ouo.press Open in urlscan Pro
2606:4700:10::6816:3bfb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ouo.io/9NnvZaS
Effective URL:
https://ouo.press/9NnvZaS
Submission: On June 02 via api (June 2nd 2020, 3:31:12 pm UTC) from US

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 19 domains to perform 47 HTTP transactions. The main IP is 2606:4700:10::6816:3bfb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 26th 2020. Valid for: 6 months.

This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:16a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6816:3bfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	172.255.6.227 172.255.6.227	7979 (SERVERS) (SERVERS)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	142.91.9.135 142.91.9.135	7979 (SERVERS) (SERVERS)
1	2606:4700:303... 2606:4700:3034::ac43:c417	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6814:326f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.71.236.117 212.71.236.117	63949 (LINODE-AP...) (LINODE-AP Linode)
1	185.3.93.184 185.3.93.184	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	54.149.11.161 54.149.11.161	16509 (AMAZON-02) (AMAZON-02)
1	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::5647:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	23.83.126.252 23.83.126.252	7979 (SERVERS) (SERVERS)
1	52.31.6.233 52.31.6.233	16509 (AMAZON-02) (AMAZON-02)
3	72.247.225.32 72.247.225.32	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2.21.37.33 2.21.37.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.184.221.18 54.184.221.18	16509 (AMAZON-02) (AMAZON-02)
1	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	72.247.225.17 72.247.225.17	16625 (AKAMAI-AS) (AKAMAI-AS)
47	28

1 2606:4700:10::6816:16a2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ouo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:3bfb (United States)

ASN13335 (CLOUDFLARENET, US)

ouo.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.227 (Netherlands)

ASN7979 (SERVERS, US)

mugpothop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.91.9.135 (Netherlands)

ASN7979 (SERVERS, US)

video.your-notice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:c417 (United States)

ASN13335 (CLOUDFLARENET, US)

inswebt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:326f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.71.236.117 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-212-71-236-117.london.nodebalancer.linode.com

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.3.93.184 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-185-3-93-184.london.nodebalancer.linode.com

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.11.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-11-161.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cldom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.83.126.252 (Netherlands)

ASN7979 (SERVERS, US)

viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.6.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-6-233.eu-west-1.compute.amazonaws.com

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.247.225.32 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-32.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

sshowads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.37.33 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-33.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.184.221.18 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-221-18.us-west-2.compute.amazonaws.com

track.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.225.17 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-17.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	adtrue.com cdn.adtrue.com exchange.adtrue.com track.adtrue.com	62 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	131 KB
5	pubmatic.com ads.pubmatic.com sshowads.pubmatic.com aktrack.pubmatic.com	18 KB
5	ouo.press ouo.press	29 KB
3	doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	513 B
3	google.com www.google.com adservice.google.com	744 B
2	adnxs.com ib.adnxs.com acdn.adnxs.com	1 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	135 KB
2	firstimpression.io ecdn.firstimpression.io cdn.firstimpression.io	184 KB
2	your-notice.com video.your-notice.com	6 KB
2	googleapis.com fonts.googleapis.com imasdk.googleapis.com	90 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	168 B
1	viadata.store viadata.store cdn.viadata.store Failed	154 KB
1	cldom.com cldom.com	128 B
1	analysis.fi ecdn.analysis.fi	2 KB
1	inswebt.com inswebt.com	4 KB
1	mugpothop.com mugpothop.com	1001 B
1	ouo.io 1 redirects ouo.io	1015 B
47	19

	Domain	Requested by
5	ouo.press	ouo.press
4	pagead2.googlesyndication.com	exchange.adtrue.com pagead2.googlesyndication.com
3	ads.pubmatic.com	exchange.adtrue.com ads.pubmatic.com
3	cdn.adtrue.com	ouo.press sshowads.pubmatic.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	track.adtrue.com	ouo.press exchange.adtrue.com
2	exchange.adtrue.com	ouo.press cdn.adtrue.com
2	video.your-notice.com	ouo.press video.your-notice.com
2	www.google.com	ouo.press www.gstatic.com
1	acdn.adnxs.com	cdn.adtrue.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	ib.adnxs.com	cdn.adtrue.com
1	aktrack.pubmatic.com	sshowads.pubmatic.com
1	sshowads.pubmatic.com	ads.pubmatic.com
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	viadata.store	video.your-notice.com
1	imasdk.googleapis.com	video.your-notice.com
1	cldom.com	inswebt.com
1	ad.doubleclick.net	ouo.press
1	fonts.gstatic.com	ouo.press
1	www.gstatic.com	www.google.com
1	ecdn.firstimpression.io	ouo.press
1	ecdn.analysis.fi	ouo.press
1	inswebt.com	ouo.press
1	mugpothop.com	ouo.press
1	fonts.googleapis.com	ouo.press
1	ouo.io	1 redirects
0	cdn.viadata.store Failed	viadata.store
47	31

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
mugpothop.com Let's Encrypt Authority X3	`2020-05-25` - `2020-08-23`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.your-notice.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-24` - `2020-09-12`	a year	crt.sh
*.adtrue.com COMODO RSA Domain Validation Secure Server CA	`2017-08-04` - `2020-09-02`	3 years	crt.sh
*.analysis.fi Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2021-06-16`	a year	crt.sh
*.firstimpression.io Sectigo RSA Organization Validation Secure Server CA	`2019-11-06` - `2020-12-04`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
cldom.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-19` - `2021-05-19`	a year	crt.sh
*.viadata.store Sectigo RSA Domain Validation Secure Server CA	`2019-11-26` - `2020-11-26`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://ouo.press/9NnvZaS
Frame ID: DAD436907CC2B197C9E02DCF9292FD20
Requests: 18 HTTP requests in this frame

Frame: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/9NnvZaS
Frame ID: EBF525436E0BFF8E8AB5E4C8C372ABE1
Requests: 7 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https://ouo.press/9NnvZaS&cb=2048399455&timeZone=2&adWidth=300&adHeight=250&loc=https://ouo.press/9NnvZaS
Frame ID: 66C7A0CDA77E313ADD06A774B00F4AD4
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=ADnAC3ZykfbIOflWgrKNsVVT&size=invisible&cb=g72svznt9bwf
Frame ID: 3DC66433F76ABDB5C129C934F2B8A810
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 435C39464F8DA29E533EC0DC4A840B2F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C155999E32CD0A80D3B5D6919BD5D60C
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=155495&siteId=562312&adId=2092458&adType=3&adServerId=165&kefact=0.200000&kaxefact=0.200000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1591111851&indirectAdId=1857728&adServerOptimizerId=1&ranreq=0.9139352857902421&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=30&svr=ADS23002&adsver=_2186123560&adsabzcid=0&ekefact=q3DWXlk4CAA2st9sRstdaQgZfP153KBeVlW9tBggDpC4_f4e&ekaxefact=q3DWXm44CAAQ2OcQ6m_jo_0VyuIq8sQweQCgeKCNNFwLGm6S&ekpbmtpfact=q3DWXoE4CADXNaUiMBAEqZS3oFQdDdwtjajACbp1D0eXnwrk&enpp=q3DWXpY4CABmRpW8D676KX2Jh-IQ-7Ki2iM2RBPiqUUM3dIh&crID=0&campaignId=0&isRTB=0&imprId=E5D6AF23-03CA-4416-B7A2-456AF14C95F3&oid=E5D6AF23-03CA-4416-B7A2-456AF14C95F3&cntryId=24&domain=ouo.press&pageURL=ouo.press&sec=1&pmc=0
Frame ID: CDB2C6D4AFAB36D0EE183EBA8868D7F5
Requests: 1 HTTP requests in this frame

Frame: https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2F9NnvZaS&loc=https%3A%2F%2Fouo.press%2F9NnvZaS
Frame ID: BC5F9F88F6A0DA01D274F83E8CDEEADB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 3F22F9CA7533F706FEADF27931AA0D39
Requests: 10 HTTP requests in this frame

Frame: https://track.adtrue.com/track/passback?pzoneid=15005
Frame ID: D008D7433D04194B0D8DA885FDF5FA2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/zrt_lookup.html
Frame ID: 07067AA0A8201FA0543EE5C77FBAEA1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8388909051722168&output=html&h=250&slotname=6695379409&adk=555461213&adf=3407251184&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fouo.press%2F9NnvZaS&ea=0&flash=0&wgl=1&adsid=NT&dt=1591111852079&bpp=26&bdt=505&idt=147&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&correlator=4249963867605&frm=23&ife=1&pv=2&ga_vid=792543425.1591111852&ga_sid=1591111852&ga_hid=475074663&ga_fc=0&iag=15&icsg=2690&nhd=2&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=291&biw=1600&bih=1200&isw=300&ish=250&ifk=129089510&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=4144981449706089&pem=1&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.gqhsx7gmbzm5&fsb=1&dtd=220
Frame ID: 85020A9F2E32021BB3DFB88A5391C3AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 2F8F511E7949DBE3451AD3720D299F66
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 73892CF67637FB5C677B3F5ACDAF80EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ouo.io/9NnvZaS HTTP 302
https://ouo.press/9NnvZaS Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

47
Requests

98 %
HTTPS

50 %
IPv6

19
Domains

31
Subdomains

28
IPs

7
Countries

845 kB
Transfer

2725 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ouo.io/9NnvZaS HTTP 302
https://ouo.press/9NnvZaS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 9NnvZaS Show response
ouo.press/
Redirect Chain

https://ouo.io/9NnvZaS
https://ouo.press/9NnvZaS

8 KB
4 KB

291ms
244ms

Document
text/html

2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4debfac95943eaeddf691d7230406c0e45fba26cd912eb351edd7f2ed932319a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ouo.press
:scheme: https
:path: /9NnvZaS
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jun 2020 15:30:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d91b86a61f63ada88dbfa1bb25784bed91591111849; expires=Thu, 02-Jul-20 15:30:49 GMT; path=/; domain=.ouo.press; HttpOnly; SameSite=Lax ouoio_session=eyJpdiI6IlpBMlwvWUNwRjhrNWVqNlpMbW5qUnZvc3JxY2l6R1B1UHc1UmUzQU1HZWNVPSIsInZhbHVlIjoiaGdlWnY5ODN4R0RibTlxYTZwbHN2YUlJSzhOeGszV2FSeXFcLzNwaFNOaGpjcEFvK293eCtvVXFuc0VWOFFMVFAxeExyc0R4N0ZaaU83XC9BN0xqVjZIZz09IiwibWFjIjoiZTAxNmU5YjJhMTYwZDY4ZWI4OGE0ODY4N2I4OGRlNmY4MjlkMTBkZjRhNDRkODk2MjFjYmQ2NWRhNDViOGIxMSJ9; expires=Tue, 02-Jun-2020 17:26:21 GMT; Max-Age=7200; path=/; httponly language=eyJpdiI6Ik1PV0xvVElDRitrV3hSYWZEMFg4a0xiYnlRMzA2Sms3ckMySEgyQ3VxVms9IiwidmFsdWUiOiJSbjJnYmV0VVwvKzVcL3V5dmVLRG5OQnUxeFFnMjBXUEJVc09tdFlVS01kdDg9IiwibWFjIjoiMjViODAzZDQxNDRhZjUyYTJjMTdjNjc0YmM2ZjZiYjMxYTZlNjY5MzZlYzQ2OTNhMmE0MDk0MjliODllNTNiZSJ9; expires=Sun, 01-Jun-2025 15:26:21 GMT; Max-Age=157680000; path=/; httponly
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 0317412dab0000175ad2172200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59d237c2aeab175a-FRA
content-encoding: br

Redirect headers

status: 302
date: Tue, 02 Jun 2020 15:30:48 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da172debc31ab502c2e952955678cf4e41591111848; expires=Thu, 02-Jul-20 15:30:48 GMT; path=/; domain=.ouo.io; HttpOnly; SameSite=Lax; Secure ouoio_session=eyJpdiI6IlpMcThaeU94aVE5MUxDcWRsXC9aNDdpRnZHUWVNUlMyRktMQnhFQ045UjRvPSIsInZhbHVlIjoiMjVOYjNJXC9yN1wvXC93UDdhcGJYbFFCU0hrMHFkbjZ3ZG9vdVFnMkI2Q2tseVpGeXRuQ0hMaitXQjVhaXhBbXpiR1BicXIxcDhtNEFlZWNnazNcL0JWVFZnPT0iLCJtYWMiOiI0MWI3ZmI4ZjliZDI3NDYyZDA4Zjc3YzEyY2E5N2QzNDU3NjY4OGI4MTk2M2ZiOGIxZTNlOTU5ODU5OTNmNzkyIn0%3D; expires=Tue, 02-Jun-2020 17:26:20 GMT; Max-Age=7200; path=/; httponly language=eyJpdiI6Im1ndGoyMFBNd0piakIyTWtOWHhsMit6S3hySGxWSlk4MnQwclJrOUNuQW89IiwidmFsdWUiOiJCK0tMUE5XVTlVazNXOUVYazZEaEkrM1Izd1J3bkM1cjROaVFMZzRGaXhzPSIsIm1hYyI6IjkwMDNkN2ZlNzY2YjA1ZWJiNjYwNDA5YmU3YmVlNTQ2YjVmNTg0M2Q5OWJkMmY2MDVkMGJhYTY1NjFjNzk5NzcifQ%3D%3D; expires=Sun, 01-Jun-2025 15:26:20 GMT; Max-Age=157680000; path=/; httponly
cache-control: no-cache
location: https://ouo.press/9NnvZaS
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 03174129810000c2b385bba200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59d237bc0fe0c2b3-FRA

GET
H2 200 css
fonts.googleapis.com/ 425 B
426 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: ouo.press
URL: https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c3040da0c417bf4812b0a302b6c8ba55fa040cb5827eacf00d31a2cff4a108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 15:30:49 GMT
server: ESF
date: Tue, 02 Jun 2020 15:30:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jun 2020 15:30:49 GMT

GET
H2 200 bootstrap.css
ouo.press/css/ 107 KB
17 KB 30ms
28ms Stylesheet
text/css 2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/bootstrap.css

Requested by

Host: ouo.press
URL: https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18385
cf-polished: origSize=109522
status: 200
cf-bgj: minify
cf-request-id: 0317412eb00000175ad218b200000001
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 59d237c44b75175a-FRA
expires: Tue, 02 Jun 2020 22:19:56 GMT

GET
H2 200 link-safe.css
ouo.press/css/ 6 KB
2 KB 20ms
18ms Stylesheet
text/css 2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/link-safe.css

Requested by

Host: ouo.press
URL: https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18385
cf-polished: status=cannot_optimize
status: 200
cf-bgj: minify
cf-request-id: 0317412eb00000175ad218c200000001
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 59d237c44b78175a-FRA
expires: Tue, 02 Jun 2020 22:19:56 GMT

GET
H/1.1 200
OK 16562 Show response
mugpothop.com/1clkn/ 0
1001 B 167ms
69ms Script
application/javascript 172.255.6.227
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://mugpothop.com/1clkn/16562
Requested by: Host: ouo.press
URL: https://ouo.press/9NnvZaS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 172.255.6.227 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 15:30:49 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 708 B
576 B 17ms
15ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: ouo.press
URL: https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56dbf9ff7a9b949405598f844a0bd37704fd7f7cb476893b1c3359dcdba2aa07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 1; mode=block
expires: Tue, 02 Jun 2020 15:30:49 GMT

GET
H2 200 html_102001.js Show response
video.your-notice.com/ 5 KB
2 KB 78ms
19ms Script
application/javascript 142.91.9.135
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://video.your-notice.com/html_102001.js
Requested by: Host: ouo.press
URL: https://ouo.press/9NnvZaS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.91.9.135 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7aca274e3cd4d8193a50bbd3b2c6203c23970b110d97c94af1d78856234042f0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jun 2020 15:30:49 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 waWQiOjEwMDQ0OTIsInNpZCI6MTAwODI5NCwid2lkIjo2NTI1Miwic3JjIjoyfQ==eyJ.js Show response
inswebt.com/pw/ 13 KB
4 KB 85ms
27ms Script
application/javascript 2606:4700:3034::ac43:c417
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://inswebt.com/pw/waWQiOjEwMDQ0OTIsInNpZCI6MTAwODI5NCwid2lkIjo2NTI1Miwic3JjIjoyfQ==eyJ.js
Requested by: Host: ouo.press
URL: https://ouo.press/9NnvZaS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c69444a56c8f6ecf008b10b6c1f6d7860a8041bd418a0e4210f57bba20806ed

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:49 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 475
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: max-age=14400
cf-ray: 59d237c4fa71177a-FRA
cf-request-id: 0317412f160000177adc22c200000001

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ 7 KB
3 KB 87ms
1ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: ouo.press
URL: https://ouo.press/9NnvZaS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 03:52:05 GMT
server: cloudflare
age: 18606074
etag: W/"5d941ee5-1c42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 59d237c50cc01776-FRA
cf-request-id: 0317412f26000017769c0f7200000001
expires: Sun, 25 Oct 2020 07:09:35 GMT

GET
H2 200 world.png
ouo.press/images/ 6 KB
6 KB 42ms
38ms Image
image/png 2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ouo.press/images/world.png

Requested by

Host: ouo.press
URL: https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2269630
cf-polished: status=not_needed
status: 200
content-length: 5692
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2015 05:02:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5549a07c-163c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sat, 06 Jun 2020 08:59:50 GMT
cache-control: max-age=2592000
cf-request-id: 0317412ee00000175ad2192200000001
accept-ranges: bytes
cf-ray: 59d237c49c6b175a-FRA
cf-bgj: imgq:85

GET
H2 200 email-decode.min.js Show response
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
836 B 14ms
13ms Script
application/javascript 2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ouo.press
URL: https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:49 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 26 May 2020 17:48:24 GMT
server: cloudflare
etag: W/"5ecd5668-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 59d237c47bd8175a-FRA
cf-request-id: 0317412ec70000175ad218f200000001
expires: Thu, 04 Jun 2020 15:30:49 GMT

GET
H/1.1 200
OK fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 150ms
63ms Script
application/javascript 212.71.236.117
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: ouo.press
URL: https://ouo.press/9NnvZaS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.71.236.117 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-212-71-236-117.london.nodebalancer.linode.com
Software: nginx/1.12.2 /
Resource Hash: affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 15:29:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2015 00:00:00 GMT
Server: nginx/1.12.2
ETag: "55a5a280-560"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: close
Content-Length: 1376
Expires: Tue, 02 Jun 2020 16:29:51 GMT

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 610 KB
183 KB 155ms
49ms Script
text/javascript 185.3.93.184
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: ouo.press
URL: https://ouo.press/9NnvZaS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.3.93.184 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

nb-185-3-93-184.london.nodebalancer.linode.com

Software

nginx/1.12.2 / PHP/7.3.11

Resource Hash

15bda1f477d74f6e7b6624de3d1b691624d6a7f8c376aceeb3c293f5f5a97213

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 15:29:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 01 Jan 2015 00:00:00 GMT
Server: nginx/1.12.2
X-Powered-By: PHP/7.3.11
ETag: 0149d5af3e8e4bc923d5dc92c91b7d42
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
X-XSS-Protection: 0
Expires: Tue, 02 Jun 2020 16:29:41 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/ADnAC3ZykfbIOflWgrKNsVVT/ 309 KB
122 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ADnAC3ZykfbIOflWgrKNsVVT/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

929b173fe5de52e86be43b47db00cf8fce66664a2f3c69b5710664de66ab0ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2020 04:05:55 GMT
server: sffe
age: 81953
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
expires: Tue, 01 Jun 2021 16:44:56 GMT

GET
H2 200 QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2
fonts.gstatic.com/s/questrial/v9/ 13 KB
13 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v9/QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2

Requested by

Host: ouo.press
URL: https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495347eafc1881654163fd276f18415487f16cb282b9695dc03a8b99a4de21b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Questrial
Origin: https://ouo.press

Response headers

date: Mon, 18 May 2020 00:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1348368
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12870
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 23:53:30 GMT
server: sffe
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 May 2021 00:58:01 GMT

GET
H2 200 slider-44.php Show response
video.your-notice.com/ Frame EBF5 12 KB
4 KB 27ms
26ms Script
application/javascript 142.91.9.135
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/9NnvZaS
Requested by: Host: video.your-notice.com
URL: https://video.your-notice.com/html_102001.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.91.9.135 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 184b780902e31797bf99f4dbfd36f4b1ba4490763d4b8ffdb4cac222fb2ba8cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jun 2020 15:30:49 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame 66C7 812 B
1022 B 627ms
163ms Script
application/javascript 54.149.11.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https://ouo.press/9NnvZaS&cb=2048399455&timeZone=2&adWidth=300&adHeight=250&loc=https://ouo.press/9NnvZaS
Requested by: Host: ouo.press
URL: https://ouo.press/9NnvZaS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.11.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-11-161.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 31af3d6d30a1fa2591772702c97d6b5088334f18e9a8b86fc82a313a6a6f9d99

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jun 2020 15:30:50 GMT
server: nginx
x-adtrue-instance: java2
content-length: 812
content-type: application/javascript

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 3DC6 0
0 29ms
29ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=ADnAC3ZykfbIOflWgrKNsVVT&size=invisible&cb=g72svznt9bwf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ADnAC3ZykfbIOflWgrKNsVVT/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7EBjcq/6zodBwjtPV4jYpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=ADnAC3ZykfbIOflWgrKNsVVT&size=invisible&cb=g72svznt9bwf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ouo.press/9NnvZaS
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 02 Jun 2020 15:30:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-7EBjcq/6zodBwjtPV4jYpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9673
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
513 B 107ms
31ms Image
image/x-icon 172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: ouo.press
URL: https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 16:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83709
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 02 Jun 2020 16:15:41 GMT

GET
H2 200 wnload Show response
cldom.com/ 0
128 B 87ms
18ms Fetch
application/javascript 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cldom.com/wnload?a=1&e=aeyJwaWQiOjEwMDQ0OTIsInNpZCI6MTAwODI5NCwid2lkIjo2NTI1MiwiZCI6IiIsImxpIjoyfQ==
Requested by: Host: inswebt.com
URL: https://inswebt.com/pw/waWQiOjEwMDQ0OTIsInNpZCI6MTAwODI5NCwid2lkIjo2NTI1Miwic3JjIjoyfQ==eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jun 2020 15:30:50 GMT
access-control-allow-credentials: true
server: nginx/1.16.1
access-control-allow-origin: *
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EBF5 262 KB
89 KB 170ms
100ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.your-notice.com
URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/9NnvZaS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96cfa4e77c14b7135e5fb0336d2fb4fe92dd2ea803b66294f13986eda80f0b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90781
x-xss-protection: 0
expires: Tue, 02 Jun 2020 15:30:50 GMT

GET
H/1.1 200
OK PLAYER-200128-pack.js Show response
viadata.store/player/ Frame EBF5 710 KB
154 KB 127ms
38ms Script
application/javascript 23.83.126.252
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://viadata.store/player/PLAYER-200128-pack.js
Requested by: Host: video.your-notice.com
URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/9NnvZaS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.83.126.252 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 15:30:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 17:43:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"5e5e975a-b1749"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 3 KB
1 KB 231ms
46ms Script
application/javascript 52.31.6.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2F9NnvZaS&charset=UTF-8&wrapto=firstSpcFetch&ch=17&ref=ouo.press&referer=&_firid=50239855&fiodpe=
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.6.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-6-233.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.3.11
Resource Hash: 7c20defd690c0448cfa8f9657e68b145fe5a933266dec79f173de2b086b778ab

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jun 2020 15:30:50 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.3.11
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=UTF-8
expires: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 66C7 41 KB
16 KB 114ms
45ms Script
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https://ouo.press/9NnvZaS&cb=2048399455&timeZone=2&adWidth=300&adHeight=250&loc=https://ouo.press/9NnvZaS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3c986ca5bf16808da5eb28aa0c0a2641fb828724273f0853c530668c1764199b

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 15:30:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13006b6-a4bb-5a33da6f1a023"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=121064
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 15243
Expires: Thu, 04 Jun 2020 01:08:35 GMT

GET
DATA 200
OK truncated
/ Frame EBF5 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EBF5 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EBF5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 435C 0
0 33ms
31ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ouo.press/9NnvZaS
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=121064
Expires: Thu, 04 Jun 2020 01:08:35 GMT
Date: Tue, 02 Jun 2020 15:30:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame C155 0
0 77ms
37ms Document
text/html 72.247.225.32
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.32 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-32.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ouo.press/9NnvZaS
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=121064
Expires: Thu, 04 Jun 2020 01:08:35 GMT
Date: Tue, 02 Jun 2020 15:30:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame 66C7 7 KB
2 KB 105ms
25ms Script
text/html 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=562312&adId=2092458&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fouo.press%2F9NnvZaS&inIframe=1&kadpageurl=ouo.press&operId=3&sec=1&kltstamp=2020-6-2%2017%3A30%3A51&timezone=2&screenResolution=1600x1200&ranreq=0.9139352857902421&pmUniAdId=0&adVisibility=1&adPosition=291x650&gdpr=1&dspids=%7B%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 84f3e5470a371d1b46ae987c54db3e2c2cebf54af3bfa203bd461cbf480582bc

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 15:30:51 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8

GET
H2 200 prebid3.16.0.js Show response
cdn.adtrue.com/pb/ Frame 66C7 175 KB
56 KB 22ms
19ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid3.16.0.js
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=562312&adId=2092458&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fouo.press%2F9NnvZaS&inIframe=1&kadpageurl=ouo.press&operId=3&sec=1&kltstamp=2020-6-2%2017%3A30%3A51&timezone=2&screenResolution=1600x1200&ranreq=0.9139352857902421&pmUniAdId=0&adVisibility=1&adPosition=291x650&gdpr=1&dspids=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a785b99b44422997eabef556a6326eca4029b66b7f55682ea7bd05ee84e276

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Apr 2020 02:42:42 GMT
server: cloudflare
age: 990938
etag: W/"5e9d0c22-2bc02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 59d237d04c011776-FRA
cf-request-id: 0317413629000017769c1d3200000001
expires: Mon, 17 May 2021 04:15:12 GMT

GET
H/1.1 200
OK AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame CDB2 0
0 77ms
21ms Document
text/html 2.21.37.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=155495&siteId=562312&adId=2092458&adType=3&adServerId=165&kefact=0.200000&kaxefact=0.200000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1591111851&indirectAdId=1857728&adServerOptimizerId=1&ranreq=0.9139352857902421&kpbmtpfact=0.000000&dcId=3&tldId=0&passback=30&svr=ADS23002&adsver=_2186123560&adsabzcid=0&ekefact=q3DWXlk4CAA2st9sRstdaQgZfP153KBeVlW9tBggDpC4_f4e&ekaxefact=q3DWXm44CAAQ2OcQ6m_jo_0VyuIq8sQweQCgeKCNNFwLGm6S&ekpbmtpfact=q3DWXoE4CADXNaUiMBAEqZS3oFQdDdwtjajACbp1D0eXnwrk&enpp=q3DWXpY4CABmRpW8D676KX2Jh-IQ-7Ki2iM2RBPiqUUM3dIh&crID=0&campaignId=0&isRTB=0&imprId=E5D6AF23-03CA-4416-B7A2-456AF14C95F3&oid=E5D6AF23-03CA-4416-B7A2-456AF14C95F3&cntryId=24&domain=ouo.press&pageURL=ouo.press&sec=1&pmc=0
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=155495&siteId=562312&adId=2092458&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fouo.press%2F9NnvZaS&inIframe=1&kadpageurl=ouo.press&operId=3&sec=1&kltstamp=2020-6-2%2017%3A30%3A51&timezone=2&screenResolution=1600x1200&ranreq=0.9139352857902421&pmUniAdId=0&adVisibility=1&adPosition=291x650&gdpr=1&dspids=%7B%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.33 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ouo.press/9NnvZaS
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=155495:2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

Content-Type: text/html
Content-Length: 0
Date: Tue, 02 Jun 2020 15:30:51 GMT
Connection: keep-alive

GET
H2 200 request
track.adtrue.com/track/ Frame BC5F 0
0 578ms
192ms Document
text/html 54.184.221.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2F9NnvZaS&loc=https%3A%2F%2Fouo.press%2F9NnvZaS
Requested by: Host: ouo.press
URL: https://ouo.press/9NnvZaS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.184.221.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-184-221-18.us-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2F9NnvZaS&loc=https%3A%2F%2Fouo.press%2F9NnvZaS
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ouo.press/9NnvZaS
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

status: 200
date: Tue, 02 Jun 2020 15:30:52 GMT
content-type: text/html
server: nginx/1.10.3 (Ubuntu)
x-host-name: java4
content-encoding: gzip

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 66C7 142 B
1 KB 115ms
66ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid3.16.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6fdc8659f74286c05576fdad669e14d4ae7211af9ac6f7c167a901957a6a95e0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Jun 2020 15:30:53 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.164:80
AN-X-Request-Uuid: 32750cd4-1011-4611-a921-19a877e1d0f0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame 3F22 692 B
550 B 13ms
12ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: ouo.press
URL: https://ouo.press/9NnvZaS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c32ef61412692fadee5b42c0b9fad18bc296d8e9ce79346bbec5232d32a3b184

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 06:49:22 GMT
server: cloudflare
age: 21629259
etag: W/"5833ea72-2b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 59d237d1bfa61776-FRA
cf-request-id: 0317413710000017769c1fb200000001
expires: Sun, 20 Sep 2020 07:23:12 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame 3F22 722 B
809 B 180ms
180ms Script
application/javascript 54.149.11.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=15005&divid=349821807
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.11.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-11-161.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b16f11e1ad47c8967d745c5f2a2050a722d777ef2eb2c8b003f335fae5ef6ebb

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jun 2020 15:30:51 GMT
server: nginx
content-length: 722
content-type: application/javascript

GET vid_102001.mp4
cdn.viadata.store/video/ Frame EBF5 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3F22 107 KB
38 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=15005&divid=349821807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f16af5d28b0b52df9244610cfd9b5abd07c65d6d2670aaba3c1b8059c4494812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39241
x-xss-protection: 0
server: cafe
etag: 3772199778743822934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 02 Jun 2020 15:30:52 GMT

GET
H2 200 passback
track.adtrue.com/track/ Frame D008 0
0 167ms
164ms Document
text/html 54.184.221.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/passback?pzoneid=15005
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=15005&divid=349821807
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.184.221.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-184-221-18.us-west-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/passback?pzoneid=15005
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ouo.press/9NnvZaS
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

status: 200
date: Tue, 02 Jun 2020 15:30:52 GMT
content-type: text/html
content-length: 0
server: nginx/1.10.3 (Ubuntu)
x-host-name: java4

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3F22 109 B
168 B 20ms
18ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ouo.press

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Jun 2020 15:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3F22 109 B
168 B 21ms
19ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ouo.press

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Jun 2020 15:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/ Frame 3F22 218 KB
82 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f78ab01c230d1137acf6ddd944b8c74ca55fc21f93495c875a21428e4d2c0408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83908
x-xss-protection: 0
server: cafe
etag: 18422230976395592926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jun 2020 15:30:52 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/ Frame 0706 0
0 11ms
10ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200526/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ouo.press/9NnvZaS
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 26 May 2020 23:49:31 GMT
expires: Tue, 09 Jun 2020 23:49:31 GMT
content-type: text/html; charset=UTF-8
etag: 17826495148367054107
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4284
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 574881
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 8502 0
0 24ms
23ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8388909051722168&output=html&h=250&slotname=6695379409&adk=555461213&adf=3407251184&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fouo.press%2F9NnvZaS&ea=0&flash=0&wgl=1&adsid=NT&dt=1591111852079&bpp=26&bdt=505&idt=147&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&correlator=4249963867605&frm=23&ife=1&pv=2&ga_vid=792543425.1591111852&ga_sid=1591111852&ga_hid=475074663&ga_fc=0&iag=15&icsg=2690&nhd=2&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=291&biw=1600&bih=1200&isw=300&ish=250&ifk=129089510&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=4144981449706089&pem=1&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.gqhsx7gmbzm5&fsb=1&dtd=220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8388909051722168&output=html&h=250&slotname=6695379409&adk=555461213&adf=3407251184&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fouo.press%2F9NnvZaS&ea=0&flash=0&wgl=1&adsid=NT&dt=1591111852079&bpp=26&bdt=505&idt=147&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&correlator=4249963867605&frm=23&ife=1&pv=2&ga_vid=792543425.1591111852&ga_sid=1591111852&ga_hid=475074663&ga_fc=0&iag=15&icsg=2690&nhd=2&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=291&biw=1600&bih=1200&isw=300&ish=250&ifk=129089510&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=4144981449706089&pem=1&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.gqhsx7gmbzm5&fsb=1&dtd=220
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ouo.press/9NnvZaS
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 02 Jun 2020 15:30:52 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Jun-2020 15:45:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F22 73 KB
27 KB 52ms
48ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1590752365362815"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27673
x-xss-protection: 0
expires: Tue, 02 Jun 2020 15:30:52 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3F22 7 KB
5 KB 20ms
19ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200526&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30cd8edb4a71dc3b64565cda72a968e165324be35319563aa279c6787394a96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Jun 2020 15:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5539
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F22 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 15:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Tue, 02 Jun 2020 15:30:52 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 2F8F 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ouo.press/9NnvZaS
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 02 Jun 2020 15:25:50 GMT
expires: Wed, 02 Jun 2021 15:25:50 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 302
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F22 0
55 B 42ms
41ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200526&jk=4144981449706089&bg=!QEOlQ1tYqJG_ErXK-R8CAAAAllIAAAAWmQGXRULOrNA4yQZ9vIxN4-fOFH7640GUmG9PMYGT_nXz2aUyIZAB929OU0oUdPPO4oKqH96J6WHGe5PHFcp69sbHAThotoNfmwaXy9ic--NovsxCmtFmmJZQ-jjlQtj_jbtrL9aNgAvvCRtPYjk0eCZfVtwYoyV2ckOqr61XkqG9JK13Zat9r_DxqdHwuP9aFS1MLZZ79vHNKAfNZLrUwunDcLih8Bk4_fVdyShWjO7PQ79tN0dD1P7OnEpk99kf2Z2uk5Z8lntVPHCGo_QmRnoPW64WfW3rRLb2JV74BoSf-V-Z2acQjd_gfU7629X6rOpuusOZW5adY2pExS034Uyadx8UDS14-5ArhwVTMErFCGHiKdieQn_rnOBbEqFV6gLOkuZDfzJU9O24dctGleGD-eyKk9KHywupOa2rzuHM7gDpyj3mr7dva1WAcWJJtFfSmdMVsBk3-wauJJ2aiK0kL4lFeAKUX-ouj1VKyOWKEg4tRi8sWCa-JMvmFLZL9wDTbuhcbCz6-E-_RfmFYa7DwH3-x5mk_5k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/9NnvZaS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jun 2020 15:30:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7389 0
0 91ms
31ms Document
text/html 72.247.225.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid3.16.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.17 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-17.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ouo.press/9NnvZaS
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIz5I0EAoYASABKAEwreHZ9gU4AUABSAEQreHZ9gUYAA..; uuid2=5436240001281605219
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ouo.press/9NnvZaS

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 02 Jun 2021 15:30:55 GMT
Date: Tue, 02 Jun 2020 15:30:55 GMT
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.viadata.store
URL: https://cdn.viadata.store/video/vid_102001.mp4

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 09:58:32	Name: test_cookie Value: CheckForPermission
.adtrue.com/	1970-01-19 09:58:31	Name: _gat_gtag_UA_66441855_39 Value: 1
.adtrue.com/	1970-01-19 09:59:58	Name: _gid Value: GA1.2.179382970.1591111852
.adtrue.com/	1970-01-20 03:29:43	Name: _ga Value: GA1.2.877820270.1591111852

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/9NnvZaS(Line 240) Message: +++++ videbug = 0
console-api	log	URL: https://viadata.store/player/PLAYER-200128-pack.js(Line 632) Message: vast type = preroll
console-api	log	URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/9NnvZaS(Line 145) Message: ENDOFWATERFALL
console-api	log	URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/9NnvZaS(Line 192) Message: +++++ CLOSE NOW ALL ! 8-)
console-api	log	URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/9NnvZaS(Line 196) Message: +++++ We Close Today!
console-api	log	URL: https://video.your-notice.com/html_102001.js(Line 76) Message: +++++ None
console-api	log	URL: https://video.your-notice.com/html_102001.js(Line 89) Message: [object MessageEvent]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
cdn.adtrue.com
cdn.firstimpression.io
cdn.viadata.store
cldom.com
ecdn.analysis.fi
ecdn.firstimpression.io
exchange.adtrue.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
inswebt.com
mugpothop.com
ouo.io
ouo.press
pagead2.googlesyndication.com
sshowads.pubmatic.com
tpc.googlesyndication.com
track.adtrue.com
viadata.store
video.your-notice.com
www.google.com
www.googletagservices.com
www.gstatic.com
cdn.viadata.store
142.91.9.135
172.217.22.6
172.255.6.227
185.3.93.184
185.64.190.75
2.21.37.33
212.71.236.117
23.83.126.252
2606:4700:10::6814:326f
2606:4700:10::6816:16a2
2606:4700:10::6816:3bfb
2606:4700:3034::ac43:c417
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:809::2001
2a00:1450:4001:815::200a
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::200a
2a00:1450:4001:820::2003
2a02:b4a:1:7::5647:1
37.252.173.38
52.31.6.233
54.149.11.161
54.184.221.18
72.247.225.17
72.247.225.32
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1
15bda1f477d74f6e7b6624de3d1b691624d6a7f8c376aceeb3c293f5f5a97213
184b780902e31797bf99f4dbfd36f4b1ba4490763d4b8ffdb4cac222fb2ba8cd
1c69444a56c8f6ecf008b10b6c1f6d7860a8041bd418a0e4210f57bba20806ed
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685
30cd8edb4a71dc3b64565cda72a968e165324be35319563aa279c6787394a96c
31af3d6d30a1fa2591772702c97d6b5088334f18e9a8b86fc82a313a6a6f9d99
38a785b99b44422997eabef556a6326eca4029b66b7f55682ea7bd05ee84e276
3c986ca5bf16808da5eb28aa0c0a2641fb828724273f0853c530668c1764199b
495347eafc1881654163fd276f18415487f16cb282b9695dc03a8b99a4de21b5
4debfac95943eaeddf691d7230406c0e45fba26cd912eb351edd7f2ed932319a
56dbf9ff7a9b949405598f844a0bd37704fd7f7cb476893b1c3359dcdba2aa07
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c3040da0c417bf4812b0a302b6c8ba55fa040cb5827eacf00d31a2cff4a108f
6fdc8659f74286c05576fdad669e14d4ae7211af9ac6f7c167a901957a6a95e0
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
7aca274e3cd4d8193a50bbd3b2c6203c23970b110d97c94af1d78856234042f0
7c20defd690c0448cfa8f9657e68b145fe5a933266dec79f173de2b086b778ab
84f3e5470a371d1b46ae987c54db3e2c2cebf54af3bfa203bd461cbf480582bc
929b173fe5de52e86be43b47db00cf8fce66664a2f3c69b5710664de66ab0ba0
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
96cfa4e77c14b7135e5fb0336d2fb4fe92dd2ea803b66294f13986eda80f0b47
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b16f11e1ad47c8967d745c5f2a2050a722d777ef2eb2c8b003f335fae5ef6ebb
c32ef61412692fadee5b42c0b9fad18bc296d8e9ce79346bbec5232d32a3b184
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f16af5d28b0b52df9244610cfd9b5abd07c65d6d2670aaba3c1b8059c4494812
f78ab01c230d1137acf6ddd944b8c74ca55fc21f93495c875a21428e4d2c0408

ouo.press Open in urlscan Pro 2606:4700:10::6816:3bfb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

50 %IPv6

19 Domains

31 Subdomains

28 IPs

7 Countries

845 kBTransfer

2725 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ouo.press Open in urlscan Pro
2606:4700:10::6816:3bfb Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

50 %
IPv6

19
Domains

31
Subdomains

28
IPs

7
Countries

845 kB
Transfer

2725 kB
Size

4
Cookies

47 HTTP transactions
3 data transactions