Submitted URL: http://gg.gg/fcus2
Effective URL: https://ouo.io/LdIclC
Submission: On November 04 via manual from US

Summary

This website contacted 18 IPs in 5 countries across 18 domains to perform 34 HTTP transactions. The main IP is 2606:4700:10::ac43:697, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.
This is the only time ouo.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.224.140.71 52000 (MIRHOSTING)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 37.187.207.148 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
3 142.91.9.135 7979 (SERVERS-COM)
8 104.19.133.80 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 192.243.59.12 39572 (ADVANCEDH...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.151 9002 (RETN-AS)
2 173.237.61.68 7979 (SERVERS-COM)
1 104.19.138.80 13335 (CLOUDFLAR...)
34 18
Domain Requested by
5 ouo.io ouo.io
3 video.your-notice.com ouo.io
video.your-notice.com
2 cdn.adskeeper.co.uk ouo.io
2 cm.adskeeper.co.uk jsc.adskeeper.co.uk
2 fonts.gstatic.com fonts.googleapis.com
2 de.betano.com 1 redirects ouo.io
2 gml-grp.com 2 redirects
2 www.google.com ouo.io
www.gstatic.com
2 fonts.googleapis.com ouo.io
1 vids.viaplays.com cdn.viaplays.com
1 c.adskeeper.co.uk ouo.io
1 cm.steepto.com ouo.io
1 s-img.adskeeper.co.uk ouo.io
1 cdn.viaplays.com video.your-notice.com
cdn.viaplays.com
1 kerumal.com video.your-notice.com
1 servicer.adskeeper.co.uk jsc.adskeeper.co.uk
1 www.google-analytics.com ouo.io
1 xml.revrtb.net 1 redirects
1 zap.buzz 1 redirects
1 imp8.bidgear.com platform.bidgear.com
1 wvhba6470p.com platform.bidgear.com
1 platform.bidgear.com ouo.io
1 www.gstatic.com www.google.com
1 jsc.adskeeper.co.uk ouo.io
1 prosumsit.com ouo.io
1 gg.gg 1 redirects
34 26

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
www.adskeeper.co.uk
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-17 -
2021-08-17
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
prosumsit.com
Let's Encrypt Authority X3
2020-09-29 -
2020-12-28
3 months crt.sh
www.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
your-notice.com
Let's Encrypt Authority X3
2020-09-12 -
2020-12-11
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
wvhba6470p.com
Let's Encrypt Authority X3
2020-09-11 -
2020-12-10
3 months crt.sh
*.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-20 -
2021-01-12
3 months crt.sh
kerumal.com
Sectigo RSA Domain Validation Secure Server CA
2019-12-05 -
2020-12-15
a year crt.sh
cdn.viaplays.com
Let's Encrypt Authority X3
2020-10-22 -
2021-01-20
3 months crt.sh
vids.viaplays.com
Let's Encrypt Authority X3
2020-10-22 -
2021-01-20
3 months crt.sh

This page contains 6 frames:

Primary Page: https://ouo.io/LdIclC
Frame ID: 8BF5CF2F41B90E0146BA185D09327D63
Requests: 27 HTTP requests in this frame

Frame: https://de.betano.com/deals/book-of-dead-slot-500euro-bonus?siteid=795
Frame ID: AB1533A8BC782035ED172A4A166AF15D
Requests: 1 HTTP requests in this frame

Frame: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.io/LdIclC
Frame ID: D57E8C1206F3F67B4F7E859A437924A2
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8uaW86NDQz&hl=en&v=1AZgzF1o3OlP73CVr69UmL65&size=invisible&cb=5psnovkbyaze
Frame ID: 45809869511EB7F0D7DBEB253A2CF894
Requests: 1 HTTP requests in this frame

Frame: https://kerumal.com/4/3516249/?&var=102001
Frame ID: 4A52B29C82BB13E9BCC801E9DB6C2272
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1604503614589154288416
Frame ID: 0463F96EABE9BDCE6DB78E0093131C65
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://gg.gg/fcus2 HTTP 301
    https://ouo.io/LdIclC Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

34
Requests

97 %
HTTPS

62 %
IPv6

18
Domains

26
Subdomains

18
IPs

5
Countries

475 kB
Transfer

1606 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gg.gg/fcus2 HTTP 301
    https://ouo.io/LdIclC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://zap.buzz/2X6 HTTP 302
  • https://xml.revrtb.net/redirect?feed=177186&auth=Vkfn78&pubid=93310 HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_795b_573c_&affid=434&siteid=795&adid=573&c=dc2v224619 HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_795b_573c_&affid=434&siteid=795&adid=573&c=dc2v224619&AutoR=1 HTTP 302
  • https://de.betano.com/deals/book-of-dead-slot-500euro-bonus?btag=a_795b_573c_dc2v224619&siteid=795 HTTP 302
  • https://de.betano.com/deals/book-of-dead-slot-500euro-bonus?siteid=795

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request LdIclC
ouo.io/
Redirect Chain
  • http://gg.gg/fcus2
  • https://ouo.io/LdIclC
7 KB
4 KB
Document
General
Full URL
https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c5bee85f9121b5238bf9044fade7df525fa09cf3bb490247ce172a9c3f3199d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ouo.io
:scheme
https
:path
/LdIclC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 04 Nov 2020 15:26:53 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9313dc759c1c3948e40b80556d66dc9e1604503613; expires=Fri, 04-Dec-20 15:26:53 GMT; path=/; domain=.ouo.io; HttpOnly; SameSite=Lax; Secure ouoio_session=eyJpdiI6IkF5eVVOZkF3eFZFVzNKVFR1NU9BWnVNVGZkRVl3TG5ic1lGVGdoT3I0aDQ9IiwidmFsdWUiOiJuNW5cL2c5dms5UkhtMWlCY2FiTGpNMkM0bEVDZkFkK2hkcHZyOW9PUXBudVNncFpZRVlYMXZ5OXU3YkJHOUVFZ1FcL0FyaXdQaUZ2QUp4VWYybWZKYWxRPT0iLCJtYWMiOiJlNjBmMGExN2ZhZDQ4MGMyMjZmZmMyZWRiZDY5Njc3NThlNWQyZjkwNTkyNGMzYjYwMTk4NTYxZWUyNjFkZDY4In0%3D; expires=Wed, 04-Nov-2020 17:18:31 GMT; Max-Age=7200; path=/; httponly language=eyJpdiI6IjZPNVpoazFFXC9QQlN5ZHRhZjB5YXdLWWZ4UjV0YWhUMG5kXC9yQTFcL3dEZW89IiwidmFsdWUiOiJvUk5YckJhc2JPT3E5VjVyUCt6R0V5NWoyZHhPMUdCeTVSVEZBdEVmRDNjPSIsIm1hYyI6ImM4ZGFkMTM0MzFmMzIwYjk2MmRmNDk2YjBiNTY2MzBkMjQxYTk0MmJlZjNjMzc5N2ZmYzkxNWVmOWM1YTM3YzgifQ%3D%3D; expires=Mon, 03-Nov-2025 15:18:31 GMT; Max-Age=157680000; path=/; httponly
cache-control
no-cache
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
063577480c0000dfdfb53c0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ecf5b201d97dfdf-FRA
content-encoding
br

Redirect headers

Date
Wed, 04 Nov 2020 15:26:53 GMT
Server
Apache/2.2.22 (@RELEASE@)
X-Powered-By
PHP/5.3.3
Set-Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22580a4a126e36a59641cb3351c183c198%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22194.99.105.99%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1604503613%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D019f860b627347fd4202f3ca02746cc5; expires=Wed, 04-Nov-2020 17:26:53 GMT; path=/ gg_token=cf9b361b6cab01411e0bcf658d45e00f5fa2c83d63be28.08199934; expires=Tue, 02-Feb-2021 15:26:53 GMT; path=/; domain=.gg.gg
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Wed, 04 Nov 2020 15:26:53 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Location
https://ouo.io/LdIclC
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/
1 KB
542 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40cb4096f87c9c725a5fc85f5283c482f585322741da6da45196842c37c8f3a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Nov 2020 15:11:31 GMT
server
ESF
date
Wed, 04 Nov 2020 15:26:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Nov 2020 15:26:53 GMT
bootstrap.css
ouo.io/css/
107 KB
17 KB
Stylesheet
General
Full URL
https://ouo.io/css/bootstrap.css
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1059
cf-polished
origSize=109522
status
200
cf-request-id
06357748f80000dfdfb90e7000000001
expires
Thu, 05 Nov 2020 03:00:52 GMT
last-modified
Sat, 14 Feb 2015 06:58:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"54def1fc-1abd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=86400
cf-ray
5ecf5b218968dfdf-FRA
cf-bgj
minify
link.css
ouo.io/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://ouo.io/css/link.css
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3260d6dec2a713f4a33471470384ba087dbcbc6400c4963d40ddf57508b724e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
28972
cf-polished
status=cannot_optimize
status
200
cf-bgj
minify
cf-request-id
06357748fa0000dfdfadab5000000001
last-modified
Wed, 02 Oct 2019 21:46:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=86400
cf-ray
5ecf5b21896adfdf-FRA
expires
Wed, 04 Nov 2020 19:15:39 GMT
13128
prosumsit.com/1clkn/
0
995 B
Script
General
Full URL
https://prosumsit.com/1clkn/13128
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
37.187.207.148 , France, ASN16276 (OVH, FR),
Reverse DNS
ip148.ip-37-187-207.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:26:53 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
api.js
www.google.com/recaptcha/
884 B
679 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ff9993b243f9c992e3201e01b31f2324ce167856ca7a0c427b4ac3cee89c1aef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Wed, 04 Nov 2020 15:26:53 GMT
html_102001.js
video.your-notice.com/
6 KB
2 KB
Script
General
Full URL
https://video.your-notice.com/html_102001.js
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8ed6f29c84f997e5091d538100d01a59ee98e31940162bdd9cfec890706f83f2

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 04 Nov 2020 15:26:53 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
ouo.io.911115.js
jsc.adskeeper.co.uk/o/u/
289 KB
79 KB
Script
General
Full URL
https://jsc.adskeeper.co.uk/o/u/ouo.io.911115.js
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c2619e4b7c7db6b4c53ea73813516816f4fe480e8ca92af6b2ed3278601d1c8

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:53 GMT
content-encoding
br
cf-cache-status
HIT
age
2476
cf-polished
origSize=295949
status
200
last-modified
Tue, 03 Nov 2020 11:51:42 GMT
x-amz-request-id
5A1FA3E8C9E5B8AC
x-amz-id-2
/SZmYSl+MmILUpaURxowYcOz6tcLGBTnMIBWEjjIgdxTonOQwnPm+iASpVAMiy2LM4959ObDg8I=
cf-bgj
minify
server
cloudflare
etag
W/"13f0ea88fd267f7b0e72d008285a0cad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-request-id
063577499e0000fa442617c000000001
cf-ray
5ecf5b229cb6fa44-AMS
expires
Wed, 04 Nov 2020 19:26:53 GMT
world.png
ouo.io/images/
4 KB
4 KB
Image
General
Full URL
https://ouo.io/images/world.png
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faaa72fbc8dcd75ce8ed5341248ef23162736a6daeb707702abcfaaeec93a4ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
31838
cf-polished
origFmt=png, origSize=5692
status
200
content-disposition
inline; filename="world.webp"
content-length
4026
x-xss-protection
1; mode=block
last-modified
Wed, 06 May 2015 05:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5549a07c-163c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 04 Dec 2020 06:27:53 GMT
cache-control
max-age=2592000
cf-request-id
063577491f0000dfdfbb2a4000000001
accept-ranges
bytes
cf-ray
5ecf5b21ca02dfdf-FRA
cf-bgj
imgq:85,h2pri
gan.js
ouo.io/ga/
45 KB
18 KB
Script
General
Full URL
https://ouo.io/ga/gan.js
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7d7885d718acc0d809960c44d811d17cd0e87f6f0aee27370d605185cf51b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
30475
cf-polished
origSize=45958
status
200
cf-request-id
063577491f0000dfdfd9016000000001
expires
Wed, 04 Nov 2020 18:50:37 GMT
last-modified
Thu, 02 Jul 2020 14:36:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5efdf106-b386"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=86400
cf-ray
5ecf5b21ca03dfdf-FRA
cf-bgj
minify
recaptcha__en.js
www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/
344 KB
136 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd828162a2e54e24de6f167733fea047e61317ac2f573b83b75589bcbe00e6af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ouo.io
Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 14:24:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3727
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138367
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 19:55:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Nov 2021 14:24:46 GMT
ads.php
platform.bidgear.com/
539 B
1 KB
Script
General
Full URL
https://platform.bidgear.com/ads.php?domainid=2439&sizeid=16&zoneid=4070&k=1604503613722
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31f2ae6ee300f29af5f6c02deff40450d2dcb7a9cf8dd11a52c8f52dc136f7fc

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Wed, 04 Nov 2020 15:26:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fLa0lzeKVnbCVb%2BCQ5IfOCkHVHTwB%2BKmsRB9rtDc6Qi7UGzSljiJcpwOpQxQofa33k4PMIRzlnRjUj0Z4gL8QCk7d%2FSCpm8UsY4fzBGrtfKw7ax66b2p37pyOWXwIKBMjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
5ecf5b21eb012ba1-FRA
cf-request-id
063577493600002ba1221f5000000001
expires
0
1cdde0cc51985a226cc7ea063734d324.js
wvhba6470p.com/1c/dd/e0/
0
0
Script
General
Full URL
https://wvhba6470p.com/1c/dd/e0/1cdde0cc51985a226cc7ea063734d324.js
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?domainid=2439&sizeid=16&zoneid=4070&k=1604503613722
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 04 Nov 2020 15:26:54 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
rec
imp8.bidgear.com/
599 B
911 B
Image
General
Full URL
https://imp8.bidgear.com/rec?t=1&z=4070&p=6dd108d1e37045888e7cab9717810c4d&token=4a4433543251483336527837773277343037303664643130386431653337303435383838653763616239373137383130633464d41d8cd98f00b204e9800998ecf8427e
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?domainid=2439&sizeid=16&zoneid=4070&k=1604503613722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XHa22vUeam4Cc1DMK8jI4oFZqqLH%2F9tEEiLFA5GB4ud%2FnXyZrU2mLGA8x9b5mvbMu3qQQ9QANcFGDYBSnmnhLXcG7dlce9Gntjr12U0WB0iZFQGcCGnOfUOSxkgD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
status
200
cf-ray
5ecf5b22dd412ba1-FRA
content-length
599
cf-request-id
06357749c400002ba134972000000001
book-of-dead-slot-500euro-bonus
de.betano.com/deals/ Frame AB15
Redirect Chain
  • https://zap.buzz/2X6
  • https://xml.revrtb.net/redirect?feed=177186&auth=Vkfn78&pubid=93310
  • https://gml-grp.com/C.ashx?btag=a_795b_573c_&affid=434&siteid=795&adid=573&c=dc2v224619
  • https://gml-grp.com/C.ashx?btag=a_795b_573c_&affid=434&siteid=795&adid=573&c=dc2v224619&AutoR=1
  • https://de.betano.com/deals/book-of-dead-slot-500euro-bonus?btag=a_795b_573c_dc2v224619&siteid=795
  • https://de.betano.com/deals/book-of-dead-slot-500euro-bonus?siteid=795
0
0
Document
General
Full URL
https://de.betano.com/deals/book-of-dead-slot-500euro-bonus?siteid=795
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
de.betano.com
:scheme
https
:path
/deals/book-of-dead-slot-500euro-bonus?siteid=795
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ouo.io/LdIclC
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
btag=a_795b_573c_dc2v224619
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ouo.io/LdIclC

Response headers

status
200
date
Wed, 04 Nov 2020 15:26:55 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d73b40b403c47ccd25173f8272b9460de1604503615; expires=Fri, 04-Dec-20 15:26:55 GMT; path=/; domain=.betano.com; HttpOnly; SameSite=Lax; Secure sticky=stx39.053
vary
Accept-Encoding
x-farm
ce4
age
0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
cf-cache-status
DYNAMIC
cf-request-id
0635774fd70000d6bdcaa3b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ecf5b2c8acdd6bd-FRA
content-encoding
br

Redirect headers

status
302
date
Wed, 04 Nov 2020 15:26:55 GMT
content-type
text/html; charset=utf-8
content-length
166
set-cookie
__cfduid=d73b40b403c47ccd25173f8272b9460de1604503615; expires=Fri, 04-Dec-20 15:26:55 GMT; path=/; domain=.betano.com; HttpOnly; SameSite=Lax; Secure btag=a_795b_573c_dc2v224619; domain=.betano.com; expires=Fri, 04-Dec-2020 15:26:55 GMT; path=/; secure; HttpOnly; SameSite=None sticky=stx15.883
location
/deals/book-of-dead-slot-500euro-bonus?siteid=795
x-farm
ce4
x-cacheable-status
302
age
0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
cf-cache-status
DYNAMIC
cf-request-id
0635774f910000d6bd5225f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ecf5b2c19dbd6bd-FRA
QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2
fonts.gstatic.com/s/questrial/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/questrial/v12/QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c0a7a26103f8ea912875c9144943241e7d33c3f544da46d76a6d71d3c234fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ouo.io
Referer
https://fonts.googleapis.com/css?family=Questrial
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 11:21:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 23:51:03 GMT
server
sffe
age
446748
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12944
x-xss-protection
0
expires
Sat, 30 Oct 2021 11:21:06 GMT
css
fonts.googleapis.com/
25 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Nov 2020 14:38:39 GMT
server
ESF
date
Wed, 04 Nov 2020 15:26:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Nov 2020 15:26:54 GMT
truncated
/
632 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
slider_in_page.php
video.your-notice.com/
2 KB
613 B
Script
General
Full URL
https://video.your-notice.com/slider_in_page.php?iu=102001&v=lite
Requested by
Host: video.your-notice.com
URL: https://video.your-notice.com/html_102001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5b88d7c7dc55ad42193036790715f8bd6a49dbc60f3d78668e91518e4c84b96f

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 04 Nov 2020 15:26:54 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
slider-44.php
video.your-notice.com/ Frame D57E
11 KB
4 KB
Script
General
Full URL
https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.io/LdIclC
Requested by
Host: video.your-notice.com
URL: https://video.your-notice.com/html_102001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bf394fb33aa50c7f8b5d44137c209fd0fc0beeb21174b16ca353a3c83451d207

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 04 Nov 2020 15:26:54 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ouo.io
Referer
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 23:06:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
490840
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 29 Oct 2021 23:06:14 GMT
anchor
www.google.com/recaptcha/api2/ Frame 4580
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8uaW86NDQz&hl=en&v=1AZgzF1o3OlP73CVr69UmL65&size=invisible&cb=5psnovkbyaze
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D4MJ3L0b8Dpg2hNe7RCnPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8uaW86NDQz&hl=en&v=1AZgzF1o3OlP73CVr69UmL65&size=invisible&cb=5psnovkbyaze
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ouo.io/LdIclC
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ouo.io/LdIclC

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 04 Nov 2020 15:26:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-D4MJ3L0b8Dpg2hNe7RCnPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9898
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/r/
35 B
197 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1113430259&t=pageview&_s=1&dl=https%3A%2F%2Fouo.io%2FLdIclC&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20ouo.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=576321731&gjid=1974768938&cid=1050837468.1604503614&tid=UA-24098524-7&_gid=85751858.1604503614&_r=1&z=1308430796
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Nov 2020 15:26:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
servicer.adskeeper.co.uk/911115/
1016 B
1 KB
Script
General
Full URL
https://servicer.adskeeper.co.uk/911115/1?w=495&h=367&cols=1&pv=5&cbuster=1604503614477650073176&uniqId=156c8&childs=911676,911677,911679&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fouo.io%2FLdIclC&lu=https%3A%2F%2Fouo.io%2FLdIclC&pageView=1&pvid=17593de340ea67130de&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.io.911115.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2395927724838230aa4924cef62a3eecf93246f2aea57612f77b94aaf3a1024e

Request headers

Referer
https://ouo.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Nov 2020 15:26:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
5ecf5b26ad14fa44-AMS
content-type
application/x-javascript; charset=utf-8
cf-request-id
0635774c2b0000fa44302bb000000001
Cookie set /
kerumal.com/4/3516249/ Frame 4A52
0
0
Document
General
Full URL
https://kerumal.com/4/3516249/?&var=102001
Requested by
Host: video.your-notice.com
URL: https://video.your-notice.com/slider_in_page.php?iu=102001&v=lite
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.151 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
kerumal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ouo.io/LdIclC
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ouo.io/LdIclC

Response headers

Server
nginx
Date
Wed, 04 Nov 2020 15:26:54 GMT
Content-Type
text/html; charset=utf8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
* *
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
Timing-Allow-Origin
*
X-Trace-Id
16971b73ca6a5a6e6cabc82206b11bc4
Link
<https://propeller-tracking.com>; rel="dns-prefetch preconnect",<//>; rel="dns-prefetch preconnect"
Set-Cookie
OAID=585700a29a124f7483b1d262b5fa1530; expires=Thu, 04 Nov 2021 15:26:54 GMT; secure; SameSite=None oaidts=1604503614; expires=Thu, 04 Nov 2021 15:26:54 GMT; secure; SameSite=None
Content-Encoding
gzip
PLAYER-200128-pack.js
cdn.viaplays.com/static/ Frame D57E
710 KB
154 KB
Script
General
Full URL
https://cdn.viaplays.com/static/PLAYER-200128-pack.js
Requested by
Host: video.your-notice.com
URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.61.68 Dallas, United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 17:43:54 GMT
server
nginx
etag
W/"5e5e975a-b1749"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
status
200
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
i.js
cm.adskeeper.co.uk/
113 B
223 B
Script
General
Full URL
https://cm.adskeeper.co.uk/i.js?&cbuster=1604503614585546735112
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.io.911115.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bf0f5f24a36d5802ca771504acdcc3a87aeaf464a5c5949723af0434e9a4dd9

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5ecf5b275e86fa44-AMS
pragma
no-cache
date
Wed, 04 Nov 2020 15:26:54 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
6980b111-d3e8-40cf-a942-d679eff34443
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
application/javascript
cf-request-id
0635774c960000fa4467299000000001
server
cloudflare
i-noref.js
cm.adskeeper.co.uk/ Frame 0463
19 B
329 B
Script
General
Full URL
https://cm.adskeeper.co.uk/i-noref.js?cbuster=1604503614589154288416
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.io.911115.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5ecf5b275e95fa44-AMS
pragma
no-cache
date
Wed, 04 Nov 2020 15:26:54 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
d989d46a-83cc-40d7-9a8d-d688db9a56d7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
application/javascript
cf-request-id
0635774c990000fa4415350000000001
server
cloudflare
adskeeper_logo_mini_71x16.png
cdn.adskeeper.co.uk/images/
796 B
1 KB
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_logo_mini_71x16.png
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a768feb2cea958225615d935b23fa6e8ba7f366bc405d1267f1424244020dc

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:54 GMT
cf-cache-status
HIT
age
2562
cf-polished
origFmt=png, origSize=2562
status
200
content-length
796
content-disposition
inline; filename="adskeeper_logo_mini_71x16.webp"
x-amz-request-id
32595578C10DAD87
x-amz-id-2
IWtgtDvmReyb9irjtLniPZ1buIjO488OdglOKaLNN1G58OSklqUNxbcelQpt3gsdnmi8Ax11njY=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
"97fb3a072986fa1006cfbc27834841f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 04 Nov 2020 19:26:54 GMT
cache-control
public, max-age=14400
cf-request-id
0635774c9c0000fa443db70000000001
accept-ranges
bytes
cf-ray
5ecf5b276ea5fa44-AMS
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2MyNDc3MTBkOGI5MjA2ZDQxMzNkNjUxMmE1ZTM0YjY2LmpwZz90PTE0OTc5ODQzNTM0MTg.webp
s-img.adskeeper.co.uk/g/3805483/492x328/56x0x595x396/
21 KB
22 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/3805483/492x328/56x0x595x396/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2MyNDc3MTBkOGI5MjA2ZDQxMzNkNjUxMmE1ZTM0YjY2LmpwZz90PTE0OTc5ODQzNTM0MTg.webp?v=1604503614-BqFf8BJcLRo9_Agmo9U8DvA4YVw_nq7SWM5DtsQjes0
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
422dd65bdb9fec3f67bcf9274bd99e6bcddea0d84ec870402a49bac4091c690d

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:54 GMT
cf-cache-status
HIT
x-mg-request-uuid
a02fcaec-4d10-406b-a36e-04affcd2b062
age
2602469
status
200
content-length
21930
cf-request-id
0635774c9d0000fa440f934000000001
last-modified
Mon, 05 Oct 2020 11:13:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
5ecf5b276ea9fa44-AMS
int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/
1 KB
730 B
Image
General
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:54 GMT
content-encoding
br
cf-cache-status
HIT
age
1211
status
200
x-amz-request-id
2408703CD89C3762
x-amz-id-2
o356CnnfrqXzjRmRZu5Q3kxlLlytY4kkUjDCBcRnTF0dmkffOemIPkAHULI2J0ROvfZAtOIZwAs=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-request-id
0635774c9f0000fa446d88b000000001
cf-ray
5ecf5b276ea8fa44-AMS
expires
Wed, 04 Nov 2020 19:26:54 GMT
/
cm.steepto.com/setmuidn/
0
314 B
Image
General
Full URL
https://cm.steepto.com/setmuidn/?muidf=ka4Sj8sBe5q7
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:26:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cf-ray
5ecf5b296d7d1e71-AMS
content-length
0
cf-request-id
0635774de400001e716e3b5000000001
truncated
/ Frame D57E
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
c
c.adskeeper.co.uk/
43 B
455 B
Image
General
Full URL
https://c.adskeeper.co.uk/c?f=1&pv=3&v=484|323|8|cScSFHKP1evy3r-PUvSnByztzxnjrrivptESshQIXi29gBNwztB3SJ9kxIdDS84C&fw=1&extjs=66044&imgdim=1&cid=911115&h2=uMBDuuyVyPyEF0oxkZrWtvN-fy5S3o8nVYjDcujLCRw*&rid=2b5b8398-1eb2-11eb-9a04-d094662c24f7&tt=Direct&pageImp=1&muid=ka4Sj8sBe5q7&cbuster=1604503615743309667151&tpl=0
Requested by
Host: ouo.io
URL: https://ouo.io/LdIclC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ouo.io/LdIclC
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Nov 2020 15:26:55 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
132bcebb-67de-4294-bb30-52a9717f1b92
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
5ecf5b2e9dd0fa44-AMS
content-type
image/gif
cf-request-id
06357751220000fa44492c5000000001
server
cloudflare
102001
vids.viaplays.com/dsp/vast/ Frame D57E
71 B
484 B
XHR
General
Full URL
https://vids.viaplays.com/dsp/vast/102001?&randoms=622494929543
Requested by
Host: cdn.viaplays.com
URL: https://cdn.viaplays.com/static/PLAYER-200128-pack.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.61.68 Dallas, United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Nov 2020 15:26:56 GMT
x-content-type-options
nosniff
server
nginx
age
0
status
200
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://ouo.io
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
content-length
71
blank.mp4
cdn.viaplays.com/video/ Frame D57E
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.viaplays.com
URL
https://cdn.viaplays.com/video/blank.mp4

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _0xcbba function| _0x5112 object| recaptcha function| AdskeeperBaseBlockC911115 boolean| mgCanLoad911115 boolean| mgFallback911115 boolean| mgShortWidget911115 boolean| mgUseConvertedCode911115 string| mgRootId911115 object| div911115 string| rootDiv911115 string| mgPreloadId911115 object| _mgIntExchangeNews object| AdskeeperInfC911115 function| AdskeeperCContextBlock911115 function| AdskeeperCMainBlock911115 function| AdskeeperCSubnetsBlock911115 function| AdskeeperCAdvertLinkBlock911115 function| AdskeeperCInternalExchangeBlock911115 function| AdskeeperCColorBlock911115 function| AdskeeperCUtilsBlock911115 function| AdskeeperCMonitorBlock911115 function| AdskeeperCSmartDoubleClickBlock911115 function| AdskeeperCDesktopDoubleClickBlock911115 function| AdskeeperCRejectBlock911115 function| AdskeeperCAmpRenderBlock911115 function| AdskeeperCInternalExchangeLoggerBlock911115 function| AdskeeperCMgqBlock911115 function| AdskeeperCStylesheetsBlock911115 function| AdskeeperCCookieBlock911115 function| AdskeeperCObserverBlock911115 function| AdskeeperCSspDoubleClickBlock911115 function| AdskeeperCSendDimensionsBlock911115 function| AdskeeperCAntifraudBlock911115 function| AdskeeperCAntifraudStatisticsBlock911115 function| AdskeeperCRtbBlock911115 function| AdskeeperCActivateDelayBlock911115 function| AdskeeperCIframeSizeChangerBlock911115 function| AdskeeperCAccidentalClicksBlock911115 function| AdskeeperCExternalCountersBlock911115 function| AdskeeperCYandexTurboBlock911115 function| AdskeeperCContentPreviewBlock911115 function| AdskeeperCCountersBlock911115 function| AdskeeperCMobileDoubleClickBlock911115 object| constructorData911115 function| AdskeeperCGradientBlock911115 function| AdskeeperCResponsiveBlock911115 object| onClickExcludes function| AdskeeperLoadGoods911115_156c8 function| AdskeeperCReject911115 function| AdskeeperLoadGoods911676_156c8 function| AdskeeperCReject911676 function| AdskeeperLoadGoods911677_156c8 function| AdskeeperCReject911677 function| AdskeeperLoadGoods911679_156c8 function| AdskeeperCReject911679 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| mg_loaded_282855_911115 string| GoogleAnalyticsObject function| ga string| country string| agent number| time_cap string| viadscoId string| fallback undefined| viadscoVPAID string| creativeData object| viadscovpaidFrame function| vi2_setCookie function| vi2_getCookie function| vi2_eraseCookie function| dynamicallyLoadScripter244 function| viadscovpaidFrameLoaded object| viadscovpaidLoader object| closure_lm_692949 object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| _mgCanonicalUri boolean| _mgPageView282855 number| viuva number| vire string| viadscoId_lite object| viadscovpaidDiv object| viadscovpaidFrame_lite function| viadscovpaidFrame_liteLoaded boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping boolean| _mgPageImp282855

9 Cookies

Domain/Path Name / Value
.betano.com/ Name: btag
Value: a_795b_573c_dc2v224619
.ouo.io/ Name: _gat
Value: 1
.ouo.io/ Name: _gid
Value: GA1.2.85751858.1604503614
ouo.io/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C911115%22%3A%7B%22page%22%3A1%2C%22time%22%3A1604503614579%7D%7D
ouo.io/ Name: ppkcookie244
Value: 1
ouo.io/ Name: ouoio_session
Value: eyJpdiI6IkF5eVVOZkF3eFZFVzNKVFR1NU9BWnVNVGZkRVl3TG5ic1lGVGdoT3I0aDQ9IiwidmFsdWUiOiJuNW5cL2c5dms5UkhtMWlCY2FiTGpNMkM0bEVDZkFkK2hkcHZyOW9PUXBudVNncFpZRVlYMXZ5OXU3YkJHOUVFZ1FcL0FyaXdQaUZ2QUp4VWYybWZKYWxRPT0iLCJtYWMiOiJlNjBmMGExN2ZhZDQ4MGMyMjZmZmMyZWRiZDY5Njc3NThlNWQyZjkwNTkyNGMzYjYwMTk4NTYxZWUyNjFkZDY4In0%3D
.ouo.io/ Name: _ga
Value: GA1.2.1050837468.1604503614
ouo.io/ Name: language
Value: eyJpdiI6IjZPNVpoazFFXC9QQlN5ZHRhZjB5YXdLWWZ4UjV0YWhUMG5kXC9yQTFcL3dEZW89IiwidmFsdWUiOiJvUk5YckJhc2JPT3E5VjVyUCt6R0V5NWoyZHhPMUdCeTVSVEZBdEVmRDNjPSIsIm1hYyI6ImM4ZGFkMTM0MzFmMzIwYjk2MmRmNDk2YjBiNTY2MzBkMjQxYTk0MmJlZjNjMzc5N2ZmYzkxNWVmOWM1YTM3YzgifQ%3D%3D
.ouo.io/ Name: __cfduid
Value: d9313dc759c1c3948e40b80556d66dc9e1604503613

4 Console Messages

Source Level URL
Text
console-api debug URL: https://jsc.adskeeper.co.uk/o/u/ouo.io.911115.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://cdn.viaplays.com/static/PLAYER-200128-pack.js(Line 632)
Message:
vast type = preroll
console-api log URL: https://cdn.viaplays.com/static/PLAYER-200128-pack.js(Line 632)
Message:
vast type = preroll
console-api log URL: https://video.your-notice.com/html_102001.js(Line 76)
Message:
+++++ None

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.co.uk
cdn.adskeeper.co.uk
cdn.viaplays.com
cm.adskeeper.co.uk
cm.steepto.com
de.betano.com
fonts.googleapis.com
fonts.gstatic.com
gg.gg
gml-grp.com
imp8.bidgear.com
jsc.adskeeper.co.uk
kerumal.com
ouo.io
platform.bidgear.com
prosumsit.com
s-img.adskeeper.co.uk
servicer.adskeeper.co.uk
video.your-notice.com
vids.viaplays.com
wvhba6470p.com
www.google-analytics.com
www.google.com
www.gstatic.com
xml.revrtb.net
zap.buzz
cdn.viaplays.com
104.19.133.80
104.19.138.80
139.45.195.151
142.91.9.135
173.237.61.68
192.243.59.12
2606:4700:10::ac43:697
2606:4700:20::ac43:4a24
2606:4700:3030::ac43:9e20
2606:4700:3034::6818:612c
2606:4700:3035::6818:69d9
2606:4700::6811:5459
2a00:1450:4001:806::200e
2a00:1450:4001:815::2003
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::200a
37.187.207.148
91.224.140.71
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1
1c5bee85f9121b5238bf9044fade7df525fa09cf3bb490247ce172a9c3f3199d
2395927724838230aa4924cef62a3eecf93246f2aea57612f77b94aaf3a1024e
2bf0f5f24a36d5802ca771504acdcc3a87aeaf464a5c5949723af0434e9a4dd9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31f2ae6ee300f29af5f6c02deff40450d2dcb7a9cf8dd11a52c8f52dc136f7fc
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
40cb4096f87c9c725a5fc85f5283c482f585322741da6da45196842c37c8f3a0
422dd65bdb9fec3f67bcf9274bd99e6bcddea0d84ec870402a49bac4091c690d
5b88d7c7dc55ad42193036790715f8bd6a49dbc60f3d78668e91518e4c84b96f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a7d7885d718acc0d809960c44d811d17cd0e87f6f0aee27370d605185cf51b5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ed6f29c84f997e5091d538100d01a59ee98e31940162bdd9cfec890706f83f2
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
9c2619e4b7c7db6b4c53ea73813516816f4fe480e8ca92af6b2ed3278601d1c8
a1a768feb2cea958225615d935b23fa6e8ba7f366bc405d1267f1424244020dc
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
bf394fb33aa50c7f8b5d44137c209fd0fc0beeb21174b16ca353a3c83451d207
d8c0a7a26103f8ea912875c9144943241e7d33c3f544da46d76a6d71d3c234fb
dd828162a2e54e24de6f167733fea047e61317ac2f573b83b75589bcbe00e6af
e3260d6dec2a713f4a33471470384ba087dbcbc6400c4963d40ddf57508b724e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
faaa72fbc8dcd75ce8ed5341248ef23162736a6daeb707702abcfaaeec93a4ad
ff9993b243f9c992e3201e01b31f2324ce167856ca7a0c427b4ac3cee89c1aef