ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ouo.io/uDHcDi
Effective URL:
https://ouo.press/uDHcDi
Submission: On December 22 via manual (December 22nd 2022, 2:29:42 pm UTC) from GB — Scanned from GB

Summary HTTP 52 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 19 domains to perform 52 HTTP transactions. The main IP is 2606:4700:10::6816:3afb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 195643.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.

This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:697	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6816:3afb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	23.109.82.75 23.109.82.75	7979 (SERVERS-COM) (SERVERS-COM)
4	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:467a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.233.137.36 173.233.137.36	7979 (SERVERS-COM) (SERVERS-COM)
10	2606:4700:440... 2606:4700:4400::ac40:9914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.15.103 18.66.15.103	16509 (AMAZON-02) (AMAZON-02)
6	18.66.122.112 18.66.122.112	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.32.105.95 13.32.105.95	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.222.247.205 52.222.247.205	16509 (AMAZON-02) (AMAZON-02)
52	21

1 2606:4700:10::ac43:697 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ouo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:3afb (United States)

ASN13335 (CLOUDFLARENET, US)

ouo.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.82.75 (Netherlands)

ASN7979 (SERVERS-COM, US)

tv.gourdycortes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:467a (United States)

ASN13335 (CLOUDFLARENET, US)

hhklc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.36 (United States)

ASN7979 (SERVERS-COM, US)

itineraryupper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::ac40:9914 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-103.vie50.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.122.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-112.fra60.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.105.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-105-95.fra60.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.247.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-205.fra60.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	adskeeper.co.uk jsc.adskeeper.co.uk — Cisco Umbrella Rank: 60615 c.adskeeper.co.uk — Cisco Umbrella Rank: 41478 cdn.adskeeper.co.uk — Cisco Umbrella Rank: 33046 servicer.adskeeper.co.uk — Cisco Umbrella Rank: 59450 s-img.adskeeper.co.uk — Cisco Umbrella Rank: 41668 cm.adskeeper.co.uk — Cisco Umbrella Rank: 64945	100 KB
6	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 23217 cdn.firstimpression.io — Cisco Umbrella Rank: 23306	309 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503	93 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	381 KB
5	ouo.press ouo.press — Cisco Umbrella Rank: 195643	32 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	41 KB
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 713	307 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 1334	157 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	10 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1353	3 KB
1	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 161	664 B
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 29029	2 KB
1	itineraryupper.com itineraryupper.com — Cisco Umbrella Rank: 325393
1	hhklc.com hhklc.com — Cisco Umbrella Rank: 156308	3 KB
1	gourdycortes.com tv.gourdycortes.com — Cisco Umbrella Rank: 324612	1 KB
1	ouo.io 1 redirects ouo.io — Cisco Umbrella Rank: 112542	1 KB
52	19

	Domain	Requested by
5	ouo.press	ouo.press
4	c.amazon-adsystem.com	ecdn.firstimpression.io c.amazon-adsystem.com
4	ecdn.firstimpression.io	ouo.press ecdn.firstimpression.io
4	www.google.com	ouo.press www.gstatic.com www.google.com
3	www.gstatic.com	www.google.com
2	ib.adnxs.com	ecdn.firstimpression.io
2	cm.adskeeper.co.uk	jsc.adskeeper.co.uk
2	cdn.firstimpression.io	ecdn.firstimpression.io
2	cdn.adskeeper.co.uk	ouo.press
2	c.adskeeper.co.uk	jsc.adskeeper.co.uk
2	fonts.gstatic.com	fonts.googleapis.com
2	jsc.adskeeper.co.uk	ouo.press jsc.adskeeper.co.uk
2	fonts.googleapis.com	ouo.press client
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	bidder.criteo.com	ecdn.firstimpression.io
1	fastlane.rubiconproject.com	ecdn.firstimpression.io
1	tag.1rx.io	ecdn.firstimpression.io
1	s-img.adskeeper.co.uk	ouo.press
1	cdn.jsdelivr.net	ecdn.firstimpression.io
1	servicer.adskeeper.co.uk	jsc.adskeeper.co.uk
1	widgets.outbrain.com	ouo.press
1	ad.doubleclick.net	ouo.press
1	ecdn.analysis.fi	ouo.press
1	itineraryupper.com	ouo.press
1	hhklc.com	ouo.press
1	tv.gourdycortes.com	ouo.press
1	ouo.io	1 redirects
52	27

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
clck.adskeeper.co.uk

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-12` - `2023-06-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tv.gourdycortes.com R3	`2022-12-09` - `2023-03-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
itineraryupper.com R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh
analysis.fi Amazon	`2022-11-03` - `2023-12-02`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2022-11-27` - `2023-12-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ouo.press/uDHcDi
Frame ID: ADD0D47395B9B2B3AF12B7FCB7949239
Requests: 35 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=4p3cq868jagf
Frame ID: B2AF27761299A8D9D237583784400FBE
Requests: 5 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 346A45758038E4C3EF284F83C4A3BF51
Requests: 12 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1671719377577695264740
Frame ID: 866D2C9F73895E305F3C8A8575FCB78A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

https://ouo.io/uDHcDi HTTP 302
https://ouo.press/uDHcDi Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

52
Requests

94 %
HTTPS

52 %
IPv6

19
Domains

27
Subdomains

21
IPs

6
Countries

979 kB
Transfer

2926 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=911109

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.co.uk/ghits/14647890/i/16195/2/pp/1/1?h=slE8atbQF1jAnA0aE5D88T_K7x97VOZU9hWrdrw5VS_0BixlXDSEl4BdHRjXKLrNO9v1eUghOZtoj4jYpC3zRQ**&rid=100cc63b-8205-11ed-8311-e43d1a2a96ea&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ouo.io/uDHcDi HTTP 302
https://ouo.press/uDHcDi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request uDHcDi Show response
ouo.press/
Redirect Chain

https://ouo.io/uDHcDi
https://ouo.press/uDHcDi

8 KB
5 KB

318ms
205ms

Document
text/html

2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/uDHcDi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

599bf0f5927ef52c605844f3f043b2b4dc9f731374670d871d2b6b7e60fd9301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77d98cf71ff47707-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Dec 2022 14:29:36 GMT
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77d98cf51ebedca7-LHR
content-type: text/html; charset=UTF-8
date: Thu, 22 Dec 2022 14:29:36 GMT
location: https://ouo.press/uDHcDi
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 1020 B
918 B 194ms
66ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: ouo.press
URL: https://ouo.press/uDHcDi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Dec 2022 14:29:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 12:56:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Dec 2022 14:29:36 GMT

GET
H2 200 bootstrap.css
ouo.press/css/ 107 KB
18 KB 64ms
60ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/bootstrap.css

Requested by

Host: ouo.press
URL: https://ouo.press/uDHcDi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/uDHcDi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19937
cf-polished: origSize=109522
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
server: cloudflare
etag: W/"54def1fc-1abd2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 77d98cf87a3b7707-LHR
expires: Thu, 22 Dec 2022 20:57:19 GMT

GET
H2 200 link-safe.css
ouo.press/css/ 6 KB
2 KB 60ms
56ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/link-safe.css

Requested by

Host: ouo.press
URL: https://ouo.press/uDHcDi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/uDHcDi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14104
cf-polished: status=cannot_optimize
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
server: cloudflare
etag: W/"5d951ace-1830"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 77d98cf88a3f7707-LHR
expires: Thu, 22 Dec 2022 22:34:32 GMT

GET
H/1.1 200
OK 48786 Show response
tv.gourdycortes.com/1clkn/ 6 B
1 KB 308ms
58ms Script
application/javascript 23.109.82.75
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.gourdycortes.com/1clkn/48786

Requested by

Host: ouo.press
URL: https://ouo.press/uDHcDi

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.75 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 14:29:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
995 B 266ms
98ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: ouo.press
URL: https://ouo.press/uDHcDi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23978a0d0b381da7b6d3d9f39a50a6b233254ab39bdda295f5fa1eb410b64d88

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 14:29:36 GMT

GET
H2 200 c.js Show response
hhklc.com/ 10 KB
3 KB 159ms
51ms Script
application/javascript 2606:4700:3030::6815:467a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hhklc.com/c.js
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:467a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834156da24e6e043baf4b9e5490959ea27da1153b664653c4ca1e158dba7e04b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 442
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 20 Dec 2022 15:10:50 GMT
server: cloudflare
etag: W/"63a1d07a-269f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roHzkz2ajMNgCFwQqga0N7x8ZHPD7zgM1a6og%2FRmDR4Rdb8cxc0ZLgM47tdsw0c0knIsXGJpQYHSOVJoA8EV041OnTW0Upv7MNgctgLvqhxVXfiIUefnA8w8HNN%2FKbmNj40e%2BZ4Dh9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
server-asp-net: Asp Net
cf-ray: 77d98cfadafb8871-LHR
expires: Thu, 22 Dec 2022 15:07:15 GMT

GET
H/1.1 403
Forbidden ed36014633829dc70a42dccaefdf3f11.js
itineraryupper.com/ed/36/01/ 0
0 375ms
124ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 14:29:37 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 ouo.press.911109.js Show response
jsc.adskeeper.co.uk/o/u/ 2 KB
1 KB 163ms
56ms Script
text/javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af81de083b3ebb43909ca66d215b9b570416783ccc11b881788d5047a1ec3f16

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
content-encoding: gzip
x-amz-version-id: L1IvNJU.qTktpLIQfXdomiQw2LBLddwY
cf-cache-status: HIT
x-amz-request-id: 5ZZZ6J0NHV1KH1TB
age: 3354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 917
x-amz-id-2: Si8UO1Q+BDLksM6hcXRq5zcZmComhji9kZe/8qoBNkAyngrMHHsaWBeZQOtcFGGuBCXSWCR/FAk=
last-modified: Wed, 23 Nov 2022 11:40:49 GMT
server: cloudflare
etag: "81954b37bfde4482100f450e77d81cb7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77d98cfada3c23d4-LHR
expires: Thu, 22 Dec 2022 18:29:37 GMT

GET
H2 200 world.png
ouo.press/images/ 6 KB
6 KB 63ms
62ms Image
image/png 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ouo.press/images/world.png

Requested by

Host: ouo.press
URL: https://ouo.press/uDHcDi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/uDHcDi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1166622
cf-polished: status=not_needed
content-length: 5692
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 May 2015 05:02:52 GMT
server: cloudflare
etag: "5549a07c-163c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 77d98cfa2ce57707-LHR
expires: Sun, 08 Jan 2023 02:25:55 GMT

GET
H2 200 email-decode.min.js Show response
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
817 B 47ms
47ms Script
application/javascript 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ouo.press
URL: https://ouo.press/uDHcDi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/uDHcDi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 11:52:41 GMT
server: cloudflare
etag: W/"63a05089-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 77d98cfa2cd57707-LHR
expires: Sat, 24 Dec 2022 14:29:36 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 223ms
68ms Script
application/javascript 18.66.15.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-103.vie50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:51:48 GMT
content-encoding: gzip
via: 1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
x-amz-cf-pop: VIE50-P1
age: 2269
etag: W/"61b8b8ab-1090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: vE4RjuB23aSd5qNayW1IZsSt3ANJ0F1ASqYx2pUBNTbhM6cOd8TnHg==
expires: Thu, 22 Dec 2022 14:51:48 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 184ms
61ms Script
application/javascript 18.66.122.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: ouo.press
URL: https://ouo.press/uDHcDi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-112.fra60.r.cloudfront.net

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

ca6b45ed1707af25eee7d4660736d84aa7b446701d9d92cb327e02df9e71f6c2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:51:50 GMT
content-encoding: br
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 13:51:50 UTC
server: nginx/1.20.0
x-amz-cf-pop: FRA60-P2
age: 2267
x-powered-by: PHP/8.0.14
etag: W/"70a9d78cb29274b1b8c77d8c7eb5c497"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pCuji4Gl11pBreJm1ITgXRfDmlqEn_iH-Cu7NlENUewT-7ejnkD4mQ==
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 403 KB
162 KB 239ms
72ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 05:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 05:15:22 GMT

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 19 KB
19 KB 170ms
54ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo.press
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 15:56:13 GMT
x-content-type-options: nosniff
age: 167604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19292
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:56:13 GMT

GET
H2 200 ouo.press.911109.es6.js Show response
jsc.adskeeper.co.uk/o/u/ 268 KB
80 KB 53ms
52ms Script
text/javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56148b9dfab26b937a329c7e63057d4e13102bb025712e058549db2d09d4478f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
content-encoding: gzip
x-amz-version-id: BGWdLTu0gk2Sa_lfFMoGUklmsbUpWNEf
cf-cache-status: HIT
x-amz-request-id: 7G11HT1AJRZGGZWX
age: 4790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81134
x-amz-id-2: RS0I2gh7sWLMndGVFQ4Iw5jYLUxQLi9xqcuXAv+XSecMBvsLz+TLW0nyr1uwwQGK35iaDlV/23A=
last-modified: Wed, 23 Nov 2022 11:40:48 GMT
server: cloudflare
etag: "8d21d010c2ff0300cb95fd9ba262edfa"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77d98cfb3ad323d4-LHR
expires: Thu, 22 Dec 2022 18:29:37 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 184ms
54ms Image
image/x-icon 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: ouo.press
URL: https://ouo.press/uDHcDi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 09:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Dec 2022 09:21:53 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 182ms
54ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sat, 21 Jan 2023 14:29:37 GMT

GET
BLOB 200
OK 7a4a57bf-2a78-4934-ae9c-e7c08af01a02
https://ouo.press/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ouo.press/7a4a57bf-2a78-4934-ae9c-e7c08af01a02
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 54f33e34-63b6-48ad-9412-2b911d75829b
https://ouo.press/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ouo.press/54f33e34-63b6-48ad-9412-2b911d75829b
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 css
fonts.googleapis.com/ 21 KB
1 KB 171ms
63ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e46d7c330d93ed1f46eac182657707e88ef70819d1c44d0a830b9870fe1f3aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Dec 2022 14:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 14:12:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Dec 2022 14:29:37 GMT

GET
H2 200 / Show response
c.adskeeper.co.uk/pv/ 0
43 B 78ms
66ms Script
text/plain 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/pv/?pv=5&cbuster=167171937729789411440&uniqId=0eac1&lct=1669161600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fouo.press%2FuDHcDi&lu=https%3A%2F%2Fouo.press%2FuDHcDi&sessionId=63a469d1-1375d&pageView=1&pvid=1853a3d5992a1bc456c&site=272839&implVersion=11&dpr=1&tfre=615
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77d98cfc5c8b23d4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content fbc7f4e0-f6f8-4dbd-8e25-d5e11b28a0b8
https://ouo.press/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ouo.press/fbc7f4e0-f6f8-4dbd-8e25-d5e11b28a0b8
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 63ms
52ms Image
image/svg+xml 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: MDP1XS902VR3113A
age: 2962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: J7CKQl8NBlmILtWcYgNAItGfV1gc0W9PW68QmxYsidhZzwnPTCredEoaoSWc/E1RfqgoNNQQT+o=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 77d98cfc6c9c23d4-LHR
expires: Thu, 22 Dec 2022 18:29:37 GMT

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/911109/ 1 KB
964 B 172ms
162ms Script
application/x-javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/911109/1?pv=5&cbuster=1671719377361890515574&uniqId=0eac1&lct=1669161600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=495&h=404&cols=1&ref=&cxurl=https%3A%2F%2Fouo.press%2FuDHcDi&lu=https%3A%2F%2Fouo.press%2FuDHcDi&sessionId=63a469d1-1375d&pageView=1&pvid=1853a3d5992a1bc456c&implVersion=11&dpr=1&tfre=678
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2f534f600426958fde2d96d76663137388170b9b580f2a20c2847fa8d285a45

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77d98cfcbd1623d4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 25 KB
6 KB 110ms
98ms XHR
application/json 18.66.122.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FuDHcDi&charset=UTF-8&ch=14&ref=ouo.press&viewerId=null&referer=&_firid=98965568
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-112.fra60.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: 43634bee4c2a261f7bd8a53d6e4eda28964429bb16e4d394f10550cde3a51f54

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ouo.press/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: K6BSQPDjVlBdGZ_TeD1U6rX4xdq7UbNsaTi134b28uG89pEBm3AdMg==
expires: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B2AF 42 KB
22 KB 257ms
105ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=4p3cq868jagf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46a42680c45a6dcb2d8fa2a30f0c1b1df8a4e5418035f08d0da4c178903310a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R3JLWSDxtwL8uHOGh7H9CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22075
content-security-policy: script-src 'report-sample' 'nonce-R3JLWSDxtwL8uHOGh7H9CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 14:29:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 prebidamp.js Show response
ecdn.firstimpression.io/static/js/ 312 KB
88 KB 181ms
66ms Script
application/javascript 18.66.122.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-112.fra60.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:51:49 GMT
content-encoding: br
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA60-P2
age: 2268
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: WErI2XbCi5wL5kuep5iqhYu36CEf_c3H2-eK2qUYL3v-Yk5GrvMQow==
expires: Thu, 22 Dec 2022 14:51:49 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 27 KB
10 KB 152ms
54ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14018
x-jsd-version: 1.14.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3U8ltCy%2BzUe1INWYQTd%2FGypLRC%2FeVVi40vfkhLjjDp1kkk16T9InvidkYJGzk2DhB643p0TC0Lw5HTLjDHScm1rxfAnmKrXH2bSLSL8def9%2BzJvViHmdKbZT%2Fply3K0wdOdqroJxz4FjkY1mYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 77d98cfe59058871-LHR

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 201ms
66ms Script
application/javascript 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b33c16f39a180213b010e813470d9b31833409d97e78d43d33f43138852a26e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:26:02 GMT
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Wed, 21 Dec 2022 21:26:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA60-P1
age: 216
x-amz-server-side-encryption: AES256
etag: W/"ca9815ac68da5f43522e6e88c003c175"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: ELmY3gZwWOHzBsHBU9kOQ281UcUZJ_t5-mf7fKk8vcka7o6fqlHWFw==

GET
H2 200 fiamp.js Show response
ecdn.firstimpression.io/static/js/ Frame 346A 110 KB
34 KB 60ms
60ms Script
application/javascript 18.66.122.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-112.fra60.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:51:48 GMT
content-encoding: br
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA60-P2
age: 2269
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: Cu7IDFe6m8OihwnAuVC5FQmLLlDLxLP_ZnkufWFvGbYuryP-IDfMCg==
expires: Thu, 22 Dec 2022 14:51:48 GMT

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzY4NzY0MC8zMmU3N...
s-img.adskeeper.co.uk/g/14647890/492x328/-/ 15 KB
15 KB 387ms
281ms Image
image/webp 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/14647890/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzY4NzY0MC8zMmU3NWZjZDVjMjkzZTFjNDFmZDQ1MDg0MDYzMmJjZS5qcGc.webp?v=1671719377-c6XvVNDlIRkZneiePeXx57rpreVGyoppvttAfLNipcY
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6437da66d74180932a0b8aab9b0a4ae9188acc7602bc5009d22676208580dc9

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Nov 2022 14:29:58 GMT
x-mg-request-uuid: 478501ef-63e5-49ce-85d6-2dd0662f6631
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 77d98cfe8e5006f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15242

GET
H3 200 int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/ 1 KB
984 B 67ms
67ms Image
image/svg+xml 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Requested by: Host: ouo.press
URL: https://ouo.press/uDHcDi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: NC37NGV6AEVBWJ39
age: 2082
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Da/NskCVQpO084ZNfHBXGZRs1Lkcyiu602btRZJXcDPOIJyXWEWHnvqEfcG9+yIvx0wEK1zyZK4=
last-modified: Mon, 04 May 2020 12:16:42 GMT
server: cloudflare
etag: W/"37346cd2daeeec771e8ffe3a34ef43ea"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 77d98cfdeb2671b4-LHR
expires: Thu, 22 Dec 2022 18:29:37 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 176ms
58ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo.press
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 251085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:44:52 GMT

GET
H2 200 i.js Show response
cm.adskeeper.co.uk/ 0
37 B 142ms
132ms Script
application/javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i.js?&cbuster=1671719377570226044291
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 14:29:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 77d98cfe0f6e23d4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.adskeeper.co.uk/ Frame 866D 0
101 B 133ms
130ms Script
application/javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1671719377577695264740
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 14:29:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 77d98cfe0f7023d4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 prebidamp.js Show response
ecdn.firstimpression.io/static/js/ Frame 346A 312 KB
88 KB 176ms
171ms Script
application/javascript 18.66.122.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-112.fra60.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:51:49 GMT
content-encoding: br
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA60-P2
age: 2268
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: ZSk7tr3AUp_C_gNsCe9eIUn8vVz_v_hc2jhpjg79Y5dPftg60iEITg==
expires: Thu, 22 Dec 2022 14:51:49 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B2AF 52 KB
24 KB 219ms
72ms Stylesheet
text/css 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=4p3cq868jagf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:13:07 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B2AF 403 KB
161 KB 253ms
108ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 05:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 05:15:22 GMT

POST
H2 200 lg.php
cdn.firstimpression.io/delivery/ Frame 346A 1 B
446 B 87ms
87ms Ping
text/html 18.66.122.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-112.fra60.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://ouo.press/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 14:29:37 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: FRA60-P2
x-powered-by: PHP/8.0.14
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: qnC_8W7N1MkPc8FFCiavBQczG46a0ScSzzpqyNgXfd0E8hDJqzxWOw==
expires: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/212927/0/ Frame 346A 0
157 B 208ms
80ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
pragma: no-cache
date: Thu, 22 Dec 2022 14:29:38 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 346A 137 B
939 B 277ms
157ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f3bcf6ef0c7941d0a2cadf68fc38689a8c43be2ed7bd0c443d9485e9a2eb4346

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Dec 2022 14:29:38 GMT
AN-X-Request-Uuid: 2863426b-7c03-4f46-a381-bd9e07eba826
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 346A 348 B
0 337ms
152ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FuDHcDi&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FuDHcDi&tg_i.page=https%3A%2F%2Fouo.press%2FuDHcDi&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=7d3c0f9a-53dd-44db-b1a0-72a62ba23403&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2625898371122468
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash

Request headers

Referer: https://ouo.press/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 14:29:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ouo.press
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 346A 138 B
940 B 177ms
60ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ae26f22f8a6926974e1d7ce6ee49dd0b0b573127f2f2a5e178d9e73d97b9e5af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Dec 2022 14:29:38 GMT
AN-X-Request-Uuid: e9887de0-d157-4e11-8dcb-14b69d069504
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 346A 18 B
307 B 192ms
81ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=50188111866

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ouo.press/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Dec 2022 14:29:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 346A 178 KB
45 KB 64ms
63ms Script
application/javascript 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b33c16f39a180213b010e813470d9b31833409d97e78d43d33f43138852a26e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:26:02 GMT
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Wed, 21 Dec 2022 21:26:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA60-P1
age: 216
x-amz-server-side-encryption: AES256
etag: W/"ca9815ac68da5f43522e6e88c003c175"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: V_ufKHz5wiFZgsTcRB5CBM1BCg51qyg8G40wpSGdPd5gQZql4mtXuw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 346A 0
303 B 58ms
57ms XHR
text/plain 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 12:54:36 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
age: 5701
x-cache: Hit from cloudfront
access-control-allow-origin: https://ouo.press
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: eF7Jdvtlwdtw3O3DxaNi_Xemxcz8o6mFdmaeI-hjzLqkTEprqkRF1Q==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 346A 23 B
459 B 222ms
94ms XHR
text/javascript 52.222.247.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FuDHcDi&pid=WHdr18k1NLP7W&cb=0&ws=728x90&v=22.1212.1754&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.247.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-247-205.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:38 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: 8NZF8XTXCNPAH3X1MCS9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 8UywYahnP5_iVQmXpy_2XpVvDm08WblxLjBvyt-c3sZPtG1U0JlcXQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 346A 6 KB
3 KB 175ms
59ms XHR
application/javascript 13.32.105.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-105-95.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
date: Thu, 22 Dec 2022 06:21:44 GMT
x-amz-cf-pop: FRA60-P1
age: 29275
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: OQ_n4Ka449_EdQaif_BV-VjnKW9ZRpeYb-mCPdBSGwAqsgD9mpO9PQ==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B2AF 102 B
134 B 96ms
95ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=4p3cq868jagf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 14:29:38 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame B2AF 32 KB
18 KB 132ms
131ms XHR
application/json 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6456e80e387538fcd02dbea0dd9a833381cc31a046b022467a9f9967e137dec8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=4p3cq868jagf
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 22 Dec 2022 14:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18632
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 14:29:38 GMT

GET
H3 200 c
c.adskeeper.co.uk/ 43 B
213 B 65ms
64ms Image
image/gif 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?f=1&pv=3&v=484|342|8|slE8atbQF1jAnA0aE5D88T_K7x97VOZU9hWrdrw5VS_0BixlXDSEl4BdHRjXKLrNO9v1eUghOZtoj4jYpC3zRQ**&fw=1&extjs=66044&cid=911109&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&rid=100cc63b-8205-11ed-8311-e43d1a2a96ea&tt=Direct&iv=11&pageImp=1&pvid=1853a3d5992a1bc456c&cbuster=1671719378987232090961
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:29:39 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: ba052b60-df96-4210-a2a5-2c3c4be75cdd
server: cloudflare
content-type: image/gif
cf-ray: 77d98d06df0671b4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 12:41:11	Name: _GRECAPTCHA Value: 09AJ4Tk-4Dr7nODiOnOH2lT5zcuQkQKZZR5cF8Zx0YHBZHSo0FA90NaZ6fgwTRpy8TUkjFOOKM8jTawm-KKlLDhBs
ouo.io/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6IjNkTXd1blcyN1hFWENGTHQ3T21MRmhWMWtzSEdWYk4yNU0wbkVzbG5YOTg9IiwidmFsdWUiOiJsajN3ckRvWjZhcEptejh6d2tFWjEwdTVMYjBseEtmdTFJbDVFc3RJOTEzdzBZRDZFVDNZUFZKbThSamtZaHZLRkdFVGJLV3BKVVdkYWZCU3dRcGtjdz09IiwibWFjIjoiMzllMmY2NjIzOGVmZTM3Zjk3M2U0YjMyNTAxOGE3MjczOWU1YTZkMGNlMWE1ZTMxMzMxMTBjYzVkYzYyOGUxMSJ9
ouo.io/	1970-01-20 17:57:59	Name: language Value: eyJpdiI6IitVUHFNMlwvQ0tiMlZSWXN6Yk9hbWRTb3hHVHRCckdcL3ZkMmd5ZlArbE1mcz0iLCJ2YWx1ZSI6IjFKOEtLMGJhSkZnYXNZNXBMdTVrUllQZGZlVFBTd1JLRlNCNTd6Y3J6TmM9IiwibWFjIjoiMGViNTFhMGYzOTFjMWI3MjY2ZjlmNmYzOTQ0MzA0MTgwYmQzMWNiMmY4OGUxODBiNTNiN2I1MTEyMDEzN2Q4ZiJ9
ouo.io/	1970-01-20 08:22:06	Name: d5c3c991d6a2a7fc656a3202a79dfa2b532eb43d Value: eyJpdiI6IkIrNjk0K0VZWlhHeHFiMmQyUjV2SEl5UmhpUVU0aUEwczRHN3FZcWlnTFU9IiwidmFsdWUiOiJ5TDhnMHJ1cHE1SW9yNlJLMmN3T3pMRUdwRWc3SDBtRFFqTk1Ya25MZmRkbEZ1OHdqZ1UrOW1ueUoycGN2dWVSTU1aV0pyN0tJa3d2cEJPekpPMVo5TzBrVXA0ZGplMU1PS2ljNFpmYURReGx3RlVsNjA2ZTA2RTdydkhWdHY4SWxEMVYzZjNDSk1meHl1N0xNTDBtaEFxZDkzRXJjZ3dhNVlvaHdZaTBYXC96dHp2bVBFeFpcLytSQTVMME1LXC9xaEgxaG9NbWxOOERlTDUwakNkR2xhbW05U3ZvNnF2YkpvUEpONnp0ME1pSEZvZTVnWGs0ZkFybEQ5K3dtQ29QN25WdTVlVVpBRkx2V0szblhQeTRwVUhWQXczRjlVVGJPYnRScjFxbTdSUk5vN25qWW1XOE1mUktYTVN1NlZJakt1ZjdNYnFIcHRDMVpNQ21IOUhaSndHbEE9PSIsIm1hYyI6ImE1YzQxYjE4M2YxZDZhODIxODQwOTg1Zjg4MTViOWNhZTdlMmFiMmJkMTQxYzQ4MzNhZTA4Njk0NTFjMjRlOTEifQ%3D%3D
ouo.press/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6IlRRNjJrcXQ4ZEdzUkdcL2puQXZja2xlZEU3RFpcL1hjcW9RV1ZnZnluZzNjOD0iLCJ2YWx1ZSI6ImJsdlh0TVNaRjZ3ZENJTHE5UWFyVGl1N2JHbVJ6K2p1N2N4Q0x0RlB6TlRrZUN1QU9peUo0RlBpbStPYmR5bFRxRFZvZXFwWmVIVmxvXC95UWwwc1dsdz09IiwibWFjIjoiNDYwODgyNzgwZGUwNDYzNDBjMTdlNmE5NjA0YjViYmIwOWM5MzM4ZDFmM2VkZmUzN2NlODYxYzA5MDU0OGZlZiJ9
ouo.press/	1970-01-20 17:57:59	Name: language Value: eyJpdiI6Im5uMWRycVd5Q0dZRTA4NTJEVCttYm5VZ3JMZVk4R29iVjYzcHJyYVlSR1k9IiwidmFsdWUiOiJUbmh6QjU4d3JXb29hOVZYT2ZHZTFVYTgxNmJGc1J6WUg2YktcL3lnQTl1Zz0iLCJtYWMiOiI2ZGIzYjhjZjc0NmM4NmUwNTJlYzUyNGRiZWE3OThjYWQ4Y2QxNWNhOTdlNzA4OWIzYmI1MGJjNWMzODlmOGVkIn0%3D
ouo.press/	1970-01-20 08:22:06	Name: e98e36ba3a8c9fe7a05f1ab6170b703a3d55118e Value: eyJpdiI6IitiVkxMZlA1UkV4ZWtRRzJ0cUhDd3M1ZkorYWJ0ZXNHZG5BV3AwVFVlNDQ9IiwidmFsdWUiOiJsSXB6YnNTa2plQWFIemxDSHRvSElrSkgrVEtzOWthc1RLUDhUTlU3cDM5WnhYWnFDXC9Oa2tqWmozd0ZKT0krbFcrZkQ0OXFzV3Z2Z3dpckR2bGJBV1wvWUJhTFZ4cEhQSzUyU0VCTGxXRWtWbG5cL3VkUWRlT2VjRTFxSFwvcStSMTZuY1A3ZFZDWWttRkZsaERWam5veEpmVG5mVTB6WUk3MGJ3dUxTNGU1SWRtWlR0YitmT1wvc1pLcmtQWG9YR2liQlR3RkVnRGpITHo4OFJvR2JQUWZWVElyNmsrRndqbjRudFNhclFoQ0JZeGhRbDNwd3FLTitmZGpabEl4ZFhURG4yTFdhNlNMYkgxNzBDYXZoNGNpTmtZa1docG1IRWRQSWZOUHhtK0dpdXEyTXJCblNTcDVSM2xQUVh6cXNtWlE2dFwvSmJCRlhGVU1EMkdrQnFrK1pCNWVQallVbGFkODh6WlZ3UG9XNE9GVjZveG8wa3R4TUJlT29uYXZ1clNzbTciLCJtYWMiOiJjZDY3YmE2MTBlMTFiMWI4NjQ1OWRiOGNhZDVmNjJhMTUyODQ4Y2ViNjRjYjBhOThjZGU2NDAwNDRjOWY4YTE1In0%3D
.ouo.press/	1970-01-20 08:22:01	Name: __cf_bm Value: LdFV9.kmL3fwrMPlmHJIn74sV5_9DOgce2VB0ptup2U-1671719376-0-Aat7vQ1TUGJEqnt5q4W1iEiMZcrtlVTuzwzl+DQgSDK19Tg748NYXjXBRR0VltKfQYNMxMcCNWl8zAMc0IwQw6s=
tv.gourdycortes.com/	1970-01-20 08:23:25	Name: GL_UI4 Value: eJw9jUtugzAYhAHzaJSCOhIH6BFMAlGyrHqILpGNf4gbsCPjBvX2tSq1q%2Fk0D00URUldIX7kDOxLdHgdx4M4yZPkspWdPAztkS5t1%2FCW87M6dhfs9Np7IWfyKZ4nMuT00A9WUYmXEP05N2M3kyKTThhVIltCYy5RSGe3lVzNkBqxEPL3q7NBs0V8WgfW8HNgbQLHHIlda1btUHxoo8Kw2iNpeFXmEfb3WfjRuqXXKo%2BRTU4oQvyGp0F4mqz7RqFovXl7B%2Bys%2Bv%2F%2B7y%2FbGo5c0UMP4dz6K7kfcs1Kig%3D%3D
tv.gourdycortes.com/	1970-01-20 08:23:25	Name: GL_GI10 Value: eJw9jd0KgkAUhE3DtNIY6DWSfm7qtoyeoOtls1Ms4Tmybj%2F29GlBVzPMzMd4nudPU%2FimQrJeZovNJlus5tlqjeBKAj%2FfY1zInZ1tFOuSMDiQLTU3CC1djXCC0c%2BoQs6EYb6fHfnG8uR%2F0XEJ%2BoVxTYK4k%2B82jRCYuv3diaXZVhe3kzAhZnKqrojOiNumEqsdIf2nXzYMEJlaVVZeTdjDxJmS3i2t5HKpybVR7xH6H9eXQZs%3D
cdn.firstimpression.io/	1970-01-20 17:07:35	Name: OAID Value: GDPR
ouo.press/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C911109%22%3A%7B%22page%22%3A1%2C%22time%22%3A1671719377560%7D%7D
.rubiconproject.com/	1970-01-20 17:07:35	Name: khaos Value: LBZ6JZJU-1L-9NH3
.rubiconproject.com/	1970-01-20 17:07:35	Name: audit Value: 1\|naVuGyos1qqnUbQCTl0omK2qEsFCZ0ctSdOhPT1GMTmePzsaxN2h5uWVaqzBZNAn9Krtx9xPUSfgcRgjl6EitXD+ImxgwUvr3OlDu/ORdD8=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ouo.press/uDHcDi Message: The resource https://ecdn.firstimpression.io/static/js/prebidamp.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ouo.press/uDHcDi Message: The resource https://c.amazon-adsystem.com/aax2/apstag.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ouo.press/uDHcDi Message: The resource https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
bidder.criteo.com
c.adskeeper.co.uk
c.amazon-adsystem.com
cdn.adskeeper.co.uk
cdn.firstimpression.io
cdn.jsdelivr.net
cm.adskeeper.co.uk
ecdn.analysis.fi
ecdn.firstimpression.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
hhklc.com
ib.adnxs.com
itineraryupper.com
jsc.adskeeper.co.uk
ouo.io
ouo.press
s-img.adskeeper.co.uk
servicer.adskeeper.co.uk
tag.1rx.io
tv.gourdycortes.com
widgets.outbrain.com
www.google.com
www.gstatic.com
13.32.105.95
172.217.16.198
173.233.137.36
18.66.122.112
18.66.15.103
2.18.234.190
213.19.147.42
23.109.82.75
2602:803:c003:200::51
2606:4700:10::6816:3afb
2606:4700:10::ac43:697
2606:4700:3030::6815:467a
2606:4700:4400::ac40:9914
2606:4700::6810:5514
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200a
2a00:1450:400d:807::2003
2a00:1450:400d:80a::2004
2a02:2638:1::1a
37.252.171.52
52.222.247.205
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148
1b33c16f39a180213b010e813470d9b31833409d97e78d43d33f43138852a26e
23978a0d0b381da7b6d3d9f39a50a6b233254ab39bdda295f5fa1eb410b64d88
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
43634bee4c2a261f7bd8a53d6e4eda28964429bb16e4d394f10550cde3a51f54
46a42680c45a6dcb2d8fa2a30f0c1b1df8a4e5418035f08d0da4c178903310a6
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
56148b9dfab26b937a329c7e63057d4e13102bb025712e058549db2d09d4478f
599bf0f5927ef52c605844f3f043b2b4dc9f731374670d871d2b6b7e60fd9301
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6456e80e387538fcd02dbea0dd9a833381cc31a046b022467a9f9967e137dec8
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e
834156da24e6e043baf4b9e5490959ea27da1153b664653c4ca1e158dba7e04b
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae26f22f8a6926974e1d7ce6ee49dd0b0b573127f2f2a5e178d9e73d97b9e5af
af81de083b3ebb43909ca66d215b9b570416783ccc11b881788d5047a1ec3f16
b2f534f600426958fde2d96d76663137388170b9b580f2a20c2847fa8d285a45
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
ca6b45ed1707af25eee7d4660736d84aa7b446701d9d92cb327e02df9e71f6c2
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46d7c330d93ed1f46eac182657707e88ef70819d1c44d0a830b9870fe1f3aea
f3bcf6ef0c7941d0a2cadf68fc38689a8c43be2ed7bd0c443d9485e9a2eb4346
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6437da66d74180932a0b8aab9b0a4ae9188acc7602bc5009d22676208580dc9
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

ouo.press Open in urlscan Pro 2606:4700:10::6816:3afb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

94 %HTTPS

52 %IPv6

19 Domains

27 Subdomains

21 IPs

6 Countries

979 kBTransfer

2926 kBSize

14 Cookies

2 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

94 %
HTTPS

52 %
IPv6

19
Domains

27
Subdomains

21
IPs

6
Countries

979 kB
Transfer

2926 kB
Size

14
Cookies

52 HTTP transactions
1 data transactions