ouo.press Open in urlscan Pro
2606:4700:10::6814:5919 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lamdepmag.com/go/https://clck.ru/GJ2KP
Effective URL:
https://ouo.press/BOt40G
Submission: On June 03 via manual (June 3rd 2019, 6:14:11 pm UTC) from IN

Summary HTTP 38 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 19 domains to perform 38 HTTP transactions. The main IP is 2606:4700:10::6814:5919, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is ouo.press.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 19th 2019. Valid for: 6 months.

This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::6812:2bac	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2606:4700:10:... 2606:4700:10::6814:28b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	2606:4700:10:... 2606:4700:10::6814:5919	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	188.72.213.142 188.72.213.142	35415 (WEBZILLA) (WEBZILLA)
1	52.48.153.178 52.48.153.178	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
5	99.80.75.17 99.80.75.17	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3 3	18.153.11.3 18.153.11.3	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	35.156.184.3 35.156.184.3	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	35.201.83.118 35.201.83.118	15169 (GOOGLE) (GOOGLE - Google LLC)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT - Bidtellect Inc.)
1 1	54.243.162.137 54.243.162.137	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	188.72.213.141 188.72.213.141	35415 (WEBZILLA) (WEBZILLA)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	52.72.93.19 52.72.93.19	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	3.92.241.37 3.92.241.37	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	13.35.253.11 13.35.253.11	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	34.248.190.7 34.248.190.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
38	18

1 2606:4700:30::6812:2bac (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

lamdepmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:28b (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ouo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6814:5919 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ouo.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.72.213.142 (Netherlands)

ASN35415 (WEBZILLA, NL)

pushlum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.153.178 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-153-178.eu-west-1.compute.amazonaws.com

ecdn.adblock.report	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.80.75.17 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-75-17.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.153.11.3 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-3.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.184.3 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-184-3.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.83.118 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 118.83.201.35.bc.googleusercontent.com

g.cwkuki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT - Bidtellect Inc., US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.162.137 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-243-162-137.compute-1.amazonaws.com

sspcks.mynativeplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.72.213.141 (Netherlands)

ASN35415 (WEBZILLA, NL)

pushlum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net

cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.93.19 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-93-19.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.92.241.37 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-92-241-37.compute-1.amazonaws.com

ri.porcooat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.11 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-11.fra6.r.cloudfront.net

cdn.porcooat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.190.7 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-248-190-7.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	revcontent.com trends.revcontent.com cm.revcontent.com cdn.revcontent.com img.revcontent.com	200 KB
7	ouo.press ouo.press	61 KB
6	pushlum.com pushlum.com	34 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	google.com www.google.com	643 B
2	porcooat.com ri.porcooat.com cdn.porcooat.com	217 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	105 KB
1	adrta.com adrta.com	401 B
1	criteo.com bidder.criteo.com	129 B
1	mynativeplatform.com 1 redirects sspcks.mynativeplatform.com	821 B
1	bttrack.com bttrack.com	380 B
1	cwkuki.com g.cwkuki.com	153 B
1	criteo.net static.criteo.net	25 KB
1	adblock.report ecdn.adblock.report	1 KB
1	googleapis.com fonts.googleapis.com	376 B
1	ouo.io 1 redirects ouo.io	952 B
1	lamdepmag.com 1 redirects lamdepmag.com	261 B
38	19

	Domain	Requested by
7	ouo.press	ouo.press pushlum.com
6	pushlum.com	ouo.press pushlum.com
4	trends.revcontent.com	ouo.press trends.revcontent.com cdn.revcontent.com
3	x.bidswitch.net	3 redirects
3	cm.revcontent.com	ouo.press
3	www.google.com	ouo.press www.gstatic.com
2	img.revcontent.com	ouo.press
2	cdn.revcontent.com	ouo.press
2	rtb.mfadsrvr.com	2 redirects
2	ib.adnxs.com	2 redirects
1	cdn.porcooat.com	ouo.press
1	ri.porcooat.com	ouo.press
1	adrta.com	ouo.press
1	bidder.criteo.com	static.criteo.net
1	sspcks.mynativeplatform.com	1 redirects
1	bttrack.com	ouo.press
1	g.cwkuki.com	ouo.press
1	static.criteo.net	trends.revcontent.com
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	ouo.press
1	ecdn.adblock.report	ouo.press
1	fonts.googleapis.com	ouo.press
1	ouo.io	1 redirects
1	lamdepmag.com	1 redirects
38	24

This site contains links to these domains. Also see Links.

Domain
trends.revcontent.com

Subject Issuer	Validity	Valid
ssl419954.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-19` - `2019-07-28`	6 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
*.pushlum.com Let's Encrypt Authority X3	`2019-06-02` - `2019-08-31`	3 months	crt.sh
*.adblock.report Sectigo RSA Domain Validation Secure Server CA	`2019-05-14` - `2020-05-13`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
revcontent.com Amazon	`2019-02-16` - `2020-03-16`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.cwkuki.com DigiCert SHA2 Secure Server CA	`2017-09-05` - `2020-09-09`	3 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.criteo.com DigiCert SHA2 Secure Server CA	`2018-11-05` - `2020-01-03`	a year	crt.sh
*.revcontent.com DigiCert SHA2 Secure Server CA	`2018-05-20` - `2019-08-01`	a year	crt.sh
*.adrta.com COMODO RSA Domain Validation Secure Server CA	`2018-09-01` - `2020-08-31`	2 years	crt.sh
porcooat.com Amazon	`2019-06-03` - `2020-07-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://ouo.press/BOt40G
Frame ID: EB2A23C59174E5FEC0C7BBA3C48E206E
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegWQETAAAAAIIaaAhEnrkimbuOF5QJb0ZiYEK7&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=v1558333958099&size=normal&cb=vy061b7qjcf1
Frame ID: FEED478FC72DBB7CCC05FA0935EA0611
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1558333958099&k=6LegWQETAAAAAIIaaAhEnrkimbuOF5QJb0ZiYEK7&cb=lca0eq3tbioc
Frame ID: 437C6076E639C27EE2EAE0689059CC96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://lamdepmag.com/go/https://clck.ru/GJ2KP HTTP 302
https://ouo.io/BOt40G HTTP 302
https://ouo.press/BOt40G Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^criteo/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Hammer$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

38
Requests

100 %
HTTPS

29 %
IPv6

19
Domains

24
Subdomains

18
IPs

6
Countries

646 kB
Transfer

1299 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://trends.revcontent.com/click.php?d=scPHi6ObplOFHVeDKJX7XuMM6UUmbVRsy%2FxiJNOg4x5G55b87cIqnkrROcUU8CWWV6diUXxBXsmKcA1U0p9%2FeeGYiKmd1DiS%2BiabzOu8OkxZIjfc1SlcDWXuLhqRIbP%2BjhkRrg4vet1aTEtZM8s5KaUnzcb%2FJTo9Y8MWg9LNq8u%2BHnnHZ4XDTEsqsbwHtVr1oQJ1ORTvtFnXHzBs%2BxROqCZqOOibCSMJEitBNw5FKHgJ%2BceZ1atlKVlVhW6TKAy7ahREomXzmMIw4YbDjM9ZMdFcHr2cB9Z0gMMQsIuaGIrBOF2WI9WmmZw2jFow8sevu7yu5U%2FgZhjA2RJcPQJaGcuuF7p2fN3RUAMDQzXN9p6nk5EoX5eCeR%2BiY8VKAsl2ikNIqMZ9oO2GRcR%2FGQU7ioyMN2bhlPoFKWSFwL%2BGazQ5D2bAKOHBRdU1BsSN9xgha9wyXtyG11Ub46KFCh3iH9Ptkh5rB93mG8Yti9BTeu8MQ0BrVQjq6ppFIkYL4H5wo6ikGjxutGFIKXa%2Fh1Zvl%2BUFJA%2FXqGlCgR5cYxJWdO3oTaXDmhlFarS%2FdW9A2gjGsm%2BoDrvYZRf1R6R5TRz4xzI4aDE%2FUzgCmoBj0Wd7c1LltX%2FqMW16iK7EFcBDcRovXoFOo7W7NJKEcRgU2dHfh4FP3vuTJBvWdbxrTwkr2tlMQKBCyNWk1P1k4EABtvQm3X8yhlknFjSwRSf%2F4UPDGetrsO2cmtr5N%2B5FuOIuXgTEJaKy%2B1VGQjKwZLSvqwZRks8vRxFUKbffLqEEp%2FBzIT2SZoweCwlxvNhkVcWyWyjAlGfWySP5MnGPhw8PmHOurvqoNlT24EMs2hYpvxxmiS311oKNlT6qQvsdVqUIn6TcAaHJDwhnKPDs68ikRQD56udrXgF5T8VNAGw2mdiM%2BTOXEPOGPreoRtITzbLG%2BGBe7wIw%2F5%2BwIF6Y8t3BgGkebzm3pXclLU%2F7ra5sbltyy6wJX%2F6X2CWhPbmhhU0UFDdYDnJqxbj74YGYMCbsA4sUzn3hdEokL65xbuWyqXFeqA%3D%3D&viewed=true
Title: Eine Tasse Davon (Vor Dem Schlafengehen) Verbrennt Bauchfett Wie Verrückt! Masculinedaily

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=FwktT0nNs1TemXdwErwOSad2e9lQYNJxZfjkMdgiiSe7hYadJZyo0gEbxUNKyAMmCWzLe17fSknVrFqauYwS2LkiFSP9MFe4UORuOXXW0QkhTUp9mdROqJlKUjVos%2FKnSy4j8r5KK34ZGUFAw3cRFij9Wii%2FLJxqtUr4UWdlDZtGzWIDgJ1Hb6kha5Aqy8vxkjJ9mRB5hJsEJpQlUbpAzOepNtGLovq%2BZPMGVFAyaWDKZxV7pHStsFOKYzhavv8ZyFYKJd%2FIGHSAWb63ukwG0Y6PVRksg4AWNpF4mI8ED5SogOyLENtOG%2FoZ4HMnLJVbtTkIm3DZEFXOdTLpyB6ELmrXpcZyIFLwprXjL2EhCVK8aJIS83Kz1Gnz%2FWS9ws%2FptP%2BlxX5D2on7WlcyF4KRHbCWU%2BGaXIYae89mt2ynT0t4CkRUK2s3WObnG4XbKjslI3Wgd3fubZYlhGL6goruKfoX7Hm5qOufmuXkGcqP0INSqVstnguvIwVClsQseIsGdxOZ3xdyjlITc6eabsoqQMtax%2FnG%2Bfh3MJuGkypfaP79ZFooHOOUZx6k47XN1WP0DxsPd4rpSYyT2VGSbcQw7ZZJM3mLgCHqf7mGk6%2FJlxzMJ1Za%2BdRyhKZjivy0gEASlkq2v55Jl%2B9Y1zwV4OXui1otcguU67xKjwjh2NRwRXsTUUWL8dB%2BYJw0k33uxoXLD8DTuTb19355WzxjTB211uBsbkYsiEZ1cnNBJVgbSF%2Fzxzybpcy6aBFsSo1CAmBUQWPC9WO99QfGuzqZYRIkY69K5pB9zUd0ka3Dah7Fl8StnIoCI8NRbCdPwZYbWLQodj9fxorfal92ZVOJ3KlBv16BlRtwYSc9exl1glurHlb1%2BnCvXfuO6fvRikpxq1jqmwMJwwkwMrKDoSzMTRgf09HOZBOlcmGEJc%2BGmckO2eKH%2B6vCTyNXLa9zWhAJ81nFL3IE%2FF4DnflWu5w7wf6%2F44v2mc2frmv8V7N9Pr2ZMzcfpHwTIGS7YV0Me5F3OMvq&viewed=true
Title: Willst Du Heute Abend Eine ältere Frau Treffen? be2

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=exTg2LRVhMT7z1ShccTT4towDW00N%2BFSNHEGExE7EhhxF0cQaP02%2BCJN9mnLDkc1%2Bx0tmnz7omSUh3j78EJpUKozf9T3AgMGwJQNBZdmkMx1B6sy5Y%2F4Wps1twXNqeVmwQNy3wJDL4P%2BBnFNwysfBZafFOW4myqRHotXB%2BsgdGhwUQ6TVacIQiA4t24HnRxno8rAc7Iwmu1hUZwc645w9uMe%2FwIOF4HMAPaqNJp%2FB71XJnNKfwVsRobYEvmcf9ncx2QcRuD84a40NH6aB1qn5KPLq95QhaQnBHGWwUfIq8U8lHLksxFRSZiBR%2F6ETDRiIqOr6g2b2IHqp1cTDeY7DUn1DHuc0pvtOJQm%2BOUB%2FGGWacB8ks90klciV%2BTkip4q5yfWsuuJr3p5LUImTMZRiJvROFRC%2FegZkACyQC85SCWB7%2FKyqTX9SudI0wDsXzCRq2DnqHr6WmxR%2BYykcxPW3UOiit04MzKCscU3Nce605hh1aplPN0TJs8WNTyGoCC8fpvYtmmFhA2ynkS6n%2B4ZSY%2BHYgi4rkzZUkCW28w1ffRKhAE3bZifBCM90ltbHh7zUUkaYHjcGfj%2FiCxZFsBRWDTud6%2Fnrx3RiszolzQHZCDifBpre9%2BBb7huXQQZvqHwmxhz3PlFBDxau7DuMzHiQvnZ0pwzZYdpP2E0Xq5OcJEKR1wr%2BAYQPmReW68FwvA30kUigqxQNhAAHF5n4UOnRjJLFXmiln61bdYmUP66GTPfnUpuTTKQznRNmbmFKdMx6R54cmIviWxvK6f7HpgM47a5T%2FGdJDjB50D59OpBaVEsyK0GzzCjeJMrTCFQYUpZr%2FZRa2hyrXyzYNu6Q1nDhzL5m2VGh5hplrL5uhrshZ1xEf0opb5ooBU%2FUxZtZuCWDx98QbR5izC4DZeHNR1hkqvx6HpPuulybJMBVe7SC58ECRAq7NzeeH3K6WdCHWxw85wUbCK3l%2B6KurNdJcjtVdZlMU3B3hd%2F46a4YVUYkth5v4RyghUy5ZdRjec9wJ3uFuij3ZA30eNPDUWVdpar%2FcnInmrza8BO1gbx9d%2F8KqmIsA2U7DqUarJuwg5TuB7HI5Ed1CwywnwAiUHAQKwe%2FfMNQce2dwiiWp%2FDmNdubSVk6VC8zrzAy0vCrhC5%2FJQ1XPuuuC2KqJfI7rEmy0LbMG77ZG4PNtPrYOATAE5p0S4oy9n97VtGlS1MrhBNApYYFAlMgpfFPcnCsXFEiXYH84JeNzNlYQF1U%2Fa1O8kP7N1ROyOCQPS7Ir12M%2FeTWV5tE%2FCug%2Fdp9VeO9iSwREMdR68oJ87o8CiM9bKEonp0oGDLlXtSEj4j8LdcnxFQBhmxmKXcEQrv%2FX82LfmQWdgU7KuqnawVrqX9NuLy1MzBFU01xPVsgTqyh1nrQycvobwKFCBGOm6l%2BuR3Ynkr9F6Yrlp3Z61AjO2RPTrIJrrtd6dQthAVYQwuj3CaEJdmgjv3seHS086zGWAkvPTfDIvWaD39Zfpf2lFKe1xEoMKBHZnHrrCtuoIvD5D%2BwFbuXjH5&viewed=true
Title: Heute Abend Noch Nichts Vor? Finde Heiße Frauen In Berlin iDates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lamdepmag.com/go/https://clck.ru/GJ2KP HTTP 302
https://ouo.io/BOt40G HTTP 302
https://ouo.press/BOt40G Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://ib.adnxs.com/getuid?https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&geo=35&rev_dt=1559585631 HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcm.revcontent.com%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc%3D%26geo%3D35%26rev_dt%3D1559585631 HTTP 302
https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=8814393947282294362&exchange_uid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&geo=35&rev_dt=1559585631

Request Chain 16

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1559585631 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1559585631 HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=3066a993-1f64-4491-8f57-1ddcc42624f1 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=3066a993-1f64-4491-8f57-1ddcc42624f1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4f2b8563-2f07-4c17-991c-e12f1ee1bc4e&ssp=revcontent HTTP 302
https://cm.revcontent.com/pixel_sync?bidder=118&bidder_uid=3066a993-1f64-4491-8f57-1ddcc42624f1

Request Chain 19

https://sspcks.mynativeplatform.com/pub2/web/ssp/cksync.js?clientKey=3pAKMAvn9TUeXmaWzDetN3&sspUid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&dcurl=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fexchange_uid%3DODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=%26bidder%3D150%26bidder_uid%3Ddefault&rev_dt=1559585631 HTTP 302
https://cm.revcontent.com/pixel_sync?exchange_uid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&bidder=150&bidder_uid=default

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request BOt40G Show response
ouo.press/
Redirect Chain

https://lamdepmag.com/go/https://clck.ru/GJ2KP
https://ouo.io/BOt40G
https://ouo.press/BOt40G

8 KB
4 KB

338ms
280ms

Document
text/html

2606:4700:10::6814:5919
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/BOt40G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:5919 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b6f7d678b78f214a107dffa89fb7348c1496f2430d066e0ef3642c3798e0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ouo.press
:scheme: https
:path: /BOt40G
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 03 Jun 2019 18:13:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbd9bab66a3dfc6f7a16088b4b76fd0c91559585630; expires=Tue, 02-Jun-20 18:13:50 GMT; path=/; domain=.ouo.press; HttpOnly ouoio_session=eyJpdiI6ImFLTXFndzlpQlJROElEdHAxQWlrMldJY1U0RmVJWXkzRE5CRjkzV3VYUDg9IiwidmFsdWUiOiJIXC9FdU5IMXZBSEV6b3ZsbzJcL29ReVQwbXgweGlMU29pNW4rY1JvQVR5T1M4VG1HNU45M040N2xnRHd6WVZmTDl6WXd3ZEtuYTIzbERLaHE5S2NwXC8wUT09IiwibWFjIjoiZWZiMTBlY2E4NTQyODY4ODAyM2Y2Yzk2Y2RiMTk4OGUwYjk3NGFiMTU5ZDlkZTdiZTA5NzY1OTg0ODNiMzkxOCJ9; expires=Mon, 03-Jun-2019 20:01:22 GMT; Max-Age=7200; path=/; httponly language=eyJpdiI6Ill5QkREalNXZDJldnlQVDFaZytRSXA1ZVdPMDdBZG8wNlQyOEEzbXM3MFE9IiwidmFsdWUiOiI2RjlJMUdUS3FoaWdibFwvZFVjUGRXblRWNFcyeFlzcXE2OW5lQ0wwWU9OWT0iLCJtYWMiOiIzYTU0NTIxODM3OTdlYTQ2Njg3N2Q2ZWU4ZmU4YWY2NDcxMjZkOTQ4ZjM3MTZkZDk3NTRhZDlkYWM3YmI0MzIzIn0%3D; expires=Sat, 01-Jun-2024 18:01:22 GMT; Max-Age=157680000; path=/; httponly
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e13a4afcfcdd6d9-FRA
content-encoding: gzip

Redirect headers

status: 302
date: Mon, 03 Jun 2019 18:13:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db930650fabc7395e04c33f362083fc011559585630; expires=Tue, 02-Jun-20 18:13:50 GMT; path=/; domain=.ouo.io; HttpOnly; Secure ouoio_session=eyJpdiI6IjRmQklSclI2NDVPVjFhS1JicDJZUytQWWdWTUdpR3hlZnRuUVRiSFMwc2c9IiwidmFsdWUiOiJlK2NSVTZIKzMwSFd1SEkwK0p0a3RjU3BkSFNUU29LZG1UbEY3ZkZ0ZHlcL2NaVGlTT3dkWmpPbHRBMnFoMXdWakJ5cDlURmk5UGNEbkJtOHpQQTFtdkE9PSIsIm1hYyI6Ijg3Y2ZmZTg0MGZiOGQzNjRlNTI5YTc0NzBkZDU0ZTNkMDZkNzVmNDBiZmIwYTM0OGFlZjYzY2E1Y2UwODYxMjUifQ%3D%3D; expires=Mon, 03-Jun-2019 20:01:22 GMT; Max-Age=7200; path=/; httponly language=eyJpdiI6ImJWSUlFK2RTakpYV2U2UkJLcVhYWmt4U2h5YnJZaDJFQUZGRzhlY2o2MjQ9IiwidmFsdWUiOiJGNldzamlXM1JYbEh3WVh1UHlydUlGRVFUR3VLMFlzeXRCdUxkYmRYYUxZPSIsIm1hYyI6ImNjMGYyZmQ5MmJmZjUxMzI4N2FhOTZjMjA5N2QyZWU0YmE1ZjkyOTIyMjg4OThhOTllYTlhY2RlNjNkY2MxNTAifQ%3D%3D; expires=Sat, 01-Jun-2024 18:01:22 GMT; Max-Age=157680000; path=/; httponly
cache-control: no-cache
location: https://ouo.press/BOt40G
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e13a4ad0f5796b6-FRA

GET
H2 200 css
fonts.googleapis.com/ 425 B
376 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

6d5d8eb2d6da48b7360aec5ef3bb83884e4017c234fff2fc16513f6fdbc58e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Jun 2019 18:13:50 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Jun 2019 18:13:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Jun 2019 18:13:50 GMT

GET
H2 200 bootstrap.css
ouo.press/css/ 107 KB
23 KB 29ms
27ms Stylesheet
text/css 2606:4700:10::6814:5919
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/bootstrap.css

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:5919 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

326ffedb17cf069bdc342759a21bf78461179b48fe9047d0e4636e3c6115ad9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: public, max-age=86400
cf-ray: 4e13a4b19ffed6d9-FRA
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Tue, 04 Jun 2019 18:13:50 GMT

GET
H2 200 link-safe.css
ouo.press/css/ 6 KB
2 KB 37ms
36ms Stylesheet
text/css 2606:4700:10::6814:5919
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/link-safe.css

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:5919 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c43f4f8afe519e7d5839a358bc989a0f18d9038ea6669943d5f1a7f7a1ea83da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: status=cannot_optimize
status: 200
last-modified: Mon, 13 May 2019 06:10:20 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 4e13a4b19806d6d9-FRA
expires: Tue, 04 Jun 2019 18:13:51 GMT

GET
H/1.1 200
OK ntfc.php Show response
pushlum.com/ 12 KB
5 KB 81ms
27ms Script
application/javascript 188.72.213.142
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlum.com/ntfc.php?p=1731251
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.213.142 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 73371a1045c418b7bf702da3e34f490984527368760b8b442e965de48918ff0d

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jun 2019 18:13:48 GMT
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Max-Age: 86400
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fab.js Show response
ecdn.adblock.report/static/js/ 2 KB
1 KB 129ms
33ms Script
application/javascript 52.48.153.178
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.adblock.report/static/js/fab.js
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.153.178 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-153-178.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: c3efe69843fe1b94779ad99444e7763afd2bdb110593c8f3df68b74fe3c5ea10

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2015 00:00:00 GMT
server: nginx/1.14.1
etag: "55a5a280-38b"
content-type: application/javascript
status: 200
cache-control: max-age=3600
content-length: 907
expires: Mon, 03 Jun 2019 19:13:51 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 837 B
643 B 17ms
16ms Script
text/javascript 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

77f4ff2db217144f181ab22eb46550d153276463713e044ad9fb803c9d2bd330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 469
x-xss-protection: 1; mode=block
expires: Mon, 03 Jun 2019 18:13:51 GMT

GET
H2 200 world.png
ouo.press/images/ 6 KB
6 KB 28ms
27ms Image
image/png 2606:4700:10::6814:5919
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ouo.press/images/world.png

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:5919 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100
vary: Accept-Encoding
content-length: 5692
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2015 05:02:52 GMT
server: cloudflare
etag: "5549a07c-163c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4e13a4b1d92ad6d9-FRA
expires: Wed, 03 Jul 2019 18:13:51 GMT

GET
H2 200 10.jpg
ouo.press/blog/images/hero/ 25 KB
25 KB 40ms
39ms Image
image/jpeg 2606:4700:10::6814:5919
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ouo.press/blog/images/hero/10.jpg

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:5919 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a6e294c599a4fd0abb56af27b46b3251eabd66f0b1c025fb98a1639e517024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=42730
status: 200
cf-bgj: imgq:100
vary: Accept-Encoding
content-length: 25780
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Oct 2017 04:26:20 GMT
server: cloudflare
etag: "59e191ec-a6ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4e13a4b1d92bd6d9-FRA
expires: Wed, 03 Jul 2019 18:13:51 GMT

GET
H2 200 email-decode.min.js Show response
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
808 B 9ms
8ms Script
application/javascript 2606:4700:10::6814:5919
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:5919 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
last-modified: Thu, 30 May 2019 09:56:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cefa8cb-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 4e13a4b1d928d6d9-FRA
expires: Wed, 05 Jun 2019 18:13:51 GMT

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 6 KB
2 KB 131ms
35ms Script
text/html 99.80.75.17
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/serve.js.php?w=111774&t=rc_137&c=1559585631010&width=1600&referer=https%3A%2F%2Fouo.press%2FBOt40G
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.75.17 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-75-17.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2d821db719cf0f00edf005a8b15910aa44c7a4b06e039a15247921b8b5db46af

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
access-control-allow-origin: https://ouo.press
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
status: 200
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8

GET
H2 200 QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2
fonts.gstatic.com/s/questrial/v8/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v8/QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

495347eafc1881654163fd276f18415487f16cb282b9695dc03a8b99a4de21b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Questrial
Origin: https://ouo.press

Response headers

date: Sun, 02 Jun 2019 16:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91869
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 12870
x-xss-protection: 0
last-modified: Tue, 19 Feb 2019 22:23:11 GMT
server: sffe
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jun 2020 16:42:42 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1558333958099/ 264 KB
92 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1558333958099/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

930eadf627c2cf23ca4498b0bba8f90e397bebff88edc8211c0beeec413c0208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 19:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2019 19:45:00 GMT
server: sffe
age: 252853
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 93872
x-xss-protection: 0
expires: Sat, 30 May 2020 19:59:38 GMT

GET
H/1.1 200
OK ntfc.php Show response
pushlum.com/ 93 KB
27 KB 35ms
35ms Script
application/javascript 188.72.213.142
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlum.com/ntfc.php?p=1731251&r=ui&swver=3.1.45
Requested by: Host: pushlum.com
URL: https://pushlum.com/ntfc.php?p=1731251
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.213.142 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 50317539c8a07d581349eea566b8bb707b6a1c6623597f964dd896c6158110b0

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 18:13:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Max-Age: 86400
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame FEED 0
0 33ms
32ms Document
text/html 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegWQETAAAAAIIaaAhEnrkimbuOF5QJb0ZiYEK7&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=v1558333958099&size=normal&cb=vy061b7qjcf1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1558333958099/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DMSMVCeuOsgbYNQfRykRwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LegWQETAAAAAIIaaAhEnrkimbuOF5QJb0ZiYEK7&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=v1558333958099&size=normal&cb=vy061b7qjcf1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://ouo.press/BOt40G
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ouo.press/BOt40G

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Jun 2019 18:13:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-DMSMVCeuOsgbYNQfRykRwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12584
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 83 KB
25 KB 83ms
32ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=111774&t=rc_137&c=1559585631010&width=1600&referer=https%3A%2F%2Fouo.press%2FBOt40G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b0e82f9ce6c1510f32a8e18c9581ba6573b6988dabdd3f2ed6c1ba08eff85cb9

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2019 13:26:35 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5c811c0b-14ca7"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 04 Jun 2019 18:13:51 GMT

GET
H2

200

pixel_sync
cm.revcontent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&geo=35&rev_dt=1559585631
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcm.revcontent.com%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFm...
https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=8814393947282294362&exchange_uid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&geo=35&rev_dt=1559585631

35 B
198 B

54ms
32ms

Image
image/gif

99.80.75.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=8814393947282294362&exchange_uid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&geo=35&rev_dt=1559585631
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.75.17 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-75-17.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 03 Jun 2019 18:13:51 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jun 2019 18:13:53 GMT
AN-X-Request-Uuid: cb8f0a10-855a-461b-8506-6de2704eda16
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=8814393947282294362&exchange_uid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&geo=35&rev_dt=1559585631
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 83.97.23.251; 83.97.23.251; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.111:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel_sync
cm.revcontent.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1559585631
https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1559585631
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=3066a993-1f64-4491-8f57-1ddcc42624f1
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=3066a993-1f64-4491-8f57-1ddcc42624f1
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4f2b8563-2f07-4c17-991c-e12f1ee1bc4e&ssp=revcontent
https://cm.revcontent.com/pixel_sync?bidder=118&bidder_uid=3066a993-1f64-4491-8f57-1ddcc42624f1

35 B
198 B

34ms
33ms

Image
image/gif

99.80.75.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.revcontent.com/pixel_sync?bidder=118&bidder_uid=3066a993-1f64-4491-8f57-1ddcc42624f1
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.75.17 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-75-17.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 03 Jun 2019 18:13:51 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Date: Mon, 03 Jun 2019 18:13:51 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //cm.revcontent.com/pixel_sync?bidder=118&bidder_uid=3066a993-1f64-4491-8f57-1ddcc42624f1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H2 204 D8f2l
g.cwkuki.com/cs/ 0
153 B 188ms
146ms Image
text/plain 35.201.83.118
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.cwkuki.com/cs/D8f2l?u=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&rev_dt=1559585631
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.83.118 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 118.83.201.35.bc.googleusercontent.com
Software: Cookie_Sync /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 03 Jun 2019 18:13:51 GMT
via: 1.1 google
server: Cookie_Sync
alt-svc: clear

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ 35 B
380 B 408ms
100ms Image
image/gif 192.132.33.46
Bidtellect Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=0b0edea9-c9fe-4b9c-9bcd-a51022f2873f&publisherid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&pushdata=109&secure=1&rev_dt=1559585631
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Mon, 03 Jun 2019 18:13:51 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

pixel_sync
cm.revcontent.com/
Redirect Chain

https://sspcks.mynativeplatform.com/pub2/web/ssp/cksync.js?clientKey=3pAKMAvn9TUeXmaWzDetN3&sspUid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&dcurl=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3F...
https://cm.revcontent.com/pixel_sync?exchange_uid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&bidder=150&bidder_uid=default

35 B
198 B

34ms
34ms

Image
image/gif

99.80.75.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.revcontent.com/pixel_sync?exchange_uid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&bidder=150&bidder_uid=default
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.75.17 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-75-17.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 03 Jun 2019 18:13:51 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Date: Mon, 03 Jun 2019 18:13:51 GMT
Content-Encoding: gzip
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Location: https://cm.revcontent.com/pixel_sync?exchange_uid=ODllNDllNmEwNDQ4NDI1MmFhZTBiNDc3YjFmNDdiNTc=&bidder=150&bidder_uid=default
Access-Control-Allow-Methods: POST, GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
M6S_HOST: cookieSync-spot-0630b5816a6b765ce
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
Content-Length: 0

OPTIONS
H/1.1 200
OK custom Show response
pushlum.com/ 0
457 B 77ms
19ms Fetch
text/plain 188.72.213.141
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlum.com/custom
Requested by: Host: pushlum.com
URL: https://pushlum.com/ntfc.php?p=1731251&r=ui&swver=3.1.45
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.213.141 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://ouo.press
Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 03 Jun 2019 18:13:45 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0

GET
H2 200 swpro.js Show response
ouo.press/ 2 KB
1 KB 19ms
18ms Fetch
application/javascript 2606:4700:10::6814:5919
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/swpro.js

Requested by

Host: pushlum.com
URL: https://pushlum.com/ntfc.php?p=1731251&r=ui&swver=3.1.45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:5919 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

356ec2b0a61e800520b41b36be4a1d6f2c0bb4fb78fd554f448bda2cf243ccc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=2564
status: 200
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Apr 2019 03:04:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cc669aa-a04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 04 Jun 2019 18:13:51 GMT
cache-control: public, max-age=86400
cf-ray: 4e13a4b2cd8bd6d9-FRA
cf-bgj: minify

OPTIONS
H/1.1 200
OK custom Show response
pushlum.com/ 0
457 B 66ms
17ms Fetch
text/plain 188.72.213.141
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlum.com/custom
Requested by: Host: pushlum.com
URL: https://pushlum.com/ntfc.php?p=1731251&r=ui&swver=3.1.45
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.213.141 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://ouo.press
Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 03 Jun 2019 18:13:45 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0

POST
H/1.1 200
OK custom Show response
pushlum.com/ 39 B
484 B 15ms
14ms Fetch
application/json 188.72.213.142
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushlum.com/custom

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.213.142 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://ouo.press/BOt40G
Origin: https://ouo.press
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d0134a6d9841582796ec36357c29de0f
Date: Mon, 03 Jun 2019 18:13:48 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom Show response
pushlum.com/ 39 B
484 B 31ms
16ms Fetch
application/json 188.72.213.142
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushlum.com/custom

Requested by

Host: ouo.press
URL: https://ouo.press/BOt40G

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.213.142 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://ouo.press/BOt40G
Origin: https://ouo.press
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: ae20fc6420071e58207873d2ff7cb218
Date: Mon, 03 Jun 2019 18:13:48 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
129 B 97ms
21ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=65&profileId=184&cb=64418669215
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/BOt40G
Origin: https://ouo.press
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Vary: Origin

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 437C 0
0 20ms
19ms Document
text/html 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1558333958099&k=6LegWQETAAAAAIIaaAhEnrkimbuOF5QJb0ZiYEK7&cb=lca0eq3tbioc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1558333958099/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tUmQbqD9fxFTK7k0Pwcb3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=v1558333958099&k=6LegWQETAAAAAIIaaAhEnrkimbuOF5QJb0ZiYEK7&cb=lca0eq3tbioc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://ouo.press/BOt40G
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ouo.press/BOt40G

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Jun 2019 18:13:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-tUmQbqD9fxFTK7k0Pwcb3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1116
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 31 KB
11 KB 269ms
268ms XHR
text/javascript 99.80.75.17
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/serve.js.php?w=111774&t=rc_137&c=1559585631010&width=1600&referer=https%3A%2F%2Fouo.press%2FBOt40G&site_url=https%3A%2F%2Fouo.press%2FBOt40G
Requested by: Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=111774&t=rc_137&c=1559585631010&width=1600&referer=https%3A%2F%2Fouo.press%2FBOt40G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.75.17 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-75-17.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 81d75bace02eae2270544f8960a901d7ef4c098a977f926390ba90134c2afecf

Request headers

Referer: https://ouo.press/BOt40G
Origin: https://ouo.press
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ 83 KB
26 KB 69ms
12ms Stylesheet
text/css 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=e8cc7795e88dfa9ef936ceecb8eebaba5de236a8
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: d735df583a5acc5862459053444a1e912507c3a29d184920ee2670de0308acbe

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
last-modified: Mon, 13 May 2019 14:47:02 GMT
access-control-allow-origin: *
etag: "1557758822"
x-hw: 1559585631.dop024.fr8.t,1559585631.cds075.fr8.hn,1559585631.cds136.fr8.c
content-type: text/css
status: 200
cache-control: max-age=7
accept-ranges: bytes
content-length: 26337

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ 276 KB
96 KB 85ms
30ms Script
application/javascript 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=e8cc7795e88dfa9ef936ceecb8eebaba5de236a8&del=//trends.revcontent.com/&lg=//cdn.revcontent.com/assets/img/rc-logo.png&ci=//cdn.revcontent.com/assets/img/icon-close.png&ab=//trends.revcontent.com/rc-about.php&ldr=//cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=//trends.revcontent.com/rc-interests.php&env=p0
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 091a1ce9a3b3838457ce3ff076db0454668401a7929fa0deacc36da8718bb994

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
content-encoding: gzip
last-modified: Mon, 13 May 2019 14:47:02 GMT
access-control-allow-origin: *
etag: "1557758822"
x-hw: 1559585631.dop024.fr8.t,1559585631.cds075.fr8.hn,1559585631.cds064.fr8.c
content-type: application/javascript
status: 200
cache-control: max-age=30
accept-ranges: bytes
content-length: 98249

GET
H2 200 i
adrta.com/ 43 B
401 B 353ms
107ms Image
image/gif 52.72.93.19
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adrta.com/i?clid=cw&paid=cw&avid=f9ca6e2e-80ff-46a0-b276-1028cfc83070&caid=7af7e739-a0bc-4114-9927-cd763762a55b&plid=2cb96fb0-5212-11e9-a0e9-a99d2589a8d7&priceBid=0.243478261&siteId=ouo.press&publisherId=1f883afa-4e92-49a1-8923-1dd06846c440&kv1=1500x1000&kv2=https%3A%2F%2Fouo.press%2FBOt40G&kv7=106895&kv11=a61833aa78474ac8a10921fd722d191e-1-571f3710-862b-11e9-a48c-0242ac110003&kv12=111774_1&kv18=Unknown&kv21=Unknown&kv24=Desktop_Native&cb=571f3710-862b-11e9-bb2c-0242ac110003
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.93.19 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-93-19.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 18:13:52 GMT
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips
content-type: image/gif
status: 200
cache-control: no-cache
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK rendered
ri.porcooat.com/notify/ 0
99 B 338ms
108ms Image
text/plain 3.92.241.37
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ri.porcooat.com/notify/rendered?a=revcontent&cep=qH-nBZUiL4LV5BT8u_FCcy98iv7pod_lM2mHIamvepAbEcq39juYY-hOcKZK2uCG-5u6UWhYcN5bE59ja2LC5yfk-xLlMS7FI8M7EYSQy2W4ANqXt1p_Ciq_Hv1cto4bJj5aHAhhESCZvsgbyggOLah2vlKhaGaXR5TqmVuPrzXgC0DoDDplNfgCGP06PHocwxB0IQj14_RkJ261ObWSrgKoEKpU7cSNIx_kzSLLCH_VSXXwf8X9L5bZqouxqkbQ
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.241.37 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-92-241-37.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 03 Jun 2019 18:13:52 GMT
Content-Length: 0

GET
H2 200 /
img.revcontent.com/ 30 KB
30 KB 111ms
47ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15561711121283221952.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2f748f72139dc4b0fe69e79d133ca20f6bdd3edd80a0aee59aa9ffdd67882ec4

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
last-modified: Thu, 25 Apr 2019 05:45:13 GMT
etag: "1556171113"
x-hw: 1559585631.dop024.fr8.t,1559585631.cds075.fr8.hn,1559585631.cds133.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30389

GET
H2 200 /
img.revcontent.com/ 34 KB
34 KB 77ms
12ms Image
image/jpeg 205.185.216.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15154624972049531466.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6218c59366f221dfe49600921c481d46e4047a257813891ee5b7df359fefb419

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 18:13:51 GMT
last-modified: Tue, 09 Jan 2018 01:48:18 GMT
etag: "1515462498"
x-hw: 1559585631.dop024.fr8.t,1559585631.cds075.fr8.hn,1559585631.cds019.fr8.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34584

GET
H2 200 ff5c9341-9c8b-4b3a-af9a-d74ccdae7ff8.jpeg
cdn.porcooat.com/f9ca6e2e-80ff-46a0-b276-1028cfc83070/ 217 KB
217 KB 57ms
10ms Image
application/octet-stream 13.35.253.11
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.porcooat.com/f9ca6e2e-80ff-46a0-b276-1028cfc83070/ff5c9341-9c8b-4b3a-af9a-d74ccdae7ff8.jpeg
Requested by: Host: ouo.press
URL: https://ouo.press/BOt40G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.11 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-11.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f8616205af6f768ef236c2d8f56d7a1a19165ab308c01e9b07974df64c9a26e

Request headers

Referer: https://ouo.press/BOt40G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 08:48:12 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
last-modified: Fri, 29 Mar 2019 10:26:53 GMT
server: AmazonS3
age: 33940
etag: "eb386e1d6e5620c3e4f3527d44d8b62a"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 221918
x-amz-cf-id: noDdBJcFrItVMx4QtyNWx_D1iVCyZRiwN_8NU9dIa7bpfAE2SfhDiA==

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
153 B 119ms
34ms XHR
text/html 34.248.190.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/imp.php
Requested by: Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=e8cc7795e88dfa9ef936ceecb8eebaba5de236a8&del=//trends.revcontent.com/&lg=//cdn.revcontent.com/assets/img/rc-logo.png&ci=//cdn.revcontent.com/assets/img/icon-close.png&ab=//trends.revcontent.com/rc-about.php&ldr=//cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=//trends.revcontent.com/rc-interests.php&env=p0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.190.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-248-190-7.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://ouo.press/BOt40G
Origin: https://ouo.press
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Mon, 03 Jun 2019 18:13:51 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
access-control-allow-origin: https://ouo.press
content-length: 0
content-type: text/html; charset=UTF-8

POST
H2 200 view.php Show response
trends.revcontent.com/ 0
153 B 96ms
33ms XHR
text/html 34.248.190.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/view.php
Requested by: Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=e8cc7795e88dfa9ef936ceecb8eebaba5de236a8&del=//trends.revcontent.com/&lg=//cdn.revcontent.com/assets/img/rc-logo.png&ci=//cdn.revcontent.com/assets/img/icon-close.png&ab=//trends.revcontent.com/rc-about.php&ldr=//cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=//trends.revcontent.com/rc-interests.php&env=p0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.190.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-248-190-7.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://ouo.press/BOt40G
Origin: https://ouo.press
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Mon, 03 Jun 2019 18:13:51 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
access-control-allow-origin: https://ouo.press
content-length: 0
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://pushlum.com/ntfc.php?p=1731251&r=ui&swver=3.1.45(Line 1) Message: service worker path (u):

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adrta.com
bidder.criteo.com
bttrack.com
cdn.porcooat.com
cdn.revcontent.com
cm.revcontent.com
ecdn.adblock.report
fonts.googleapis.com
fonts.gstatic.com
g.cwkuki.com
ib.adnxs.com
img.revcontent.com
lamdepmag.com
ouo.io
ouo.press
pushlum.com
ri.porcooat.com
rtb.mfadsrvr.com
sspcks.mynativeplatform.com
static.criteo.net
trends.revcontent.com
www.google.com
www.gstatic.com
x.bidswitch.net
13.35.253.11
178.250.0.130
178.250.2.152
18.153.11.3
188.72.213.141
188.72.213.142
192.132.33.46
205.185.216.10
2606:4700:10::6814:28b
2606:4700:10::6814:5919
2606:4700:30::6812:2bac
2a00:1450:4001:808::2003
2a00:1450:4001:816::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2004
3.92.241.37
34.248.190.7
35.156.184.3
35.201.83.118
37.252.172.249
52.48.153.178
52.72.93.19
54.243.162.137
99.80.75.17
091a1ce9a3b3838457ce3ff076db0454668401a7929fa0deacc36da8718bb994
0f8616205af6f768ef236c2d8f56d7a1a19165ab308c01e9b07974df64c9a26e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d821db719cf0f00edf005a8b15910aa44c7a4b06e039a15247921b8b5db46af
2f748f72139dc4b0fe69e79d133ca20f6bdd3edd80a0aee59aa9ffdd67882ec4
326ffedb17cf069bdc342759a21bf78461179b48fe9047d0e4636e3c6115ad9d
356ec2b0a61e800520b41b36be4a1d6f2c0bb4fb78fd554f448bda2cf243ccc8
495347eafc1881654163fd276f18415487f16cb282b9695dc03a8b99a4de21b5
50317539c8a07d581349eea566b8bb707b6a1c6623597f964dd896c6158110b0
6218c59366f221dfe49600921c481d46e4047a257813891ee5b7df359fefb419
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d5d8eb2d6da48b7360aec5ef3bb83884e4017c234fff2fc16513f6fdbc58e26
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
73371a1045c418b7bf702da3e34f490984527368760b8b442e965de48918ff0d
77f4ff2db217144f181ab22eb46550d153276463713e044ad9fb803c9d2bd330
81d75bace02eae2270544f8960a901d7ef4c098a977f926390ba90134c2afecf
930eadf627c2cf23ca4498b0bba8f90e397bebff88edc8211c0beeec413c0208
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b0e82f9ce6c1510f32a8e18c9581ba6573b6988dabdd3f2ed6c1ba08eff85cb9
c3efe69843fe1b94779ad99444e7763afd2bdb110593c8f3df68b74fe3c5ea10
c43f4f8afe519e7d5839a358bc989a0f18d9038ea6669943d5f1a7f7a1ea83da
c4b6f7d678b78f214a107dffa89fb7348c1496f2430d066e0ef3642c3798e0af
c8a6e294c599a4fd0abb56af27b46b3251eabd66f0b1c025fb98a1639e517024
d735df583a5acc5862459053444a1e912507c3a29d184920ee2670de0308acbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

ouo.press Open in urlscan Pro 2606:4700:10::6814:5919 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

29 %IPv6

19 Domains

24 Subdomains

18 IPs

6 Countries

646 kBTransfer

1299 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ouo.press Open in urlscan Pro
2606:4700:10::6814:5919 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

29 %
IPv6

19
Domains

24
Subdomains

18
IPs

6
Countries

646 kB
Transfer

1299 kB
Size

0
Cookies

38 HTTP transactions
0 data transactions