ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ouo.press/C5uFo6
Submission: On November 24 via manual (November 24th 2021, 6:21:13 am UTC) from SE — Scanned from DE

Summary HTTP 54 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 54 HTTP transactions. The main IP is 2606:4700:10::6816:3afb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.

This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:10:... 2606:4700:10::6816:3afb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	142.91.9.135 142.91.9.135	7979 (SERVERS-COM) (SERVERS-COM)
1	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
10	104.19.134.80 104.19.134.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	107.22.28.167 107.22.28.167	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.193.94 13.224.193.94	16509 (AMAZON-02) (AMAZON-02)
4	13.225.78.118 13.225.78.118	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	23.218.209.87 23.218.209.87	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.16.26.49 52.16.26.49	16509 (AMAZON-02) (AMAZON-02)
5	13.224.198.4 13.224.198.4	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	173.237.61.68 173.237.61.68	7979 (SERVERS-COM) (SERVERS-COM)
1	52.222.214.83 52.222.214.83	16509 (AMAZON-02) (AMAZON-02)
2	104.19.132.80 104.19.132.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.138.80 104.19.138.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
54	20

6 2606:4700:10::6816:3afb (United States)

ASN13335 (CLOUDFLARENET, US)

ouo.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.91.9.135 (Netherlands)

ASN7979 (SERVERS-COM, US)

video.your-notice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

itineraryupper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.19.134.80 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com

aphycolourses.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ndenthait.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-94.fra2.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.78.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-118.fra2.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.26.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-26-49.eu-west-1.compute.amazonaws.com

tracking1.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.198.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-4.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.237.61.68 (United States)

ASN7979 (SERVERS-COM, US)

cdn.viaplays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vids.viaplays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-83.fra56.r.cloudfront.net

afvdeukmy.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.132.80 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.138.80 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	adskeeper.co.uk jsc.adskeeper.co.uk c.adskeeper.co.uk cdn.adskeeper.co.uk servicer.adskeeper.co.uk s-img.adskeeper.co.uk cm.adskeeper.co.uk	122 KB
6	firstimpression.io ecdn.firstimpression.io cdn.firstimpression.io tracking1.firstimpression.io tracking.firstimpression.io Failed	139 KB
6	ouo.press ouo.press	68 KB
5	amazon-adsystem.com c.amazon-adsystem.com	75 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	330 KB
4	google.com www.google.com	37 KB
2	viaplays.com cdn.viaplays.com vids.viaplays.com	155 KB
2	your-notice.com video.your-notice.com	6 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	steepto.com cm.steepto.com	173 B
1	ndenthait.xyz ndenthait.xyz	37 B
1	afvdeukmy.one afvdeukmy.one	411 B
1	outbrain.com widgets.outbrain.com	3 KB
1	doubleclick.net ad.doubleclick.net	664 B
1	analysis.fi ecdn.analysis.fi	2 KB
1	aphycolourses.info aphycolourses.info	23 KB
1	itineraryupper.com itineraryupper.com
54	17

	Domain	Requested by
6	ouo.press	ouo.press
5	c.amazon-adsystem.com	ecdn.firstimpression.io c.amazon-adsystem.com
4	www.google.com	ouo.press www.gstatic.com
3	cdn.adskeeper.co.uk	jsc.adskeeper.co.uk
3	www.gstatic.com	www.google.com
2	cm.adskeeper.co.uk	jsc.adskeeper.co.uk
2	s-img.adskeeper.co.uk	jsc.adskeeper.co.uk
2	c.adskeeper.co.uk	jsc.adskeeper.co.uk
2	fonts.gstatic.com	fonts.googleapis.com
2	tracking1.firstimpression.io	ecdn.firstimpression.io
2	cdn.firstimpression.io	ecdn.firstimpression.io
2	ecdn.firstimpression.io	ouo.press srcdoc
2	jsc.adskeeper.co.uk	ouo.press jsc.adskeeper.co.uk
2	video.your-notice.com	ouo.press video.your-notice.com
2	fonts.googleapis.com	ouo.press client
1	vids.viaplays.com	cdn.viaplays.com
1	cm.steepto.com
1	servicer.adskeeper.co.uk	jsc.adskeeper.co.uk
1	ndenthait.xyz	aphycolourses.info
1	afvdeukmy.one	aphycolourses.info
1	cdn.viaplays.com	video.your-notice.com cdn.viaplays.com
1	widgets.outbrain.com	ouo.press
1	ad.doubleclick.net	ouo.press
1	ecdn.analysis.fi	ouo.press
1	aphycolourses.info	ouo.press
1	itineraryupper.com	ouo.press
0	tracking.firstimpression.io Failed	ecdn.firstimpression.io
54	27

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
www.adskeeper.co.uk

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
your-notice.com R3	`2021-11-06` - `2022-02-04`	3 months	crt.sh
itineraryupper.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
aphycolourses.info R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
analysis.fi Amazon	`2021-01-03` - `2022-02-01`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2021-11-21` - `2022-12-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
cdn.viaplays.com R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh
afvdeukmy.one Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
ndenthait.xyz R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
vids.viaplays.com R3	`2021-10-18` - `2022-01-16`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://ouo.press/C5uFo6
Frame ID: 0E5C317CF2EED5C349CFE574449ADF06
Requests: 38 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 992962EE9562DE0BC6BA920CD0BD5989
Requests: 7 HTTP requests in this frame

Frame: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/C5uFo6
Frame ID: 9E08E7CBA206C633F6F7C3EFAED519C6
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=zbjrm08ah30s
Frame ID: F374084CE53A4FBA87FA40DB4567A500
Requests: 5 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1637734868732414739316
Frame ID: A769FE835957AAC0BE82EF14349EA885
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free URL shorten service - ouo.press

Page Statistics

54
Requests

96 %
HTTPS

26 %
IPv6

17
Domains

27
Subdomains

20
IPs

5
Countries

963 kB
Transfer

2928 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=911109

Search URL Search Domain Scan URL

URL: https://www.adskeeper.co.uk/ghits/3805598/i/16195/2/pp/1/1?h=LzPj2P9TAgcj4ZQCravJgxMGCIn8GOfohLYvKZnlQb6PlV36bRvZDIW6chZ4bHBk&rid=b65146a3-4cee-11ec-98bc-2cea7f875b01&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request C5uFo6 Show response
ouo.press/ 8 KB
5 KB 512ms
463ms Document
text/html 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbc3540b457481d92ee88e8727a7f342a4130c967717d6d98c259465fa84f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b3089079ce33761-MXP
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 1020 B
918 B 49ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bfa9b1629f8060bbddfae32fbd6dfd8b9b18c0d39ef5041b4ea12469712fff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 05:13:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Nov 2021 06:21:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Nov 2021 06:21:07 GMT

GET
H2 200 bootstrap.css
ouo.press/css/ 107 KB
18 KB 33ms
32ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/bootstrap.css

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/C5uFo6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37111
cf-polished: origSize=109522
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"54def1fc-1abd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 6b30890aa9fd3761-MXP
expires: Wed, 24 Nov 2021 08:02:36 GMT

GET
H2 200 link-safe.css
ouo.press/css/ 6 KB
2 KB 33ms
31ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/link-safe.css

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/C5uFo6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38323
cf-polished: status=cannot_optimize
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d951ace-1830"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 6b30890aa9ff3761-MXP
expires: Wed, 24 Nov 2021 07:42:24 GMT

GET
H2 200 sw-mav-n.js Show response
ouo.press/ 93 KB
36 KB 40ms
38ms Script
application/javascript 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/sw-mav-n.js

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

911e3c686b479a09d9d41a501e53ad7f52cd1d1a1f83a723598d313ed9b681e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/C5uFo6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32681
cf-polished: origSize=95651
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Jan 2020 08:01:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e16ddd3-175a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6b30890aaa003761-MXP
expires: Wed, 24 Nov 2021 09:16:26 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
998 B 50ms
17ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed1067865fd04d960904b6efa21c61ba67e1867cf93f470a744e2e6abeee35f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Wed, 24 Nov 2021 06:21:07 GMT

GET
H2 200 html_102001.js Show response
video.your-notice.com/ 5 KB
2 KB 60ms
17ms Script
application/javascript 142.91.9.135
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://video.your-notice.com/html_102001.js
Requested by: Host: ouo.press
URL: https://ouo.press/C5uFo6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aa112a9f27e83ed6813066b557d057661c91a24228b55a7072f7718565d40808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:03 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 403 ed36014633829dc70a42dccaefdf3f11.js
itineraryupper.com/ed/36/01/ 0
0 304ms
103ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by: Host: ouo.press
URL: https://ouo.press/C5uFo6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Nov 2021 06:21:07 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 ouo.press.911109.js Show response
jsc.adskeeper.co.uk/o/u/ 2 KB
1 KB 42ms
15ms Script
text/javascript 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
Requested by: Host: ouo.press
URL: https://ouo.press/C5uFo6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfde9c59efe2d635a7ae7d581623b330cebac5a4505a11c88b8c87ad625d9bbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 366
last-modified: Wed, 03 Nov 2021 10:53:31 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: JDBDKRRR3S8ERVF0
x-amz-id-2: NoFhywpOUGF8wzjxfgT0PdfgNelMvQEkUaVvJmtWQ1FX3+A2+JENmztjYaKsSgh6fIc7jqPjoV8=
cf-bgj: minify
server: cloudflare
etag: W/"2181324ca2b64f81e8b1aaf5b8f33e99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 6b30890b288b4d84-FRA
expires: Wed, 24 Nov 2021 10:21:07 GMT

GET
H2 200 world.png
ouo.press/images/ 6 KB
6 KB 33ms
32ms Image
image/png 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ouo.press/images/world.png

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/C5uFo6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 439403
cf-polished: status=not_needed
content-length: 5692
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2015 05:02:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5549a07c-163c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sun, 19 Dec 2021 04:17:44 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b30890b0a963761-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 email-decode.min.js Show response
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
801 B 19ms
18ms Script
application/javascript 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/C5uFo6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 17:32:49 GMT
server: cloudflare
etag: W/"619bd441-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6b30890b0a923761-MXP
vary: Accept-Encoding
expires: Fri, 26 Nov 2021 06:21:07 GMT

GET
H2 200 MnlBVWRJWzIiO0cLLXdeEBE1IRRBQ256C0cWbyUWVwoyehdFVCw0Eh8Xbz8XEFVjJglUW3tkSBANIDI7Wx1jb0YFQXZjUQJbbXcXRxsePAAAW3t3UQBBJ2wHVxxsN1VUQGxhBlBIbDcHC01sM1EGSnVhUQJAdGNdEAQ Show response
aphycolourses.info/ 56 KB
23 KB 313ms
107ms Script
application/javascript 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aphycolourses.info/MnlBVWRJWzIiO0cLLXdeEBE1IRRBQ256C0cWbyUWVwoyehdFVCw0Eh8Xbz8XEFVjJglUW3tkSBANIDI7Wx1jb0YFQXZjUQJbbXcXRxsePAAAW3t3UQBBJ2wHVxxsN1VUQGxhBlBIbDcHC01sM1EGSnVhUQJAdGNdEAQ
Requested by: Host: ouo.press
URL: https://ouo.press/sw-mav-n.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: / Express
Resource Hash: fa2fa3b20cb3d6444e00083fc7a0c31813e063fb91e01856d416bd636369b841

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e0f1-Clf06XQmTBGfO03OVHqaORlU4eo"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 36ms
7ms Script
application/javascript 13.224.193.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: ouo.press
URL: https://ouo.press/C5uFo6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-94.fra2.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:43:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 13:04:51 GMT
server: nginx/1.18.0
age: 2243
etag: W/"619ce6f3-10af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: hwdqrjztHffvfVSX-u8cI61Uwqldb-2yAwXKbadE9N3WUzcMYkRMnQ==
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
expires: Wed, 24 Nov 2021 06:43:44 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 345 KB
92 KB 37ms
9ms Script
application/javascript 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-118.fra2.r.cloudfront.net

Software

nginx/1.18.0 / PHP/7.3.23

Resource Hash

b5bb7514803bb7dafd2dbe37ed4b450c303137223b28d07f667942368d70e0f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:43:42 GMT
content-encoding: br
age: 2245
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
x-xss-protection: 0
access-control-allow-origin: *
last-modified: Wed, 24 Nov 2021 05:43:42 UTC
server: nginx/1.18.0
etag: W/"1dff57415a816c15b1d99c451157f395"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: NtbvokVHTcOqQ53L-QY5xcEv5NEHgUtRzKNU3z3O7HpEgm6qELNGHg==
expires: Wed, 24 Nov 2021 06:43:42 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 21:26:22 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 45ms
7ms Image
image/x-icon 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Nov 2021 06:48:12 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 41ms
8ms Image
image/svg+xml 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ouo.press
URL: https://ouo.press/C5uFo6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
last-modified: Mon, 01 Nov 2021 09:41:05 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1635759783.941258"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Fri, 24 Dec 2021 06:21:07 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 22 KB
5 KB 63ms
54ms XHR
application/json 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FC5uFo6&charset=UTF-8&ch=6&ref=ouo.press&viewerId=null&referer=&_firid=55639282
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-118.fra2.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 72aa5f5642a595188cfa1c07a2be882549c8d526ee0f947c985c157bab54f73b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
x-powered-by: PHP/7.3.23
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
access-control-allow-origin: https://ouo.press
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: x5D-Wi82vW__lNctrkXx7V4YO39Mrn2zpov5xqPtF6VREKD4jbkJEQ==
expires: 0

POST
H2 200 collect
tracking1.firstimpression.io/ 2 B
250 B 105ms
32ms Ping
text/plain 52.16.26.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking1.firstimpression.io/collect?b=1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.26.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-26-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
access-control-request-method: *
access-control-allow-methods: OPTIONS, GET, POST
content-type: text/plain
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 50ms
11ms Script
application/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 64
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0FFPBPAVXCJAKJTMYATS
date: Wed, 24 Nov 2021 06:20:25 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PQiy4Egio8p3auumtajc25YilHbhI0bR6HcQNjwqCAiya4-o3aB72Q==

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v13/ 19 KB
20 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v13/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a17bc7232cf7af5c41ff98ec5a59d300d586773b5850e460aea5387f60c8b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:07:27 GMT
x-content-type-options: nosniff
age: 569620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19404
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:43:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 16:07:27 GMT

GET
H2 200 fiamp.js Show response
ecdn.firstimpression.io/static/js/ Frame 9929 110 KB
41 KB 8ms
8ms Script
application/javascript 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-118.fra2.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 1cb04f75fb71d62e062608802937d848dac49c00de3756d89f4a66b0a943416b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:43:42 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 12:51:09 GMT
server: nginx/1.18.0
age: 2245
etag: W/"619ce3bd-1b8a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: B8AqCa80V9wto7CPQ6_OW3j0x65vrFtXf3J9JJLiCp-F2CbVShVCAw==
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: Wed, 24 Nov 2021 06:43:42 GMT

GET
H2 200 ouo.press.911109.es6.js Show response
jsc.adskeeper.co.uk/o/u/ 235 KB
66 KB 24ms
23ms Script
text/javascript 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d87d54b7605a7eb9cb1b02121fb81879b36c35e5d43191280aa10a0b7165d68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 365
last-modified: Wed, 03 Nov 2021 20:01:17 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XPM7HEYVTPZVEDZ2
x-amz-id-2: PAK/kBIVwX9QfWX+IU0a8IcYQuzH3FYRaQlUKrQ82dmF730yf7lCr0Li18h/h5zEDRqLgEiU2no=
cf-bgj: minify
server: cloudflare
etag: W/"c711e5c2e15c3a22d0e04569d6ece7a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 6b30890c8abc4d84-FRA
expires: Wed, 24 Nov 2021 10:21:07 GMT

GET
H2 200 slider-44.php Show response
video.your-notice.com/ Frame 9E08 11 KB
4 KB 16ms
16ms Script
application/javascript 142.91.9.135
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/C5uFo6
Requested by: Host: video.your-notice.com
URL: https://video.your-notice.com/html_102001.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 94aa4bfc79df027e87bbc55480be1fae4421b08da38c2f953f743b5db589fbd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:03 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F374 39 KB
20 KB 46ms
29ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=zbjrm08ah30s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6d8e2fec8c2106fdfa00e38d28c19fab94dca16c65c9ad7c61d096adce4da7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S1CBV3OYVDCaWW3XvNog4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Nov 2021 06:21:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-S1CBV3OYVDCaWW3XvNog4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20308
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 PLAYER-200128-pack.js Show response
cdn.viaplays.com/static/ Frame 9E08 710 KB
154 KB 559ms
166ms Script
application/javascript 173.237.61.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.viaplays.com/static/PLAYER-200128-pack.js

Requested by

Host: video.your-notice.com
URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/C5uFo6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.237.61.68 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 17:43:54 GMT
server: nginx
etag: W/"5e5e975a-b1749"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H2 200 lg.php
cdn.firstimpression.io/delivery/ Frame 9929 1 B
445 B 51ms
50ms Ping
text/html 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=93863&campaignid=43&zoneid=110459
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-118.fra2.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: gzip
server: nginx/1.18.0
x-amz-cf-pop: FRA2-C2
x-powered-by: PHP/7.3.23
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-amz-cf-id: TkbnI8SQa2vg34lHXovc6PM_B8PskV6Be840tMdTrQvY0wc3F9D4kQ==
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
expires: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 9929 134 KB
36 KB 10ms
10ms Script
application/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 65
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0FFPBPAVXCJAKJTMYATS
date: Wed, 24 Nov 2021 06:20:25 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Yem_r4jcEw6frX5wWI1zdq2qJJLvSDEUn3hJCX7WP29oIazOK3MhVg==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame F374 51 KB
24 KB 23ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=zbjrm08ah30s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 16:48:10 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame F374 347 KB
135 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 21:26:22 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 9929 0
304 B 13ms
12ms XHR
text/plain 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:42:54 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server: Server
age: 2293
x-cache: Hit from cloudfront
access-control-allow-origin: https://ouo.press
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: G_uwAlxMWL6UyMian_J2ehymGK27pIZIEPMNAUW_0wj1i_VnsCQg0A==

GET
H2 200 bid
c.amazon-adsystem.com/e/dtb/ Frame 9929 23 B
0 46ms
45ms XHR
text/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FC5uFo6&pid=R0kBXe39q7sck&cb=0&ws=728x90&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-4.fra2.r.cloudfront.net

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: 11CK752008EDJHR8WKXZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: EAonsGeWIHmep8XAzrd99w7NXT15TPXChv30OMh7OmsRt8Cylv4n4g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9929 6 KB
3 KB 26ms
8ms XHR
application/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 12038
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Wed, 24 Nov 2021 03:00:42 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: NmXx-T15TmrvV-WorO7PbXCC-y8r80SRixOAdmpz2TECq3KfM5J70w==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F374 102 B
134 B 18ms
16ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Host: ouo.press
URL: https://ouo.press/C5uFo6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=zbjrm08ah30s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 24 Nov 2021 06:21:08 GMT

POST collect
tracking.firstimpression.io/ Frame 9929 0
0

GET
H2 204 utx Show response
afvdeukmy.one/ 0
411 B 125ms
98ms XHR
text/plain 52.222.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://afvdeukmy.one/utx?tid=787650&top=ouo.press&cb=RV1TENhdaWP5
Requested by: Host: aphycolourses.info
URL: https://aphycolourses.info/MnlBVWRJWzIiO0cLLXdeEBE1IRRBQ256C0cWbyUWVwoyehdFVCw0Eh8Xbz8XEFVjJglUW3tkSBANIDI7Wx1jb0YFQXZjUQJbbXcXRxsePAAAW3t3UQBBJ2wHVxxsN1VUQGxhBlBIbDcHC01sM1EGSnVhUQJAdGNdEAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-83.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 06:21:08 GMT
via: 1.1 f3e00d74aa4544d776f78a159416d17b.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://ouo.press
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: cR2WnjPe0uHT7zqMoCE-tSFY1IRgnuNfHOGHVvMOE_FzZfM4-WO-WQ==

POST
H2 200 / Show response
ndenthait.xyz/ 0
37 B 307ms
100ms XHR
text/plain 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ndenthait.xyz/
Requested by: Host: aphycolourses.info
URL: https://aphycolourses.info/MnlBVWRJWzIiO0cLLXdeEBE1IRRBQ256C0cWbyUWVwoyehdFVCw0Eh8Xbz8XEFVjJglUW3tkSBANIDI7Wx1jb0YFQXZjUQJbbXcXRxsePAAAW3t3UQBBJ2wHVxxsN1VUQGxhBlBIbDcHC01sM1EGSnVhUQJAdGNdEAQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame F374 29 KB
16 KB 45ms
45ms XHR
application/json 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1cf8f4f28dfd9d514273207ba2cfa755cd3964440a05e775e2c11bcf2c33f3c3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=zbjrm08ah30s
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16551
x-xss-protection: 1; mode=block
expires: Wed, 24 Nov 2021 06:21:08 GMT

GET
H3 200 css
fonts.googleapis.com/ 21 KB
1 KB 37ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 04:28:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Nov 2021 06:21:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Nov 2021 06:21:08 GMT

GET
H2 200 / Show response
c.adskeeper.co.uk/pv/ 0
153 B 2606ms
2594ms Script
text/plain 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/pv/?pv=5&cbuster=1637734868505359535756&uniqId=160be&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fouo.press%2FC5uFo6&lu=https%3A%2F%2Fouo.press%2FC5uFo6&sessionId=619dd9d5-1161c&pageView=1&pvid=17d509ae61a8b8d3aa2&site=272839&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 06:21:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b30891049c54d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 35ms
25ms Image
image/svg+xml 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 2367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: T5CTK0DJ7M4X76W7
x-amz-id-2: tZIcXHQPIJCYrNihVLS2EWmZXEWJ0Vp4oYRJ6IxCwAs5u+xUYhKRmUQwm6bXHowGp5ZaSaN5FXs=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6b30891059fb4d84-FRA
expires: Wed, 24 Nov 2021 10:21:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 36793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 20:07:55 GMT

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/911109/ 1 KB
1 KB 86ms
68ms Script
application/x-javascript 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/911109/1?pv=5&cbuster=1637734868580238374769&uniqId=160be&niet=4g&nisd=false&jsv=es6&w=495&h=387&cols=1&ref=&cxurl=https%3A%2F%2Fouo.press%2FC5uFo6&lu=https%3A%2F%2Fouo.press%2FC5uFo6&sessionId=619dd9d5-1161c&pageView=1&pvid=17d509ae61a8b8d3aa2&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf0361ec5784e03d6880e359745303afe52a30d88262b5bb743cdf1453c21361

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b308910ca9a4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 31ms
30ms Image
image/svg+xml 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 5797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: CNHK62GB8HX55WX0
x-amz-id-2: /mVgVJdEmcs508FZlKUvaJ91QM+/L4X37YlFL09R5MeilbBvFtq64yS/7BpJDJ3SlHnWTZOs3hY=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6b3089115fb5399f-CDG
expires: Wed, 24 Nov 2021 10:21:08 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2Y0MmIzNzRkNTEzZGMzYjY1M2M1ZWU3ZDI1MTY1MGI5LmpwZz90PTE0OTgxNjEyMDg3MTA.webp
s-img.adskeeper.co.uk/g/3805598/492x328/0x0x878x585/ 24 KB
25 KB 75ms
30ms Image
image/webp 104.19.132.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/3805598/492x328/0x0x878x585/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2Y0MmIzNzRkNTEzZGMzYjY1M2M1ZWU3ZDI1MTY1MGI5LmpwZz90PTE0OTgxNjEyMDg3MTA.webp?v=1637734868-hc30TCuK9q9ULrVZb_p7ITD8wf3y3H-pXEmBUZ3sC30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a393cd5a805b005d4ba7ebd43fd3da5f5b8e73f84f75d8d5f41d718b3c82c440

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:54:00 GMT
x-mg-request-uuid: cbfe4f00-f261-4061-a3c4-b440d04f0489
age: 542853
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b3089119f46406f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24888
server: cloudflare

GET
H3 200 int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/ 1 KB
1 KB 27ms
27ms Image
image/svg+xml 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 5757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: KNXRN2Q030N2VE7Z
x-amz-id-2: OpaGZcYWUj1nCdPLRp5GqTjykc9hC9aQYyWKrX9d/RcthFKXGvHJfkI4iaCc5Y1qo/A9w0rlSHw=
last-modified: Mon, 04 May 2020 12:16:42 GMT
server: cloudflare
etag: W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6b3089116fca399f-CDG
expires: Wed, 24 Nov 2021 10:21:08 GMT

GET
H2 200 i.js Show response
cm.adskeeper.co.uk/ 113 B
230 B 210ms
200ms Script
application/javascript 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i.js?&cbuster=1637734868717674350406
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f169953dd28c73842ae0e948de1d105c48cfdf10bf59d65d8bd113c3d5758d12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Nov 2021 06:21:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b3089118be74d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.adskeeper.co.uk/ Frame A769 19 B
77 B 207ms
204ms Script
application/javascript 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1637734868732414739316
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 06:21:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Nov 2021 06:21:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b3089119c044d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2Y0MmIzNzRkNTEzZGMzYjY1M2M1ZWU3ZDI1MTY1MGI5LmpwZz90PTE0OTgxNjEyMDg3MTA.webp
s-img.adskeeper.co.uk/g/3805598/492x328/0x0x878x585/ 24 KB
25 KB 54ms
30ms Image
image/webp 104.19.132.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/3805598/492x328/0x0x878x585/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2Y0MmIzNzRkNTEzZGMzYjY1M2M1ZWU3ZDI1MTY1MGI5LmpwZz90PTE0OTgxNjEyMDg3MTA.webp?v=1637734868-hc30TCuK9q9ULrVZb_p7ITD8wf3y3H-pXEmBUZ3sC30
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a393cd5a805b005d4ba7ebd43fd3da5f5b8e73f84f75d8d5f41d718b3c82c440

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:54:00 GMT
x-mg-request-uuid: cbfe4f00-f261-4061-a3c4-b440d04f0489
age: 542853
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6b3089121e8fedff-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24888
server: cloudflare

POST
H2 200 collect
tracking1.firstimpression.io/ 2 B
249 B 33ms
32ms Ping
text/plain 52.16.26.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking1.firstimpression.io/collect?b=1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.26.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-26-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Nov 2021 06:21:08 GMT
access-control-request-method: *
access-control-allow-methods: OPTIONS, GET, POST
content-type: text/plain
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2

GET
H2 200 /
cm.steepto.com/setmuidn/ 0
173 B 157ms
135ms Image
image/gif 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.steepto.com/setmuidn/?muidf=lan8DNFWqClm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:21:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b308912fbc1c286-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 9E08 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 102001 Show response
vids.viaplays.com/dsp/vast/ Frame 9E08 71 B
485 B 895ms
166ms XHR
application/xml 173.237.61.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://vids.viaplays.com/dsp/vast/102001?&randoms=1328781840826

Requested by

Host: cdn.viaplays.com
URL: https://cdn.viaplays.com/static/PLAYER-200128-pack.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.237.61.68 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 06:21:10 GMT
x-content-type-options: nosniff
server: nginx
age: 0
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
content-length: 71

POST
H2 200 c
c.adskeeper.co.uk/ 43 B
172 B 87ms
86ms Ping
image/gif 104.19.134.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/c?f=1&pv=3&v=484|342|8|LzPj2P9TAgcj4ZQCravJgxMGCIn8GOfohLYvKZnlQb6PlV36bRvZDIW6chZ4bHBk&fw=1&extjs=66044&cid=911109&h2=LZ5RJQS2E6QXPudow0zXam08RUz4B3sMks8WiSV7C-c*&rid=b65146a3-4cee-11ec-98bc-2cea7f875b01&tt=Direct&iv=11&pageImp=1&pvid=17d509ae61a8b8d3aa2&cbuster=1637734869899873101848&tpl=0
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 06:21:09 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b760fdc8-bdf3-41bf-bcca-76300a531fee
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b308918ea684d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET blank.mp4
cdn.viaplays.com/video/ Frame 9E08 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tracking.firstimpression.io
URL: https://tracking.firstimpression.io/collect?b=1

Domain: cdn.viaplays.com
URL: https://cdn.viaplays.com/video/blank.mp4

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 03:14:46	Name: _GRECAPTCHA Value: 09ABBMTcM3cOZG_aNjt-p0zfCnrHf03hzWqdyqh3emNYWdV735nVYAk8898Qb_SJlaxbS6boWpAlv4bBFTS66ilgQ
ouo.press/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6Ik8wYmphZlZKcGFiYktJV3I4MmhzcFZcLzNCV25pTHRFS0FTTGhyRXpkeVU0PSIsInZhbHVlIjoib2t6aEhlRzg3bHdnaEw3NktXUW4wRlBGSFpqd1g4cVhuU2Z1dE9PQ0RyaVpmZXhzQ3hZdnpBbnZTY3htd2Ewd29PYWJHMklEbzFybWFhTlJEZW5sdEE9PSIsIm1hYyI6IjMwMTBjMDQ1YzFkMjUzOTc4NjdmY2Q3ODI3ZGE2NWY4NGQ5NDJkOGNhYTJlZDU4OGM5Y2YzODAwNDY0NDVkNDgifQ%3D%3D
ouo.press/	1970-01-21 18:43:34	Name: language Value: eyJpdiI6Ijc3U1wvcDJSZkladmdBaWRSSjBabjV3UURCYm9velwvUGN4cURiTG9ENTZyMD0iLCJ2YWx1ZSI6Im5NZVdVNDd0M3dod0dQbFwvUjliWkJ1d3BhUmlHSWtwbzZmVUlpNVBWMng0PSIsIm1hYyI6ImRhYmNkNGM5ZTA0OGIwZDI4NzQzN2Y0YWE5MGUxZjY1ZjFhYjI5YzdmYzI3NjlhNWMzMTUzMzRlZmU5NDI1ODIifQ%3D%3D
ouo.press/	1970-01-19 22:55:42	Name: 65cf79c4d2497f424fb01adbcbb6d094397dd487 Value: eyJpdiI6InFERlhhaHBSOGpBS1hnKzdPa0RNYzBlZlwvbjM4bFF4cFhoTlJYTjNZdGFNPSIsInZhbHVlIjoiOVNWWHduQnBMcFdNc3JnMFIyT3JqMnkrXC9SZzJkYVpjSWxYUmJGSzhrd3VFWG90YklKakF1c3VqVlNaXC9mWHJRWFZjVjFFNjZteURGVzd1c2tJTlRCQVwvQzhxdDROT2paWVdZbVZWbXcrUHAwQ2RHMHp5VGM3N1BkZVlDRHVoMzVOUkJtZEFmT21SaTZtU0pCbHlIU0dFNWNXd1NqMVo5K0dObjZTY2JGc3BucU1mWU41MW9uTUJudkdFWTQ2TzdqQjR2cEdoSHRBSkUxajc1SDQ3blc3OEJxcUwwMjZidllIZlM2U3c1M3hFa2dWY09VRnJEUDhnTit5NHVuQ1lPSnFpZVlpTExVeUM3eGtCN3JMOE9SamtcL0RpS2tTNndGeVZGcW5tTURiTnJTOE1UYm1Hc3M4QlY3V1FsVVZsTGdjR1RycFlOZitmd1FnQ2hcLytmVEZ1Zklxd1BrVExNM3l3a25kRk5VckkxRk96SEw5V1wvT2g0Z1hpXC9HaHJTdzVpaiIsIm1hYyI6IjVlYTU5ZDFlMzhlYWUxZGVhZjQxNGY1ZWJkZGZkODI4YTg0M2RmMzY1YTY3ZDc0ZjFmMGEwYTljNmY2ZDY5MzQifQ%3D%3D
cdn.firstimpression.io/	1969-12-31 23:59:59	Name: OAID Value: GDPR
servicer.adskeeper.co.uk/	1970-01-19 22:55:35	Name: __mglb Value: fc02a5af8306bee686576562f78e8f80
ouo.press/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%7D%2C%22C911109%22%3A%7B%22page%22%3A1%2C%22time%22%3A1637734868684%7D%7D
.viaplays.com/	1970-01-20 07:41:10	Name: vplays_uid Value: 0454f7b9-0e10-4645-a101-f6592b7b3d4f
.adskeeper.co.uk/	1970-01-25 20:31:23	Name: muidn Value: lan9huUVNIlm

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://ouo.press/C5uFo6 Message: The resource https://c.amazon-adsystem.com/aax2/apstag.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
afvdeukmy.one
aphycolourses.info
c.adskeeper.co.uk
c.amazon-adsystem.com
cdn.adskeeper.co.uk
cdn.firstimpression.io
cdn.viaplays.com
cm.adskeeper.co.uk
cm.steepto.com
ecdn.analysis.fi
ecdn.firstimpression.io
fonts.googleapis.com
fonts.gstatic.com
itineraryupper.com
jsc.adskeeper.co.uk
ndenthait.xyz
ouo.press
s-img.adskeeper.co.uk
servicer.adskeeper.co.uk
tracking.firstimpression.io
tracking1.firstimpression.io
video.your-notice.com
vids.viaplays.com
widgets.outbrain.com
www.google.com
www.gstatic.com
cdn.viaplays.com
tracking.firstimpression.io
104.19.132.80
104.19.134.80
104.19.138.80
107.22.28.167
13.224.193.94
13.224.198.4
13.225.78.118
142.250.181.230
142.91.9.135
173.237.61.68
192.243.59.13
23.218.209.87
2606:4700:10::6816:3afb
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
52.16.26.49
52.222.214.83
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0bfa9b1629f8060bbddfae32fbd6dfd8b9b18c0d39ef5041b4ea12469712fff8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1
1cb04f75fb71d62e062608802937d848dac49c00de3756d89f4a66b0a943416b
1cf8f4f28dfd9d514273207ba2cfa755cd3964440a05e775e2c11bcf2c33f3c3
1d87d54b7605a7eb9cb1b02121fb81879b36c35e5d43191280aa10a0b7165d68
1dbc3540b457481d92ee88e8727a7f342a4130c967717d6d98c259465fa84f4e
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
62a17bc7232cf7af5c41ff98ec5a59d300d586773b5850e460aea5387f60c8b2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
72aa5f5642a595188cfa1c07a2be882549c8d526ee0f947c985c157bab54f73b
786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
911e3c686b479a09d9d41a501e53ad7f52cd1d1a1f83a723598d313ed9b681e3
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
94aa4bfc79df027e87bbc55480be1fae4421b08da38c2f953f743b5db589fbd2
a393cd5a805b005d4ba7ebd43fd3da5f5b8e73f84f75d8d5f41d718b3c82c440
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa112a9f27e83ed6813066b557d057661c91a24228b55a7072f7718565d40808
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
b5bb7514803bb7dafd2dbe37ed4b450c303137223b28d07f667942368d70e0f3
c6d8e2fec8c2106fdfa00e38d28c19fab94dca16c65c9ad7c61d096adce4da7d
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cf0361ec5784e03d6880e359745303afe52a30d88262b5bb743cdf1453c21361
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
dfde9c59efe2d635a7ae7d581623b330cebac5a4505a11c88b8c87ad625d9bbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
ed1067865fd04d960904b6efa21c61ba67e1867cf93f470a744e2e6abeee35f6
f169953dd28c73842ae0e948de1d105c48cfdf10bf59d65d8bd113c3d5758d12
fa2fa3b20cb3d6444e00083fc7a0c31813e063fb91e01856d416bd636369b841

ouo.press Open in urlscan Pro 2606:4700:10::6816:3afb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

54 Requests

96 %HTTPS

26 %IPv6

17 Domains

27 Subdomains

20 IPs

5 Countries

963 kBTransfer

2928 kBSize

9 Cookies

2 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

96 %
HTTPS

26 %
IPv6

17
Domains

27
Subdomains

20
IPs

5
Countries

963 kB
Transfer

2928 kB
Size

9
Cookies

54 HTTP transactions
2 data transactions