0SE4&cid=1779839864.1699318930&gtm=45je3b60v889606485z8850528878&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MRX3CP0SE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://article.oriclehearing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 120ms
49ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MRX3CP0SE4&cid=1779839864.1699318930&gtm=45je3b60v889606485z8850528878&aip=1&z=393164826

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 funnel
go.oriclehearing.com/js/ Frame 0
0 192ms
149ms Preflight 104.21.3.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.oriclehearing.com/js/funnel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://article.oriclehearing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://article.oriclehearing.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8221a6310b3e5413-YYZ
content-length: 0
date: Tue, 07 Nov 2023 01:02:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXgtp2dgbEKYLPL5Wfo9xj1Z3RvKZO0ttfNu9%2BD529%2Btk74E7fl89KnKxEHbBtfv6m7CRgV806nrQDOwgBoWWvQWGusu1BVQ9Ci1xVHo2KYH%2FSeoDWexZbTBr9UullDtOPMCKKxc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
via: 1.1 google
x-lum-execution-time: 7.52µs
x-lum-instance: edge-5d74b4975f-dvzqc

POST
H2 200 funnel Show response
go.oriclehearing.com/js/ 120 B
667 B 173ms
173ms XHR
application/json 104.21.3.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.oriclehearing.com/js/funnel
Requested by: Host: go.oriclehearing.com
URL: https://go.oriclehearing.com/integration/lumetricv2.min.js?v=3.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe137a4a36f0d5ccc288a74f73fe00eeb6bd1354f057bfe96df355d9a883fba8

Request headers

Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 01:02:10 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-lum-execution-time: 2.96375ms
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKAxDjlWkkjZOTuvJ6%2BMaM0DypzK5I3pSOSpM0FRKNwPVOkIjfx3QbaPtw7GSUNjPfF0I7h17SIeftX2PMlilmCS%2FoQfT9b6aoSgnbeIPHX892s0ZBPBv4OZ1Q7LtfMYfCP8KBgT"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://article.oriclehearing.com
cache-control: no-cache, must-revalidate, private, max-age=0
access-control-allow-credentials: true
x-lum-instance: edge-5d74b4975f-dvzqc
cf-ray: 8221a631fc313a08-YYZ
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 44ms
43ms XHR
text/plain 172.253.122.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1034672976&t=pageview&_s=1&dl=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540privaterelay.appleid.com%26event_name%3DemailLinkClick%26meta%3DeyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&ul=en-us&de=UTF-8&dt=Oricle%20Crystal%20Clear%20Hearing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1858111860&gjid=248724127&cid=1779839864.1699318930&tid=UA-206346388-1&_gid=248173138.1699318930&_slc=1&gtm=45He3b60n81N7VNCXZv850528878&gcd=11l1l1l1l1&z=832547413

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://article.oriclehearing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 44ms
43ms XHR
text/plain 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-206346388-1&cid=1779839864.1699318930&jid=1858111860&gjid=248724127&_gid=248173138.1699318930&_u=YCDAgEABAAAAAGAAI~&z=1887137312

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Nov 2023 01:02:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://article.oriclehearing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/663458261/ 42 B
455 B 125ms
50ms Image
image/gif 142.251.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/663458261/?random=1699318929989&cv=11&fst=1699318800000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v850528878&u_w=1600&u_h=1200&url=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540private&frm=0&tiba=Oricle%20Crystal%20Clear%20Hearing&fmt=3&is_vtc=1&cid=CAQSGwDICaaNfj2g5xGG4FQU2e-uPzNfhcfJU89sxQ&random=93561556&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/663458261/ 42 B
154 B 50ms
49ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/663458261/?random=1699318929989&cv=11&fst=1699318800000&bg=ffffff&guid=ON&async=1&gtm=45He3b60v850528878&u_w=1600&u_h=1200&url=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540private&frm=0&tiba=Oricle%20Crystal%20Clear%20Hearing&fmt=3&is_vtc=1&cid=CAQSGwDICaaNfj2g5xGG4FQU2e-uPzNfhcfJU89sxQ&random=93561556&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.0f30f8d0.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 33ms
33ms Script
application/javascript 23.39.185.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.0f30f8d0.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.185.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-185-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1be3277a591ff69db0e1b271baf771bdd69eab538b5541ca12b13836f7077180

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "c79d9ac2582cdabfbad50a4ddd35a163"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18931

GET
H2 200 148024412.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 48ms
48ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148024412.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

ef6cdc9736e79ae2b3b3ac2ce2b29188cf20e7e6e6d5b3370ec10604a8571bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 07 Nov 2023 01:02:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A32CEC0F1B81462A8C0BAB9744443F65 Ref B: YTO01EDGE0816 Ref C: 2023-11-07T01:02:10Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
359 B 59ms
59ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148024412&Ver=2&mid=d05c2a5e-4598-4e1f-aa35-5fd0c2d0471f&sid=476b0f307d0911eea38a179beaa45454&vid=476b4e007d0911eea7394d41e31cf996&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Oricle%20Crystal%20Clear%20Hearing&p=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540privaterelay.appleid.com%26event_name%3DemailLinkClick%26meta%3DeyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&r=&lt=1059&evt=pageLoad&sv=1&rn=999209

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Nov 2023 01:02:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DA3DA4045B4463F93F0E023F468A70E Ref B: YTO01EDGE0816 Ref C: 2023-11-07T01:02:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2385643294926187 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 36ms
35ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2385643294926187?v=2.9.138&r=stable&domain=article.oriclehearing.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

b49275d0646f92a247bb7cd92be3d266147273964ede1288fddb3f91bf3f3712

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Nov 2023 01:02:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35996
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: P+ig53VZViVZgWJrkPqS4igEyCtshnknvFBEUfHe/aiFF3Oi+I39Ah1cEozuLIStRVKvoxwcXOnKmqHFDFA0cw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.13/ 59 KB
25 KB 48ms
47ms Script
application/javascript 13.107.213.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.13/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gvthkhqs2k?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:10 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 11:58:02 GMT
etag: W/"0x8DBCF0850CC9F3D"
vary: Accept-Encoding
x-azure-ref: 20231107T010210Z-yds6guvu9x6631yz02pvr1q4840000000bhg00000002w08z
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 265f2a5e-201e-0033-7d8b-077170000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 / Show response
ct.pinterest.com/user/ 298 B
625 B 77ms
39ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614387833429&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1699318930185&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.0f30f8d0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:10 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1554884114531188
content-length: 173
pin-unauth: dWlkPVlXTTFOMlUyWmpJdE9HSmpOeTAwWVRoaExXRmpNRGd0WWpBd05EazJObVE0TkdVMg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://article.oriclehearing.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: d6951f45f66563771add4a1e3ca61db071303140
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
185 B 79ms
43ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614387833429&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540privaterelay.appleid.com%26event_name%3DemailLinkClick%26meta%3DeyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%220f30f8d0%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1699318930187
Requested by: Host: article.oriclehearing.com
URL: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:10 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: d6951f45f66563771add4a1e3ca61db071303140
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 5646294906236895
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 148024412 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 57ms
57ms Script
application/x-javascript 13.107.213.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/148024412
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/148024412.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2e9697b76b742fe76bb0c919eb546fe80d7364f91cd3c79cbeb8b2b0e5a13b47

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: -1
date: Tue, 07 Nov 2023 01:02:10 GMT
x-azure-ref: 20231107T010210Z-yds6guvu9x6631yz02pvr1q4840000000bhg00000002w093
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 191ms
63ms Image
text/plain 157.240.244.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2385643294926187&ev=PageView&dl=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540privaterelay.appleid.com%26event_name%3DemailLinkClick%26meta%3DeyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&rl=&if=false&ts=1699318930222&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1699318930221.1370981778&ler=empty&it=1699318930166&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-mty2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Nov 2023 01:02:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 10197690.json Show response
s.yimg.com/wi/config/ 2 B
450 B 99ms
35ms XHR
application/json 69.147.92.12
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10197690.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.147.92.12 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

e2.ycpi.vip.dca.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 00:21:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 9ZTPCRN8H745ZPEP
age: 2425
content-length: 2
x-amz-id-2: 6hJo35NAWPqA3SuY34IgTtIHb/O3J6N7Ry/b4CYAO69nSSuYtMbF+JYJlR6SiM0OFC34PBFHDJY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 138ms
44ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2007%20Nov%202023%2001%3A02%3A10%20GMT&n=8&b=Oricle%20Crystal%20Clear%20Hearing&.yp=10197690&f=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540privaterelay.appleid.com%26event_name%3DemailLinkClick%26meta%3DeyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Nov 2023 01:02:12 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
305 B 139ms
57ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://article.oriclehearing.com
Date: Tue, 07 Nov 2023 01:02:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H/1.1 204
No Content collect
s.clarity.ms/ 0
305 B 92ms
32ms Ping
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://article.oriclehearing.com
Date: Tue, 07 Nov 2023 01:02:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 64ms
63ms Image
text/plain 157.240.244.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2385643294926187&ev=PageView&dl=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3D_removed_%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540privaterelay.appleid.com%26event_name%3DemailLinkClick%26meta%3DeyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9%26vid%3DefvliJXvL4t8Mkx6Qoy4E27ksnx%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522restrictedParams%2522%253A%255B%25223dc260b2472062d9c57bd930b02f23831d917b8f3e3234b6d63964a53c31d3aa%2522%255D%257D&rl=&if=false&ts=1699318930413&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1699318930221.1370981778&ler=empty&it=1699318930166&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-mty2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Nov 2023 01:02:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CD7632A2BE424B38B301C3A17B0E2B7E&RedC=c.clarity.ms&MXFR=263F255C13026F2721C0369E17026159
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CD7632A2BE424B38B301C3A17B0E2B7E&MUID=2F938A0896E464ED0E5399CA97CE65EC

42 B
442 B

36ms
35ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CD7632A2BE424B38B301C3A17B0E2B7E&MUID=2F938A0896E464ED0E5399CA97CE65EC
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:09 GMT
last-modified: Wed, 30 Aug 2023 15:12:15 GMT
server: Microsoft-IIS/10.0
etag: "3370fe5b54dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E8A88002F7A47AA91B96321348E4164 Ref B: YTO01EDGE0816 Ref C: 2023-11-07T01:02:10Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CD7632A2BE424B38B301C3A17B0E2B7E&MUID=2F938A0896E464ED0E5399CA97CE65EC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame C933 565 B
401 B 40ms
39ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.0f30f8d0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 01:02:10 GMT
pinterest-version: d6951f45f66563771add4a1e3ca61db071303140
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1624263400150471

GET
H2 200 everflow.js Show response
www.4ahjdj2.com/scripts/sdk/ 60 KB
19 KB 73ms
72ms Script
text/javascript 34.149.114.185
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.4ahjdj2.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7VNCXZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.114.185 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 185.114.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 951d9feb056cc5c823f133b5a43c87ef35e57ce13ed83a50e4e3d18da8420617

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:10 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 9ac40021-9128-47eb-9471-53a949be116f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
305 B 57ms
57ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://article.oriclehearing.com
Date: Tue, 07 Nov 2023 01:02:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 204 conversion
www.4ahjdj2.com/sdk/ 0
0 69ms
68ms Fetch 34.149.114.185
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.4ahjdj2.com/sdk/conversion?effp=686b036ecbe28685748e0cf5ac4a2636&sec_ch_ua_platform=&sec_ch_ua_platform_version=&transaction_id=&event_id=249&oid=7&event_source_url=article.oriclehearing.com
Requested by: Host: www.4ahjdj2.com
URL: https://www.4ahjdj2.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.114.185 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 185.114.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 01:02:10 GMT
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
access-control-allow-origin: https://article.oriclehearing.com
access-control-allow-credentials: true
x-eflow-request-id: 3ca96510-51df-4413-9850-d4ae7e348194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 41ms
40ms Ping
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MRX3CP0SE4&gtm=45je3b60v889606485&_p=1699318929603&gcd=11l1l1l1l1&cid=1779839864.1699318930&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1699318930&sct=1&seg=1&dl=https%3A%2F%2Farticle.oriclehearing.com%2Fclearhearing%2F%3Ff%3D1wPSzetrKoWm%26n%3D1wPT4L59B7nu%26ts%3D27RSTPUH4AhC%26campaign%3DNL-Oricle-Painting-10-2%26external%3Dnvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26AFID%3DNB%26is_nova%3Dtrue%26nb_cid%3D01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881%26bucket%3Ddmg_local_email_bucket_10%26message_id%3DG77kcnF-1QVGFclH%26tag%3Dmorning%26exps%3Dnl_bucket_exp_23_5-v0%252Cnl_content_23_2-v19%252Cnl_monetization_23_2-v10%252Cnl_prerollout_23_1-v1%252Cnova_traffic_exp_full_04-v2%26email%3Dd6fsmtxbqj%2540privaterelay.appleid.com%26event_name%3DemailLinkClick%26meta%3DeyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9%26vid%3DefvliJXvL4t8Mkx6Qoy4E27ksnx&dt=Oricle%20Crystal%20Clear%20Hearing&en=page_view&_ee=1&_et=451&tfd=2778
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MRX3CP0SE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 01:02:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://article.oriclehearing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
305 B 44ms
44ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://article.oriclehearing.com
Date: Tue, 07 Nov 2023 01:02:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
377 B 236ms
88ms XHR
application/json 107.178.240.159

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1699318934684

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://article.oriclehearing.com/clearhearing/?f=1wPSzetrKoWm&n=1wPT4L59B7nu&ts=27RSTPUH4AhC&campaign=NL-Oricle-Painting-10-2&external=nvss_01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&AFID=NB&is_nova=true&nb_cid=01e2823b-120d-49c8-8b3f-a57248a005b4_1716607889565818881&bucket=dmg_local_email_bucket_10&message_id=G77kcnF-1QVGFclH&tag=morning&exps=nl_bucket_exp_23_5-v0%2Cnl_content_23_2-v19%2Cnl_monetization_23_2-v10%2Cnl_prerollout_23_1-v1%2Cnova_traffic_exp_full_04-v2&email=d6fsmtxbqj%40privaterelay.appleid.com&event_name=emailLinkClick&meta=eyJzdWJzX3RvcGljIjogImxvY2FsIiwgImZyZXEiOiAiZGFpbHkiLCAic2VuZF90cyI6IDE2OTgyNTEwMDIsICJsaW5rIjogInJxejg3OW5BIiwgInBvcyI6ICJib2R5IiwgImFkX2lkIjogIjE3MTY2MDc4ODk1NjU4MTg4ODEiLCAibm92YV9zbmFwc2hvdF9pZCI6ICIwMWUyODIzYi0xMjBkLTQ5YzgtOGIzZi1hNTcyNDhhMDA1YjRfMTcxNjYwNzg4OTU2NTgxODg4MSJ9&vid=efvliJXvL4t8Mkx6Qoy4E27ksnx
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 07 Nov 2023 01:02:14 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://article.oriclehearing.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 46
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.oriclehearing.com/	1970-01-21 00:47:34	Name: mp_5e474d63d8b59659f6591eadf8f3ad85_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18ba74d1916417-0b039a90038d23-643e5e53-1d4c00-18ba74d1916417%22%2C%22%24device_id%22%3A%20%2218ba74d1916417-0b039a90038d23-643e5e53-1d4c00-18ba74d1916417%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.oriclehearing.com/	1970-01-20 18:11:34	Name: _gcl_au Value: 1.1.1882921100.1699318930
.doubleclick.net/	1970-01-20 16:01:59	Name: test_cookie Value: CheckForPermission
.oriclehearing.com/	1970-01-21 01:37:58	Name: _ga Value: GA1.2.1779839864.1699318930
.oriclehearing.com/	1970-01-20 16:03:25	Name: _gid Value: GA1.2.248173138.1699318930
.oriclehearing.com/	1970-01-20 16:01:58	Name: _dc_gtm_UA-206346388-1 Value: 1
www.clarity.ms/	1970-01-21 00:47:34	Name: CLID Value: bb6d137cff6c4dbd97c9d496134cee27.20231107.20241106
.oriclehearing.com/	1970-01-20 16:03:25	Name: _uetsid Value: 476b0f307d0911eea38a179beaa45454
.oriclehearing.com/	1970-01-21 01:23:34	Name: _uetvid Value: 476b4e007d0911eea7394d41e31cf996
.bing.com/	1970-01-21 01:23:34	Name: MUID Value: 2F938A0896E464ED0E5399CA97CE65EC
.bat.bing.com/	1970-01-20 16:12:03	Name: MR Value: 0
.oriclehearing.com/	1970-01-20 18:11:34	Name: _fbp Value: fb.1.1699318930221.1370981778
.oriclehearing.com/	1970-01-21 00:47:34	Name: _clck Value: 1pzqjfg\|2\|fgi\|0\|1406
.article.oriclehearing.com/	1970-01-21 00:47:34	Name: _pin_unauth Value: dWlkPVlXTTFOMlUyWmpJdE9HSmpOeTAwWVRoaExXRmpNRGd0WWpBd05EazJObVE0TkdVMg
.pinterest.com/	1970-01-21 00:47:34	Name: ar_debug Value: 1
go.oriclehearing.com/	1970-01-21 00:47:34	Name: vid Value: efvliJXvL4t8Mkx6Qoy4E27ksnx
.yahoo.com/	1970-01-21 00:47:56	Name: A3 Value: d=AQABBJSMSWUCEOiYaU3uGQ-oq0NxQje6nnAFEgEBAQHeSmVTZSXaxyMA_eMAAA&S=AQAAAs2AlFYiiyA79X_P96oe3Z8
.c.bing.com/	1970-01-20 16:12:03	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:23:34	Name: SRM_B Value: 2F938A0896E464ED0E5399CA97CE65EC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:23:34	Name: MUID Value: 2F938A0896E464ED0E5399CA97CE65EC
.c.clarity.ms/	1970-01-20 16:12:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:01:59	Name: ANONCHK Value: 0
.oriclehearing.com/	1970-01-20 16:03:25	Name: _clsk Value: hw47l7\|1699318930849\|1\|1\|s.clarity.ms/collect
.oriclehearing.com/	1970-01-21 01:37:58	Name: _ga_MRX3CP0SE4 Value: GS1.1.1699318930.1.1.1699318931.59.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api-js.mixpanel.com
article.oriclehearing.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.mxpnl.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
go.oriclehearing.com
googleads.g.doubleclick.net
s.clarity.ms
s.pinimg.com
s.yimg.com
sp.analytics.yahoo.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.4ahjdj2.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.newsbreakmail.com
104.17.25.14
104.18.10.207
104.21.3.201
107.178.240.159
13.107.213.40
130.211.5.208
142.251.163.94
142.251.167.99
151.101.128.84
157.240.244.35
172.253.115.95
172.253.122.138
172.253.122.155
172.253.122.97
172.253.62.102
172.253.62.157
20.110.205.119
204.79.197.200
216.239.36.181
23.39.185.6
23.96.124.68
31.13.66.19
34.149.114.185
44.237.172.162
52.8.128.218
69.147.92.12
76.13.32.146
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03b9f8c57d6e8769a3b89b4651710b6caa76cc2ab0bb148fb2c2360629fc231d
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
120ad6ac93409947acc8de85a8b084cea5d0e5efcef8d87c3913947efc99df0f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1be3277a591ff69db0e1b271baf771bdd69eab538b5541ca12b13836f7077180
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2e89406b085ebd37e238ada1364356eaaf8bc9cf51ea0acb8cb20f8447aca25c
2e9697b76b742fe76bb0c919eb546fe80d7364f91cd3c79cbeb8b2b0e5a13b47
3537aca32fd9019a921a280a6cb8ee3ee9e7443dc14dd04ed24486a04704203d
35d12559436604c6d6b16385466a7d9c0a438514cb8ef2ed9384639c1bbf2ba8
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
431d7155a3c44b2c79a1464e9f36e9ec0ccfb68055075a03366422f1e0b38999
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4c0778ddc68a45b41218028fe108ebacecd5250e6d39fe2c9fe10f03482d810a
4d54a5c3e9b7fba1f2d1745ab369c4b67b16ea006d59fcac6e87c28242c770da
545f2ba93140dac7dddd0cb3900f22eebd5cf0e32a19aad71ee5b24b36e8711b
58605a4209ce19755673e3d22b75aab9f4992c1552a290e6d8a5b5d70d6039b3
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
600a80ab2c56688ab27390bdc465cfadfc3a449fc3b3272fcdb3219bbad430cd
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
65d3dceec7a8cc86bf259dfc15e4ff17b30d7bff0899f8efe25b52cda0972279
69f4ceba5b75055120aa0836ec0fde4ddc1da3e8b665dc2e645029e031e106c7
6a5190de2db224583303b311528b5ae24e217f88190bc85ebc038ef51febf2a5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
709a82775a5c00e282ae46e88f3d23e19f56afbacae3af754c10d4772933aeb0
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
75f1695e83fa2eddbe9aff0809db1f0d629056580af2d142039d7d3a15a4d1d0
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
86faea951acf25de0ab7861e17972d269e0b27ad0abe1f42114c7474d099a734
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5
92d21f1b9b45098caa8299779f82154adc8a89cd4d7bf3680cbf603dce1bfefc
93c964e1bd5719c525c73073cf64f4c2b03dd6d4fa846d5bce3142596b3f1e97
951d9feb056cc5c823f133b5a43c87ef35e57ce13ed83a50e4e3d18da8420617
960deecec99fa9f409481875149b5fc45c818119aea5bad16b1212b9e1bb8b71
9807c6576dc8ce3636c55114313fd16308d8a639163c1309e62d11e0e0d6e861
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b430acc7d1bb169c4807aa177f9f0bc0eef144b1a69484aef2477d61dbc14d4
a22b16c7d37458e2478368d1ff176144fbb3cf8d8a1defd3ff64dbe7ca96219a
a301816641c7948445201ff057bec6e78cbbae4b7f3626d2a3e3c266cc1b8eb2
a42b8a8617c0eda1f37317b6643400c752d424693a30160fed80e5697448dd1e
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b49275d0646f92a247bb7cd92be3d266147273964ede1288fddb3f91bf3f3712
c50975bb6b15394a7c98a42f11b1db402637c3193e5e21b2e894bb69949e339a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf5232c93113d610588f5752b07236d4c8412bc5f20a13fd763a510677812077
d09f689bb08276ae72ed89a8dde079134ba83d0e0dc9fd1b66777e47d4ba4115
d3ecb14e3a68aa5523afe335478459f1fdf77926da2dc7df11f37033e0ceb885
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6cdc9736e79ae2b3b3ac2ce2b29188cf20e7e6e6d5b3370ec10604a8571bcb
f0fb061225817c55a2d1f504a55146bb2ed299104a918cc8a531e189d35b762c
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fe137a4a36f0d5ccc288a74f73fe00eeb6bd1354f057bfe96df355d9a883fba8

article.oriclehearing.com Open in urlscan Pro 52.8.128.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

0 %IPv6

22 Domains

28 Subdomains

26 IPs

3 Countries

1927 kBTransfer

3463 kBSize

25 Cookies

1 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

article.oriclehearing.com Open in urlscan Pro
52.8.128.218 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

0 %
IPv6

22
Domains

28
Subdomains

26
IPs

3
Countries

1927 kB
Transfer

3463 kB
Size

25
Cookies

75 HTTP transactions
0 data transactions