urlscan.io logo urlscan.io
SecurityTrails logo

ouo.press Open in urlscan Pro
2606:4700:10::6814:5a19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ouo.io/BOt40G
Effective URL: https://ouo.press/BOt40G
Submission: On January 26 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 27 HTTP transactions. The main IP is 2606:4700:10::6814:5a19, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 7th 2019. Valid for: 6 months.
This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 173.192.101.24 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 212.71.236.117 63949 (LINODE-AP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.201.178.159 16509 (AMAZON-02)
1 172.217.23.166 15169 (GOOGLE)
4 23.210.249.92 16625 (AKAMAI-AS)
1 185.64.189.111 62713 (AS-PUBMATIC)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 54.71.54.95 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
27 15
1    2606:4700:10::6814:28b (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.io
6    2606:4700:10::6814:5a19 (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.press
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
p220333.clksite.com
mybestdc.com
2    2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:10::6814:326f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
1    212.71.236.117 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-212-71-236-117.london.nodebalancer.linode.com
ecdn.analysis.fi
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.201.178.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-178-159.us-west-2.compute.amazonaws.com
exchange.adtrue.com
1    172.217.23.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f166.1e100.net
ad.doubleclick.net
4    23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com
ads.pubmatic.com
aktrack.pubmatic.com
1    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
sshowads.pubmatic.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.71.54.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-54-95.us-west-2.compute.amazonaws.com
track.adtrue.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
6 ouo.press ouo.press
3 ads.pubmatic.com exchange.adtrue.com
ads.pubmatic.com
2 www.facebook.com connect.facebook.net
2 connect.facebook.net sshowads.pubmatic.com
connect.facebook.net
2 exchange.adtrue.com ouo.press
2 www.google.com ouo.press
www.gstatic.com
1 track.adtrue.com ouo.press
1 aktrack.pubmatic.com sshowads.pubmatic.com
1 sshowads.pubmatic.com ads.pubmatic.com
1 ad.doubleclick.net ouo.press
1 fonts.gstatic.com cdn.adtrue.com
1 www.gstatic.com www.google.com
1 ecdn.analysis.fi ouo.press
1 cdn.adtrue.com ouo.press
1 mybestdc.com ouo.press
1 p220333.clksite.com 1 redirects
1 fonts.googleapis.com ouo.press
1 ouo.io 1 redirects
27 18

This site contains no links.

Subject Issuer Validity Valid
ssl419954.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-07 -
2020-06-14		 6 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.mybestdc.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-11 -
2020-07-21		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.adtrue.com
COMODO RSA Domain Validation Secure Server CA		 2017-08-04 -
2020-09-02		 3 years crt.sh
*.analysis.fi
Sectigo RSA Domain Validation Secure Server CA		 2019-06-13 -
2020-06-12		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2018-12-13 -
2020-03-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://ouo.press/BOt40G
Frame ID: 34A5774D9C03BC86388A62EEC5689122
Requests: 14 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https://ouo.press/BOt40G&cb=1353405128&timeZone=1&adWidth=300&adHeight=250&loc=https://ouo.press/BOt40G
Frame ID: AEA84BEB836E9882EECDA550367771DE
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=invisible&cb=v73d9pq7tq39
Frame ID: 47C9A0533F7E120E3B30C48C93AA6BE7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 524023F488124197A7622FDF848AAA70
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 211AC37278B0F367D48862B54F339181
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=155495&siteId=562312&adId=2092458&adType=3&adServerId=165&kefact=0.200000&kaxefact=0.200000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1580060136&indirectAdId=1857728&adServerOptimizerId=1&ranreq=0.03501715072263312&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=30&svr=ADS22411U&ekefact=6M0tXuPwDgCrOsgfZfmmiWCjNmg0B8F-U5yOlEQ60VHVaANU&ekaxefact=6M0tXvPwDgC-4MtlzVIsnMR_yy9ee6HQMER6ler-VifswAST&ekpbmtpfact=6M0tXgvxDgAaZlS9OCnj_8e2qelgg_ntNSBUeycpSnjKbInj&enpp=6M0tXhbxDgDHq-pw_FsD4TCXwZZ78SnwgQciMb7QG3xn6_o3&crID=0&campaignId=0&isRTB=0&imprId=B2D1E40D-52AA-465C-BDDC-BDF86BD01694&oid=B2D1E40D-52AA-465C-BDDC-BDF86BD01694&cntryId=167&domain=ouo.press&pageURL=ouo.press&sec=1&pmc=0
Frame ID: 2F2452CDCD868811C0EFF1D535087DC9
Requests: 1 HTTP requests in this frame

Frame: https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2FBOt40G&loc=https%3A%2F%2Fouo.press%2FBOt40G
Frame ID: 5B6A89CF5A95850C0998CC90C009165F
Requests: 1 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/fbadnw60.js
Frame ID: 3B89C45593FC552C4B278BF406FDE3E0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/audiencenetwork/iframe/
Frame ID: 5576B6A241FDC45BAA091B5ACE742701
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&type=html
Frame ID: C1E16B66E14206C6FE8A1980AD8722EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ouo.io/BOt40G HTTP 302
    https://ouo.press/BOt40G Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

27
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

18
Subdomains

15
IPs

5
Countries

248 kB
Transfer

746 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ouo.io/BOt40G HTTP 302
    https://ouo.press/BOt40G Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://p220333.clksite.com/adServe/banners?tid=IF1OUO_WPN_RS HTTP 301
  • https://mybestdc.com/adServe/banners?tid=IF1OUO_WPN_RS

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request BOt40G
ouo.press/
Redirect Chain
  • https://ouo.io/BOt40G
  • https://ouo.press/BOt40G
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63162b2deac269a58e7bf557c71920125d3da4db4e0544847dfa9f80cb57e7a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ouo.press
:scheme
https
:path
/BOt40G
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Sun, 26 Jan 2020 17:35:35 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de06a9486b0d69b987ed07c9d21f569951580060134; expires=Tue, 25-Feb-20 17:35:34 GMT; path=/; domain=.ouo.press; HttpOnly; SameSite=Lax ouoio_session=eyJpdiI6IlZpYzFsNVR0aHpXM3M3bW1COFhyU3BUdFdJWVZvSEhPQzFFb1d2ZnBJS1U9IiwidmFsdWUiOiJrN2crc2xPSUM3MExIVzhTVmhIWGRJS0piU1ZnV0R3K1FuQ0RWUWxuK3dSdTNVdVlkMU9vTFFYZlRNZnRNVWxmOUV2VHlpcnd2cnhkeVg3cllOcWtQQT09IiwibWFjIjoiOTkxOTI1ZjAwODMwODUzYjIzZjNjYTViOWNkYWMzMTk2OWMzZDJhNmQ3NjA3YWExMTg0NjExMmNhNzYwYzU4MCJ9; expires=Sun, 26-Jan-2020 19:34:16 GMT; Max-Age=7200; path=/; httponly language=eyJpdiI6ImZNejN3a3ZWajFtVXJnUmVWSjJTZnpLK3lDYmdZcFIzVnpiQ3dYZ2NZMzg9IiwidmFsdWUiOiIrWEJXeER0eHM1YytQbTRjMnJyQVBqdE9mdnVtTEFnVjRpRXpGSkJhMFNzPSIsIm1hYyI6ImY2Y2QxYjIxMTMzYmQwNTE1Zjg4YzdiZTU3MGY5ZDFkODg1N2Y5ZTc2ZGVkY2JiM2I2YTQ1ODU2ZjQyNzBkMTkifQ%3D%3D; expires=Fri, 24-Jan-2025 17:34:16 GMT; Max-Age=157680000; path=/; httponly
cache-control
no-cache
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55b43e826b82beec-FRA
content-encoding
br

Redirect headers

status
302
date
Sun, 26 Jan 2020 17:35:34 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dbf72096eeaa95574a399a899826c97471580060134; expires=Tue, 25-Feb-20 17:35:34 GMT; path=/; domain=.ouo.io; HttpOnly; SameSite=Lax; Secure ouoio_session=eyJpdiI6Ik16a3J2XC9XY2VcL0RZZnIxdDVwZXBCOTJFY1QrdmlCc3VDNE8yU1NPUlZIOD0iLCJ2YWx1ZSI6InhLTGs0RkdCTXZQVWh1ODBcL1JiczdIMGlZUnpqNUFGZ3dvaFhqUUtYeUQ1TURpeldEUkVvaEhtaXkzeWRVVmlOU0lPZitEa3VSNTVtMFJyNlM1ZFgwZz09IiwibWFjIjoiN2M4MWVhYzAxZWNiMDZjYTdmZjgzYWE4MDRlZTVkN2RmMzFiMjM3MTI0OTc1NTNkYzE1MmY2NzRjNjBmYmQ1ZSJ9; expires=Sun, 26-Jan-2020 19:34:16 GMT; Max-Age=7200; path=/; httponly language=eyJpdiI6IkdFVjI2OVN3dklvTmlaRkFkdTltQksrdG9lc3lEbWpNUWlvdXRkUklrVEE9IiwidmFsdWUiOiJEcmlxS3QyVGVkZDg2ZGhDUW93OTBoWVcraVphS09ZWlFsUmw4NTZyQ1pjPSIsIm1hYyI6ImUwMmJjMTk1ZTA2MGM5ODIyMTk1MGZjOTRmYTBjNWI4NTQ3YzI5NDg5YjI1NjBmYjUzOWE2ZmNjYjAxYWVhMGQifQ%3D%3D; expires=Fri, 24-Jan-2025 17:34:16 GMT; Max-Age=157680000; path=/; httponly
cache-control
no-cache
location
https://ouo.press/BOt40G
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55b43e80ba69dfa5-FRA
css
fonts.googleapis.com/ 		419 B
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecc307c5609f0a0de49a0233949955c43c7b0a5811e77bb8ada675d879f52596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 26 Jan 2020 17:35:35 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 26 Jan 2020 17:35:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 26 Jan 2020 17:35:35 GMT
bootstrap.css
ouo.press/css/ 		107 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/bootstrap.css
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 17:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
28277
cf-polished
origSize=109522
status
200
last-modified
Sat, 14 Feb 2015 06:58:04 GMT
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=86400
cf-ray
55b43e850f6dbeec-FRA
expires
Sun, 26 Jan 2020 21:42:59 GMT
link-safe.css
ouo.press/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/link-safe.css
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 17:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
27063
cf-polished
status=cannot_optimize
status
200
last-modified
Wed, 02 Oct 2019 21:46:54 GMT
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=86400
cf-ray
55b43e851f70beec-FRA
expires
Sun, 26 Jan 2020 22:03:14 GMT
banners
mybestdc.com/adServe/
Redirect Chain
  • https://p220333.clksite.com/adServe/banners?tid=IF1OUO_WPN_RS
  • https://mybestdc.com/adServe/banners?tid=IF1OUO_WPN_RS
31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybestdc.com/adServe/banners?tid=IF1OUO_WPN_RS
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
4b6efc9fe93d6a2075e8363cb6cd1bcb871750b90cce09a964199cf8e0c8a85b

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Jan 2020 17:35:36 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript;charset=ISO-8859-1
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://mybestdc.com/adServe/banners?tid=IF1OUO_WPN_RS
Date
Sun, 26 Jan 2020 17:35:35 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
api.js
www.google.com/recaptcha/ 		709 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a760e66cc674798753194d94d5322c914bde05c668dbb3a0d72656bbe61eff07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 17:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
477
x-xss-protection
1; mode=block
expires
Sun, 26 Jan 2020 17:35:35 GMT
async.js
cdn.adtrue.com/rtb/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 17:35:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Oct 2019 03:52:05 GMT
server
cloudflare
age
7554360
etag
W/"5d941ee5-1c42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31104000
cf-ray
55b43e853dcadfe7-FRA
expires
Sun, 25 Oct 2020 07:09:35 GMT
world.png
ouo.press/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouo.press/images/world.png
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 17:35:35 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
758648
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
vary
Accept-Encoding
content-length
5692
x-xss-protection
1; mode=block
last-modified
Wed, 06 May 2015 05:02:52 GMT
server
cloudflare
etag
"5549a07c-163c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
55b43e851f73beec-FRA
expires
Sun, 16 Feb 2020 22:50:22 GMT
6.jpg
ouo.press/blog/images/hero/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouo.press/blog/images/hero/6.jpg
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43c14a04df3f22886b0b857ed637c2b6fbdedb059323af29aefb177e30aac8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 17:35:35 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2542039
cf-polished
degrade=85, origSize=75686
status
200
cf-bgj
imgq:85
vary
Accept-Encoding
content-length
9404
x-xss-protection
1; mode=block
last-modified
Sat, 14 Oct 2017 04:26:32 GMT
server
cloudflare
etag
"59e191f8-127a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
55b43e856808beec-FRA
expires
Mon, 27 Jan 2020 07:27:41 GMT
email-decode.min.js
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 17:35:35 GMT
content-encoding
gzip
last-modified
Thu, 23 Jan 2020 12:56:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e2997ec-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
55b43e855ff2beec-FRA
expires
Tue, 28 Jan 2020 17:35:35 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.71.236.117 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-212-71-236-117.london.nodebalancer.linode.com
Software
nginx/1.12.2 /
Resource Hash
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 17:35:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jul 2015 00:00:00 GMT
Server
nginx/1.12.2
ETag
"55a5a280-560"
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
close
Content-Length
1376
Expires
Sun, 26 Jan 2020 18:35:16 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/ 		257 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07a651614bfef3f3a35d9a2ded0de50adaef4671abda32d38958ac4438b46cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Tue, 21 Jan 2020 21:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Jan 2020 18:54:09 GMT
server
sffe
age
416513
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94001
x-xss-protection
0
expires
Wed, 20 Jan 2021 21:53:43 GMT
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v9/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/questrial/v9/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a1635d7678496755833157aba991c7f38030bce1a8af2016bb1cebfa79574f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Questrial
Origin
https://ouo.press

Response headers

date
Mon, 13 Jan 2020 23:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1102510
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12940
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 23:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jan 2021 23:20:26 GMT
impress
exchange.adtrue.com/delivery/ Frame AEA8 		810 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https://ouo.press/BOt40G&cb=1353405128&timeZone=1&adWidth=300&adHeight=250&loc=https://ouo.press/BOt40G
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.178.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-178-159.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f8dbb7cda82627ac046439bcd03f2abfe9256e536f9562f33545969466ef5a69

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

status
200
date
Sun, 26 Jan 2020 17:35:36 GMT
server
nginx
x-adtrue-instance
java3
content-length
810
content-type
application/javascript
anchor
www.google.com/recaptcha/api2/ Frame 47C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=invisible&cb=v73d9pq7tq39
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-X2EarA/GfnL0GyYUeH0aSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=invisible&cb=v73d9pq7tq39
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://ouo.press/BOt40G
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://ouo.press/BOt40G

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Jan 2020 17:35:36 GMT
content-security-policy
script-src 'nonce-X2EarA/GfnL0GyYUeH0aSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8426
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
favicon.ico
ad.doubleclick.net/ 		1 KB
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Sat, 25 Jan 2020 18:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81835
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 26 Jan 2020 18:51:41 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame AEA8 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https://ouo.press/BOt40G&cb=1353405128&timeZone=1&adWidth=300&adHeight=250&loc=https://ouo.press/BOt40G
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f400cbdda2a79848ddc1cd3351e6910d779eeb299abd1f4eee56993c8deae44e

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 17:35:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jan 2020 11:16:09 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-973d-59cb8a6c84de0"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=115820
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
14478
Expires
Tue, 28 Jan 2020 01:45:56 GMT
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 5240 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://ouo.press/BOt40G
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://ouo.press/BOt40G

Response headers

Last-Modified
Wed, 22 Jan 2020 11:16:09 GMT
ETag
"13006b6-973d-59cb8a6c84de0"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14478
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=115820
Expires
Tue, 28 Jan 2020 01:45:56 GMT
Date
Sun, 26 Jan 2020 17:35:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 211A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://ouo.press/BOt40G
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://ouo.press/BOt40G

Response headers

Last-Modified
Wed, 22 Jan 2020 11:16:09 GMT
ETag
"13006b6-973d-59cb8a6c84de0"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14478
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=115820
Expires
Tue, 28 Jan 2020 01:45:56 GMT
Date
Sun, 26 Jan 2020 17:35:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
AdServerServlet
sshowads.pubmatic.com/AdServer/ Frame AEA8 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=562312&adId=2092458&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fouo.press%2FBOt40G&inIframe=1&kadpageurl=ouo.press&operId=3&sec=1&kltstamp=2020-1-26%2018%3A35%3A36&timezone=1&screenResolution=1600x1200&ranreq=0.03501715072263312&pmUniAdId=0&adVisibility=1&adPosition=291x642&gdpr=1&dspids=%7B%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
600b1864aa8c8de3528e9f976167b30aff2bdd817c160a24fcd52dc2ff4aaf34

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 17:35:36 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
fbadnw60-tag.js
connect.facebook.net/en_US/ Frame AEA8 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbadnw60-tag.js
Requested by
Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=562312&adId=2092458&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fouo.press%2FBOt40G&inIframe=1&kadpageurl=ouo.press&operId=3&sec=1&kltstamp=2020-1-26%2018%3A35%3A36&timezone=1&screenResolution=1600x1200&ranreq=0.03501715072263312&pmUniAdId=0&adVisibility=1&adPosition=291x642&gdpr=1&dspids=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d6658b2d062d74e1e1072e565dee895f81b98c8cebf39663757256d04f743660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ouo.press/BOt40G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
IOWd77KigUq1BB/+pGctiQ==
status
200
date
Sun, 26 Jan 2020 17:35:37 GMT, Sun, 26 Jan 2020 17:35:37 GMT
expires
Sun, 26 Jan 2020 21:39:52 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
3146
x-fb-debug
cLZ1OdoSMWpZGSst1BaYZHAGMQqiwOyZftBGt1C3cXmDXGEMVaWuKohUf2l68i16OdwEDBaF9nlr1luJQ0LF1Q==
x-fb-trip-id
1850256238
x-fb-content-md5
4066954f346f6c6d63b831f8343ba4f0
etag
"872e86ecce6b5a907959f1de92c0ebd5"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=86400,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 2F24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=155495&siteId=562312&adId=2092458&adType=3&adServerId=165&kefact=0.200000&kaxefact=0.200000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1580060136&indirectAdId=1857728&adServerOptimizerId=1&ranreq=0.03501715072263312&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=30&svr=ADS22411U&ekefact=6M0tXuPwDgCrOsgfZfmmiWCjNmg0B8F-U5yOlEQ60VHVaANU&ekaxefact=6M0tXvPwDgC-4MtlzVIsnMR_yy9ee6HQMER6ler-VifswAST&ekpbmtpfact=6M0tXgvxDgAaZlS9OCnj_8e2qelgg_ntNSBUeycpSnjKbInj&enpp=6M0tXhbxDgDHq-pw_FsD4TCXwZZ78SnwgQciMb7QG3xn6_o3&crID=0&campaignId=0&isRTB=0&imprId=B2D1E40D-52AA-465C-BDDC-BDF86BD01694&oid=B2D1E40D-52AA-465C-BDDC-BDF86BD01694&cntryId=167&domain=ouo.press&pageURL=ouo.press&sec=1&pmc=0
Requested by
Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=562312&adId=2092458&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fouo.press%2FBOt40G&inIframe=1&kadpageurl=ouo.press&operId=3&sec=1&kltstamp=2020-1-26%2018%3A35%3A36&timezone=1&screenResolution=1600x1200&ranreq=0.03501715072263312&pmUniAdId=0&adVisibility=1&adPosition=291x642&gdpr=1&dspids=%7B%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
aktrack.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://ouo.press/BOt40G
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES; pi=155495:2; pp=155495
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://ouo.press/BOt40G

Response headers

Content-Type
text/html
Content-Length
0
Date
Sun, 26 Jan 2020 17:35:37 GMT
Connection
keep-alive
request
track.adtrue.com/track/ Frame 5B6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2FBOt40G&loc=https%3A%2F%2Fouo.press%2FBOt40G
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.54.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-54-95.us-west-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

:method
GET
:authority
track.adtrue.com
:scheme
https
:path
/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2FBOt40G&loc=https%3A%2F%2Fouo.press%2FBOt40G
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://ouo.press/BOt40G
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://ouo.press/BOt40G

Response headers

status
200
date
Sun, 26 Jan 2020 17:35:37 GMT
content-type
text/html
server
nginx/1.10.3 (Ubuntu)
x-host-name
java4
content-encoding
gzip
fbadnw60.js
connect.facebook.net/en_US/ Frame 3B89 		246 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbadnw60.js
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbadnw60-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
daf63a82beb2c5ca576b39b8713a05c8add1097bf4fbfd73a6be865da3d0d136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
FbvVp2Xn2rM4ZjpZnVPWtQ==
status
200
date
Sun, 26 Jan 2020 17:35:37 GMT, Sun, 26 Jan 2020 17:35:37 GMT
expires
Sun, 26 Jan 2020 17:41:35 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
65407
x-fb-debug
oAoviQLHFKQLaeMqv2UToRtYgP0Z/9tb7s5pMoNWB4UXq5KBM5W1WAzqWfd3SQ4YwblbT3rSl9NSF6hyJlMcnw==
x-fb-trip-id
1850256238
x-fb-content-md5
b0459caa92b98981ac2392a0bb7569e6
etag
"4e41c006bd912fd0b742b87fb907da26"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
/
www.facebook.com/audiencenetwork/iframe/ Frame 5576 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/audiencenetwork/iframe/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbadnw60-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/audiencenetwork/iframe/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://ouo.press/BOt40G
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://ouo.press/BOt40G

Response headers

status
200
expires
Sun, 26 Jan 2020 17:55:37 +0000
x-xss-protection
0
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/;
strict-transport-security
max-age=15552000; preload
access-control-expose-headers
X-FB-Debug, X-Loader-Length
access-control-allow-credentials
true
x-content-type-options
nosniff
vary
Origin Accept-Encoding
cache-control
private, max-age=1200
access-control-allow-origin
https://facebook.com
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
x-fb-debug
DWSMGfce5USEvd3ybeFUuGU3F2smspTKgZlnW0pziRC9ffpmU+UjWAoLzl4M8j7vlvEViSUB9ihwaK+USTyRtQ==
date
Sun, 26 Jan 2020 17:35:37 GMT Sun, 26 Jan 2020 17:35:37 GMT
alt-svc
h3-24=":443"; ma=3600
/
www.facebook.com/audiencenetwork/xhr/ Frame AEA8 		639 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/audiencenetwork/xhr/?sdk=6.0.web&amp=false&tagJsInitTime=1580060137023&tagJsIframeAppendedTime=1580060137034&url=https%3A%2F%2Fouo.press%2FBOt40G&domain=https%3A%2F%2Fouo.press&channel=https%3A%2F%2Fouo.press&width=1600&height=1200&pixelratio=1&placementindex=0&crossdomain=false&safeframe=false&placementid=528481344572814_541901659897449&format=300x250&testmode=false&webview=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbadnw60-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee19938e3168a25558babd233d2e099afefc4a1e2d35bd7b8514f303ed3735fc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://ouo.press/BOt40G
Origin
https://ouo.press

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
0WA/mTvCwylsaENmvH7JCmrbHQCOZCzLgjj07cwH1TukxFkCBKOitjdTTqYaivOvrlsKkE6dn2xzrrSS/4F1kg==
date
Sun, 26 Jan 2020 17:35:37 GMT, Sun, 26 Jan 2020 17:35:37 GMT
vary
Accept-Encoding
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://ouo.press
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp/reporting/;
expires
Sat, 01 Jan 2000 00:00:00 GMT
passback
exchange.adtrue.com/tag/ Frame C1E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&type=html
Requested by
Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.178.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-178-159.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
exchange.adtrue.com
:scheme
https
:path
/tag/passback?adtrue_pzoneid=12953&type=html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://ouo.press/BOt40G
accept-encoding
gzip, deflate, br
cookie
_TRUE_AD_USER_COOKIE_ID=e6bcc2da-9a22-43a4-b774-763c69f53ac6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Referer
https://ouo.press/BOt40G

Response headers

status
200
date
Sun, 26 Jan 2020 17:35:37 GMT
content-type
text/html
content-length
346
server
nginx

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| r7kk function| V6WW function| o8mm function| H4SS boolean| V object| apd_options object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| _0x2a00 function| _0x205b object| adtrue_tags function| generateCb number| adtrue_time number| adtrue_cb object| adtrue_rtb object| q object| qs string| js_code string| k object| recaptcha object| closure_lm_733923 boolean| fifabAlready function| fi_fab object| ADNW

12 Cookies

Domain/Path Name / Value
exchange.adtrue.com/ Name: _TRUE_AD_USER_COOKIE_ID
Value: e6bcc2da-9a22-43a4-b774-763c69f53ac6
ouo.press/ Name: ouoio_session
Value: eyJpdiI6IlZpYzFsNVR0aHpXM3M3bW1COFhyU3BUdFdJWVZvSEhPQzFFb1d2ZnBJS1U9IiwidmFsdWUiOiJrN2crc2xPSUM3MExIVzhTVmhIWGRJS0piU1ZnV0R3K1FuQ0RWUWxuK3dSdTNVdVlkMU9vTFFYZlRNZnRNVWxmOUV2VHlpcnd2cnhkeVg3cllOcWtQQT09IiwibWFjIjoiOTkxOTI1ZjAwODMwODUzYjIzZjNjYTViOWNkYWMzMTk2OWMzZDJhNmQ3NjA3YWExMTg0NjExMmNhNzYwYzU4MCJ9
.adtrue.com/ Name: _gat_gtag_UA_66441855_37
Value: 1
.pubmatic.com/ Name: pp
Value: 155495
.pubmatic.com/ Name: pi
Value: 155495:2
ouo.press/ Name: language
Value: eyJpdiI6ImZNejN3a3ZWajFtVXJnUmVWSjJTZnpLK3lDYmdZcFIzVnpiQ3dYZ2NZMzg9IiwidmFsdWUiOiIrWEJXeER0eHM1YytQbTRjMnJyQVBqdE9mdnVtTEFnVjRpRXpGSkJhMFNzPSIsIm1hYyI6ImY2Y2QxYjIxMTMzYmQwNTE1Zjg4YzdiZTU3MGY5ZDFkODg1N2Y5ZTc2ZGVkY2JiM2I2YTQ1ODU2ZjQyNzBkMTkifQ%3D%3D
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adtrue.com/ Name: _gid
Value: GA1.2.1784176087.1580060138
.google.com/ Name: NID
Value: 196=NgfVarBm3lm_ziiywpjjhCwGRtyCpjawSWIW4oZp3sprJ4UFpASC7qCKPIuEXY_ylB50sqVoYACeFdHooK1ZeVmHexogScSURkL9j-bJMWWRIkNk05HL-bQyARSXoMbauLAYDhN5pkTEbeEYklKEGolMXxneEJEE2483CV9rkwM
.adtrue.com/ Name: _ga
Value: GA1.2.2028546227.1580060138
.ouo.press/ Name: __cfduid
Value: de06a9486b0d69b987ed07c9d21f569951580060134

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.pubmatic.com
aktrack.pubmatic.com
cdn.adtrue.com
connect.facebook.net
ecdn.analysis.fi
exchange.adtrue.com
fonts.googleapis.com
fonts.gstatic.com
mybestdc.com
ouo.io
ouo.press
p220333.clksite.com
sshowads.pubmatic.com
track.adtrue.com
www.facebook.com
www.google.com
www.gstatic.com
172.217.23.166
173.192.101.24
185.64.189.111
212.71.236.117
23.210.249.92
2606:4700:10::6814:28b
2606:4700:10::6814:326f
2606:4700:10::6814:5a19
2a00:1450:4001:806::200a
2a00:1450:4001:81b::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:821::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.201.178.159
54.71.54.95
07a651614bfef3f3a35d9a2ded0de50adaef4671abda32d38958ac4438b46cb6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4b6efc9fe93d6a2075e8363cb6cd1bcb871750b90cce09a964199cf8e0c8a85b
5a1635d7678496755833157aba991c7f38030bce1a8af2016bb1cebfa79574f0
5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5
600b1864aa8c8de3528e9f976167b30aff2bdd817c160a24fcd52dc2ff4aaf34
63162b2deac269a58e7bf557c71920125d3da4db4e0544847dfa9f80cb57e7a8
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
a760e66cc674798753194d94d5322c914bde05c668dbb3a0d72656bbe61eff07
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
d6658b2d062d74e1e1072e565dee895f81b98c8cebf39663757256d04f743660
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daf63a82beb2c5ca576b39b8713a05c8add1097bf4fbfd73a6be865da3d0d136
e43c14a04df3f22886b0b857ed637c2b6fbdedb059323af29aefb177e30aac8e
ecc307c5609f0a0de49a0233949955c43c7b0a5811e77bb8ada675d879f52596
ee19938e3168a25558babd233d2e099afefc4a1e2d35bd7b8514f303ed3735fc
f400cbdda2a79848ddc1cd3351e6910d779eeb299abd1f4eee56993c8deae44e
f8dbb7cda82627ac046439bcd03f2abfe9256e536f9562f33545969466ef5a69