ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ouo.io/KoTveC
Effective URL:
https://ouo.press/KoTveC
Submission: On December 19 via manual (December 19th 2022, 7:50:36 pm UTC) from IL — Scanned from DE

Summary HTTP 53 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 19 domains to perform 53 HTTP transactions. The main IP is 2606:4700:10::6816:3afb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 195643.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.

This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:697	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6816:3afb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	172.255.6.124 172.255.6.124	7979 (SERVERS-COM) (SERVERS-COM)
4	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:467a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.233.137.44 173.233.137.44	7979 (SERVERS-COM) (SERVERS-COM)
11	2606:4700:440... 2606:4700:4400::ac40:9914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.15 13.32.27.15	16509 (AMAZON-02) (AMAZON-02)
6	13.32.110.26 13.32.110.26	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	2.18.37.67 2.18.37.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
4	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
2	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.32.10.16 13.32.10.16	16509 (AMAZON-02) (AMAZON-02)
53	21

1 2606:4700:10::ac43:697 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ouo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:3afb (United States)

ASN13335 (CLOUDFLARENET, US)

ouo.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.124 (Netherlands)

ASN7979 (SERVERS-COM, US)

tv.gourdycortes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:467a (United States)

ASN13335 (CLOUDFLARENET, US)

hhklc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)

itineraryupper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::ac40:9914 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-15.fra56.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.110.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-26.vie50.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.37.67 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.10.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-10-16.vie50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	adskeeper.co.uk jsc.adskeeper.co.uk — Cisco Umbrella Rank: 60615 c.adskeeper.co.uk — Cisco Umbrella Rank: 41478 cdn.adskeeper.co.uk — Cisco Umbrella Rank: 33046 servicer.adskeeper.co.uk — Cisco Umbrella Rank: 59450 s-img.adskeeper.co.uk — Cisco Umbrella Rank: 41668 cm.adskeeper.co.uk — Cisco Umbrella Rank: 64945	90 KB
6	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 23217 cdn.firstimpression.io — Cisco Umbrella Rank: 23306	328 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503	93 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	385 KB
5	ouo.press ouo.press — Cisco Umbrella Rank: 195643	32 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	42 KB
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 462	895 B
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 1334	157 B
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 713	307 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	9 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1353	3 KB
1	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 161	663 B
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 29029	2 KB
1	itineraryupper.com itineraryupper.com — Cisco Umbrella Rank: 325393
1	hhklc.com hhklc.com — Cisco Umbrella Rank: 156308	3 KB
1	gourdycortes.com tv.gourdycortes.com — Cisco Umbrella Rank: 324612	1 KB
1	ouo.io 1 redirects ouo.io — Cisco Umbrella Rank: 112542	1 KB
53	19

	Domain	Requested by
5	ouo.press	ouo.press
4	c.amazon-adsystem.com	ecdn.firstimpression.io c.amazon-adsystem.com
4	ecdn.firstimpression.io	ouo.press ecdn.firstimpression.io
4	www.google.com	ouo.press www.gstatic.com www.google.com
3	cdn.adskeeper.co.uk	ouo.press
3	www.gstatic.com	www.google.com
2	cm.adskeeper.co.uk	jsc.adskeeper.co.uk
2	ib.adnxs.com	ecdn.firstimpression.io
2	c.adskeeper.co.uk	jsc.adskeeper.co.uk
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.firstimpression.io	ecdn.firstimpression.io
2	jsc.adskeeper.co.uk	ouo.press jsc.adskeeper.co.uk
2	fonts.googleapis.com	ouo.press client
1	s-img.adskeeper.co.uk
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	fastlane.rubiconproject.com	ecdn.firstimpression.io
1	tag.1rx.io	ecdn.firstimpression.io
1	bidder.criteo.com	ecdn.firstimpression.io
1	servicer.adskeeper.co.uk	jsc.adskeeper.co.uk
1	cdn.jsdelivr.net	ecdn.firstimpression.io
1	widgets.outbrain.com	ouo.press
1	ad.doubleclick.net	ouo.press
1	ecdn.analysis.fi	ouo.press
1	itineraryupper.com	ouo.press
1	hhklc.com	ouo.press
1	tv.gourdycortes.com	ouo.press
1	ouo.io	1 redirects
53	27

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
clck.adskeeper.co.uk

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-12` - `2023-06-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tv.gourdycortes.com R3	`2022-12-09` - `2023-03-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
itineraryupper.com R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh
analysis.fi Amazon	`2022-11-03` - `2023-12-02`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2022-11-27` - `2023-12-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ouo.press/KoTveC
Frame ID: 87465CB0C81E68B0D07ED477310E5307
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=a1a9w8z8ptos
Frame ID: D43F8B09BB233B0252B8FDA02067999C
Requests: 5 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 7CB33EC2D5F07262B9B3B404BE9EBBEA
Requests: 12 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1671479432114120073879
Frame ID: 92533A90158D4CA2C19BD4FCA7CC8284
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

https://ouo.io/KoTveC HTTP 302
https://ouo.press/KoTveC Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

53
Requests

94 %
HTTPS

52 %
IPv6

19
Domains

27
Subdomains

21
IPs

7
Countries

993 kB
Transfer

2925 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=911109

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.co.uk/ghits/12213227/i/16195/2/pp/1/1?h=xLmt2ZwrOBhprqOAOwlPXD7nh63KfTxl8NRevkqZv50nJp3gq6XMkCrTmNDoOKyMfYAQGMozEa1OPATsJCeTWg**&rid=6550a68d-7fd6-11ed-93dc-e43d1a2a53a0&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ouo.io/KoTveC HTTP 302
https://ouo.press/KoTveC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request KoTveC Show response
ouo.press/
Redirect Chain

https://ouo.io/KoTveC
https://ouo.press/KoTveC

8 KB
5 KB

253ms
220ms

Document
text/html

2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/KoTveC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b8753a93a629dcfbf2a494c5d2c1bcc026754958fcd10c06bfbf4bc3f0e4841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77c2aaeb5d7c8fe9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 19:50:31 GMT
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77c2aae8a8c76904-FRA
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 19:50:30 GMT
location: https://ouo.press/KoTveC
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 1020 B
918 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: ouo.press
URL: https://ouo.press/KoTveC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 18:44:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 19:50:31 GMT

GET
H2 200 bootstrap.css
ouo.press/css/ 107 KB
19 KB 29ms
28ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/bootstrap.css

Requested by

Host: ouo.press
URL: https://ouo.press/KoTveC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/KoTveC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35382
cf-polished: origSize=109522
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
server: cloudflare
etag: W/"54def1fc-1abd2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 77c2aaecc81f8fe9-FRA
expires: Mon, 19 Dec 2022 22:00:49 GMT

GET
H2 200 link-safe.css
ouo.press/css/ 6 KB
2 KB 35ms
34ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/link-safe.css

Requested by

Host: ouo.press
URL: https://ouo.press/KoTveC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/KoTveC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30355
cf-polished: status=cannot_optimize
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
server: cloudflare
etag: W/"5d951ace-1830"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 77c2aaecc8218fe9-FRA
expires: Mon, 19 Dec 2022 23:24:36 GMT

GET
H/1.1 200
OK 48786 Show response
tv.gourdycortes.com/1clkn/ 0
1 KB 110ms
20ms Script
application/javascript 172.255.6.124
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.gourdycortes.com/1clkn/48786

Requested by

Host: ouo.press
URL: https://ouo.press/KoTveC

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

172.255.6.124 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 19:50:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
996 B 107ms
43ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: ouo.press
URL: https://ouo.press/KoTveC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

411307e2ebb15fd8a8d532372dabb8f643c1a4f46bde7e6508ca41f2832c6d41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Mon, 19 Dec 2022 19:50:31 GMT

GET
H2 200 c.js Show response
hhklc.com/ 9 KB
3 KB 51ms
17ms Script
application/javascript 2606:4700:3030::6815:467a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hhklc.com/c.js
Requested by: Host: ouo.press
URL: https://ouo.press/KoTveC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:467a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422e5b14896b59cfbdb959e91197045509f7551c5c4f3a03621915a5919e6a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1721
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Dec 2022 11:32:19 GMT
server: cloudflare
etag: W/"6399b443-22d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPxI%2FCiXaQzX2e0RoHMDUiyBJhP%2FIkgXSvWnwtW52U0K57QiRF%2BPmCFRW6ozS3s2EYE%2B05PGb6JjBU4I5OxI9DQTXAe8EAPJib52a3EoVC26TA0xtqdsuh7ANV9hybGzrDf2YkqbUf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
server-asp-net: Asp Net
cf-ray: 77c2aaedaf76921a-FRA
expires: Mon, 19 Dec 2022 20:06:50 GMT

GET
H/1.1 403
Forbidden ed36014633829dc70a42dccaefdf3f11.js
itineraryupper.com/ed/36/01/ 0
0 295ms
95ms Script
application/javascript 173.233.137.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by: Host: ouo.press
URL: https://ouo.press/KoTveC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 19:50:31 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 ouo.press.911109.js Show response
jsc.adskeeper.co.uk/o/u/ 2 KB
1 KB 53ms
24ms Script
text/javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
Requested by: Host: ouo.press
URL: https://ouo.press/KoTveC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af81de083b3ebb43909ca66d215b9b570416783ccc11b881788d5047a1ec3f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
x-amz-version-id: K6_4DTdgS48TLPF.nDN9N.7stPVqIKTf
cf-cache-status: HIT
x-amz-request-id: MWW4GD0KCP57CMDF
age: 302
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 917
x-amz-id-2: W2m5vXkHR5YOXPjbMMGT4yuNGITa4bpNtSXQ0m2eH4WtxG1J1IrQ+TzOkWdSLXo1Xf9TDpsjMxOMn9vDnlDYXg==
last-modified: Wed, 23 Nov 2022 08:34:07 GMT
server: cloudflare
etag: "81954b37bfde4482100f450e77d81cb7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77c2aaedac4e693d-FRA
expires: Mon, 19 Dec 2022 23:50:31 GMT

GET
H2 200 world.png
ouo.press/images/ 6 KB
6 KB 27ms
26ms Image
image/png 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ouo.press/images/world.png

Requested by

Host: ouo.press
URL: https://ouo.press/KoTveC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/KoTveC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2546009
cf-polished: status=not_needed
content-length: 5692
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 May 2015 05:02:52 GMT
server: cloudflare
etag: "5549a07c-163c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 77c2aaed79558fe9-FRA
expires: Tue, 20 Dec 2022 08:37:02 GMT

GET
H2 200 email-decode.min.js Show response
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
818 B 21ms
20ms Script
application/javascript 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ouo.press
URL: https://ouo.press/KoTveC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/KoTveC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Dec 2022 12:21:11 GMT
server: cloudflare
etag: W/"6399bfb7-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 77c2aaed79508fe9-FRA
expires: Wed, 21 Dec 2022 19:50:31 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 37ms
6ms Script
application/javascript 13.32.27.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: ouo.press
URL: https://ouo.press/KoTveC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-15.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:16:29 GMT
content-encoding: gzip
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA56-C2
age: 2042
etag: W/"61b8b8ab-1090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: EGyQXS1tx_djkWrFqGyV8BzBrnagEuiN1TUAajQtAb-aVJTJ9qDnTQ==
expires: Mon, 19 Dec 2022 20:16:29 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 76ms
20ms Script
application/javascript 13.32.110.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: ouo.press
URL: https://ouo.press/KoTveC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-26.vie50.r.cloudfront.net

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

25099b5cc264b36daf2324ca3a338307cfc5b2b1ffafc85f5fd1bb6e755840fc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:43:31 GMT
content-encoding: br
via: 1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 19:43:31 UTC
server: nginx/1.20.0
x-amz-cf-pop: VIE50-C2
age: 420
x-powered-by: PHP/8.0.14
etag: W/"e5512e79542098330771d8029e72d4e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: OMY_fe7PxyB11oOOvDHtTHwNmVJAAI9rmZTmVwe5uQP_p37apuw4BA==
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 83ms
21ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 07:49:58 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
663 B 42ms
7ms Image
image/x-icon 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: ouo.press
URL: https://ouo.press/KoTveC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 19:03:18 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 141ms
37ms Image
image/svg+xml 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ouo.press
URL: https://ouo.press/KoTveC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 18 Jan 2023 19:50:31 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 25 KB
6 KB 83ms
69ms XHR
application/json 13.32.110.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FKoTveC&charset=UTF-8&ch=19&ref=ouo.press&viewerId=null&referer=&_firid=83180738
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-26.vie50.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: c02b1318df77a20ba76a1a70cf38cd6f15e0e93d7a25ecf1be10eb58c5414f33

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
via: 1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: fSjgoc4q8XnYc7I9gRN0COi2WSP_FkAuUObtURUKj--SYKBVBbQXsg==
expires: 0

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 19 KB
19 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:27:27 GMT
x-content-type-options: nosniff
age: 256984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19292
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:27:27 GMT

GET
H2 200 ouo.press.911109.es6.js Show response
jsc.adskeeper.co.uk/o/u/ 268 KB
80 KB 18ms
17ms Script
text/javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56148b9dfab26b937a329c7e63057d4e13102bb025712e058549db2d09d4478f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
x-amz-version-id: BGWdLTu0gk2Sa_lfFMoGUklmsbUpWNEf
cf-cache-status: HIT
x-amz-request-id: HVP17M60J0NGYJDE
age: 736
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81134
x-amz-id-2: newB6UmQ4G6fL/y1DX3SzA/HSiNG5TbNN/Rp9FSeA5wYYRa5wRTjBll1D5zN8TcsVtTiQ6uR4QE=
last-modified: Wed, 23 Nov 2022 11:40:48 GMT
server: cloudflare
etag: "8d21d010c2ff0300cb95fd9ba262edfa"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77c2aaeebe73693d-FRA
expires: Mon, 19 Dec 2022 23:50:31 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D43F 42 KB
22 KB 52ms
52ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=a1a9w8z8ptos

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

89e5762e9d3030f7f84f342fdfc505dc7efef6157b9988579fcaf23c55a8be54

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QL_JXDoLgAgYv6l5aQbjow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22464
content-security-policy: script-src 'report-sample' 'nonce-QL_JXDoLgAgYv6l5aQbjow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 19:50:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 prebidamp.js Show response
ecdn.firstimpression.io/static/js/ 312 KB
97 KB 59ms
21ms Script
application/javascript 13.32.110.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-26.vie50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:28:33 GMT
content-encoding: gzip
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
x-amz-cf-pop: VIE50-C2
age: 1335
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: tfxaoMn7eTbJzYLIPC3fMzzw59aPsMiFKhRj5fbiYJc6Rnu2OLL7GA==
expires: Mon, 19 Dec 2022 20:28:16 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 27 KB
9 KB 45ms
8ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 19 Dec 2022 19:50:31 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 5181
x-jsd-version: 1.14.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9244
x-served-by: cache-fra-eddf8230118-FRA, cache-hhn-etou8220037-HHN
x-jsd-version-type: version
etag: W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 83ms
20ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:18:18 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 17:02:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 1934
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: PEejDrVhebsKhKfA2ZT14lxhcWgXzXBCryc953GNLoFwyatBK58wfw==

GET
H2 200 fiamp.js Show response
ecdn.firstimpression.io/static/js/ Frame 7CB3 110 KB
35 KB 19ms
19ms Script
application/javascript 13.32.110.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-26.vie50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:02:18 GMT
content-encoding: gzip
via: 1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
last-modified: Fri, 08 Apr 2022 08:48:22 GMT
server: nginx/1.20.0
x-amz-cf-pop: VIE50-C2
age: 2893
etag: W/"624ff6d6-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: tq_mr7JrrmJ_l-TEtj-VuxeUXwJ-5fzIUjsBD09wNEHv0gUxFSxUDA==
expires: Mon, 19 Dec 2022 20:02:18 GMT

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame D43F 52 KB
24 KB 65ms
21ms Stylesheet
text/css 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=a1a9w8z8ptos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 23:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 23:46:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame D43F 407 KB
163 KB 74ms
31ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 07:49:58 GMT

GET
BLOB 200
OK 100240fc-4d5e-4325-82b5-259afcd721fd
https://ouo.press/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ouo.press/100240fc-4d5e-4325-82b5-259afcd721fd
Requested by: Host: ouo.press
URL: https://ouo.press/KoTveC
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK e4861f23-6986-4ae6-a2db-96f1bfd71ba6
https://ouo.press/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ouo.press/e4861f23-6986-4ae6-a2db-96f1bfd71ba6
Requested by: Host: ouo.press
URL: https://ouo.press/KoTveC
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 css
fonts.googleapis.com/ 21 KB
1 KB 31ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e46d7c330d93ed1f46eac182657707e88ef70819d1c44d0a830b9870fe1f3aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 19:23:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 19:50:31 GMT

GET
H2 200 / Show response
c.adskeeper.co.uk/pv/ 0
43 B 60ms
49ms Script
text/plain 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/pv/?pv=5&cbuster=1671479431628834579367&uniqId=16f4d&lct=1669161600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fouo.press%2FKoTveC&lu=https%3A%2F%2Fouo.press%2FKoTveC&sessionId=63a0c088-0d609&pageView=1&pvid=1852bf011cd932c4b36&site=272839&implVersion=11&dpr=1&tfre=467
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77c2aaefb8af693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content b5fadcc2-7805-4b7e-9ea6-8e123fc35ec6
https://ouo.press/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ouo.press/b5fadcc2-7805-4b7e-9ea6-8e123fc35ec6
Requested by: Host: ouo.press
URL: https://ouo.press/KoTveC
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 32ms
18ms Image
image/svg+xml 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: ouo.press
URL: https://ouo.press/KoTveC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6MNX2MTGJN85G3DR
age: 6322
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: uVYN4THI3XWNXs2pKJp3igZaYY/0ylOvx7HnZiKG6/WrJVpwFBMB1QO++JO3ZWcshaslZ238S8k=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 77c2aaefe8eb693d-FRA
expires: Mon, 19 Dec 2022 23:50:31 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 312062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 05:09:29 GMT

GET
H2 200 prebidamp.js Show response
ecdn.firstimpression.io/static/js/ Frame 7CB3 312 KB
97 KB 20ms
19ms Script
application/javascript 13.32.110.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-26.vie50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:28:33 GMT
content-encoding: gzip
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
x-amz-cf-pop: VIE50-C2
age: 1335
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: sMIGDiAErfRyoUTZqacSnS3JDxceQE4EaN8GzR291MyZxcBFCQpsiA==
expires: Mon, 19 Dec 2022 20:28:16 GMT

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/911109/ 1 KB
959 B 248ms
238ms Script
application/x-javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/911109/1?pv=5&cbuster=1671479431755420966376&uniqId=16f4d&lct=1669161600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=495&h=404&cols=1&ref=&cxurl=https%3A%2F%2Fouo.press%2FKoTveC&lu=https%3A%2F%2Fouo.press%2FKoTveC&sessionId=63a0c088-0d609&pageView=1&pvid=1852bf011cd932c4b36&implVersion=11&dpr=1&tfre=593
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9d6f4d7f31ca301affe27306cd278fa5375943a4fedad6e8496bdb29b8f7cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 77c2aaf08a84693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D43F 102 B
134 B 43ms
43ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=a1a9w8z8ptos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 19 Dec 2022 19:50:31 GMT

POST
H2 200 lg.php
cdn.firstimpression.io/delivery/ Frame 7CB3 1 B
446 B 63ms
63ms Ping
text/html 13.32.110.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-26.vie50.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
via: 1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: VIE50-C2
x-powered-by: PHP/8.0.14
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ouo.press
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: DAKpaRA4E5yiOtFJgACe3jRPkgSwvQ0FRU9_UsV4nbDIInVQiJXR_A==
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 7CB3 18 B
307 B 155ms
39ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=10287539144

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 19:50:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 mvo Show response
tag.1rx.io/rmp/212927/0/ Frame 7CB3 0
157 B 61ms
19ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
pragma: no-cache
date: Mon, 19 Dec 2022 19:50:31 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7CB3 138 B
937 B 100ms
25ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0ba372c8ce207f2b0da834dd555d7dcbaf1c7821f463e869f6c07be51af9700b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 19:50:31 GMT
AN-X-Request-Uuid: 7f1985c5-29c4-463e-b141-1e02e48a53ec
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7CB3 348 B
895 B 207ms
96ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FKoTveC&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FKoTveC&tg_i.page=https%3A%2F%2Fouo.press%2FKoTveC&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=f9294b8d-bc00-42a5-97c4-5fbc6f2996c1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8046851116563656
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a494653dccb32704c33b017ed5d9c480b6e5758bc3408952536aa5da77d7792e

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:50:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ouo.press
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7CB3 139 B
938 B 84ms
14ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

248f70de6971369370787ad97c0fff12556d9086ebf711615bc9e18769934503

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 19:50:31 GMT
AN-X-Request-Uuid: 107acd22-56da-492a-89a6-a218a64cfbdc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.20; 193.27.14.20; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 7CB3 178 KB
45 KB 21ms
20ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:18:18 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 17:02:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 1934
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: CENqZ2ptYqZ7QD5JTqwcI3R434umqnO4QIXp2Ef5Ou-axXlRDcwlmg==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame D43F 32 KB
18 KB 90ms
90ms XHR
application/json 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb6aaaf22890abd945f6931b466f0d8a7dda3eb128c02d314f982cf2c7d9a549

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=a1a9w8z8ptos
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 19 Dec 2022 19:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18752
x-xss-protection: 1; mode=block
expires: Mon, 19 Dec 2022 19:50:32 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 7CB3 0
306 B 20ms
19ms XHR
text/plain 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:54:03 GMT
via: 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 10589
x-cache: Hit from cloudfront
access-control-allow-origin: https://ouo.press
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: ---r0SPEYCYkR-AOmBNjAkeREpS2w1LukFxoB0P4aUDbYoOBpO5m1g==

GET
H2 200 bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 7CB3 23 B
0 195ms
73ms XHR
text/javascript 13.32.10.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FKoTveC&pid=HRWZRYt7wRC5z&cb=0&ws=728x90&v=22.1212.1511&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.10.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-10-16.vie50.r.cloudfront.net

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C2
x-amz-rid: Y88CESG3KV1DT8P6TRJF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: oeItvMKZj5W3_6JZ6fYwak1cstraCikUBKTaGBB6fP6Ze_JXsbUAYw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 7CB3 6 KB
3 KB 79ms
9ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 06:21:35 GMT
x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 48538
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: P_j4LZnspW89ISRmcff0tkg05jXAS3eMAVi0XSocICCC8G05-3wakg==

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 38ms
38ms Image
image/svg+xml 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:32 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: P23G98T0RPS1923H
age: 1512
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +pkIcnDW5LI90x9mr22bkfqfBqu9Ndl9EtSQVcNdlUzWcDpVywyJ6BJrec3/moiJaPWw/mY5K2s=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 77c2aaf288df911f-FRA
expires: Mon, 19 Dec 2022 23:50:32 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzUzMDQ1My9hMmEyZDU1MjZlNWZiMjhkZ...
s-img.adskeeper.co.uk/g/12213227/492x328/-/ 4 KB
4 KB 104ms
24ms Image
image/webp 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/12213227/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzUzMDQ1My9hMmEyZDU1MjZlNWZiMjhkZDBhN2EyMzE2ZTk3OGMzNS5qcGVn.webp?v=1671479431-A4jVOdFQlhDiBQOuaoe1o0n9_f7ElZXGjI3--RFrHrQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb17077dec870ac8a65b5659945f09990ccab5b3c83969c580e6c9b95aff578d

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:32 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 13:17:07 GMT
x-mg-request-uuid: 9f3a1eca-ec60-48fe-ab53-800a5cc5092f
server: cloudflare
age: 23441
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 77c2aaf31a30694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4088

GET
H3 200 int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/ 1 KB
945 B 36ms
35ms Image
image/svg+xml 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:32 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: NNE0X4SA62JCF0RH
age: 297
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cjVP+pbTRUy6Jy0bRIMXjRa8aM8s9KsjVh8h5AWJFIEcnUx2MirwQ3xJehhx8bhmex1J40EwOIw=
last-modified: Mon, 04 May 2020 12:16:42 GMT
server: cloudflare
etag: W/"37346cd2daeeec771e8ffe3a34ef43ea"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 77c2aaf298f5911f-FRA
expires: Mon, 19 Dec 2022 23:50:32 GMT

GET
H2 200 i.js Show response
cm.adskeeper.co.uk/ 0
37 B 174ms
112ms Script
application/javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i.js?&cbuster=1671479432104375618841
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:50:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 77c2aaf2fff4693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.adskeeper.co.uk/ Frame 9253 0
124 B 162ms
110ms Script
application/javascript 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1671479432114120073879
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:50:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 77c2aaf2fffc693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 c
c.adskeeper.co.uk/ 43 B
213 B 30ms
29ms Image
image/gif 2606:4700:4400::ac40:9914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?f=1&pv=3&v=484|342|8|xLmt2ZwrOBhprqOAOwlPXD7nh63KfTxl8NRevkqZv50nJp3gq6XMkCrTmNDoOKyMfYAQGMozEa1OPATsJCeTWg**&fw=1&extjs=66044&cid=911109&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*&rid=6550a68d-7fd6-11ed-93dc-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=1852bf011cd932c4b36&cbuster=1671479433302742010878
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:9914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:50:33 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: d04bc762-e825-45ca-b131-63d031e7dd6e
server: cloudflare
content-type: image/gif
cf-ray: 77c2aafa2b81911f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 12:37:11	Name: _GRECAPTCHA Value: 09AGDUI8CSamWov1SM5hur8onQAOxePaVeS_pAu5ED1nWHuKt99Nsd_1vEpESyyx2ukeAvAulKBRNWO1HYveT8CDI
ouo.io/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6IndWODJjaDNYUWt3NUlMQXR3ZFl6a3NXMDkwZHA5SU5CYTZrUmhUYkdjek09IiwidmFsdWUiOiJUXC84ekIyXC9NdllyREsyekpCRW1vNjdHVDdCMHR5Wng3bnpwNDFJeUp3T1JTWVkwbzNqdFF1dTYwTTdrdmNkOW1cL3Jnb0FPWGttV0dJaHdUa3htaDB5UT09IiwibWFjIjoiYjg3MDUyNzgxMTU1YjFhZThiZTIyOWQ5ZWNmNDllZjVkYzBlNDcxYmVhOWYzMDViMjc0MTBmYTdhNDdmY2RmNyJ9
ouo.io/	1970-01-20 17:53:59	Name: language Value: eyJpdiI6IkpydDg5SDgzSGJraU9DYTFjVUo3S1hZSXBmdnJIdW9FTkxrNVQyaTR4RWM9IiwidmFsdWUiOiJUY1hzXC9JRVRHNjNudUVBUjhqcTJLNE5zK0lxXC9YbnpoSnJyNTVienJIN0U9IiwibWFjIjoiYWI1YzVhYTgzNGZkM2I3ODYyZjY2MWUwMDE1MWIwODA1NzhlMDM0NDY4OWY2ZWJhNDVlYmY2N2JkNTIwNmU3OSJ9
ouo.io/	1970-01-20 08:18:06	Name: 53c80d3278a8eb1e4b85f4a0add3f251db00c9ac Value: eyJpdiI6IkkzUnJNNnNua0h4VE5HckxkRTRrUXQxVWRRVzU1ZHJzOXA4UHRXUU9kUzg9IiwidmFsdWUiOiI1dmNwZmxab25pM2k3dk92VEltTFd2eVJ4TDNabGtVa1wvWU4yZzAxb1pZMzlRXC9PNVVNa1EyMzBIYVBTaHMxejdCR2o0WWhZR3o0bmh3QXNqRFlFMnVnXC9kRmRNTmJRNW1mcjFXblBiQ2s1cndnc0hXOFBJdFpzblwvYVM5UWI0NGZaVkZaMFZnTjhpVzVDcHFDdG5pekt6aE8wbnJxZ0lKMjZ3UHB1VVRRZkVFeGRDVDAyQkZ3MUpKYnUzWDI1ek1kbHo5NnpSZWY2S0xNR3kwMDBIMkUzS1FcL0NOaXRWXC9uWkQrd0drd2NGUVY1TzhtM0NrQ2ZabmJuWUZ4TDdBbGJkTkh0STZhSzRMR01MbUQyRFJXMGRvUzRrTmhuNzh3K2hQNDJDRFFpZThBYWM1QlhDVVBaSzF6YmVjVDJGSW4zUG0ycEdrQnJaU2xJVEFSOElSZkpwVXc9PSIsIm1hYyI6ImMyNTRlNjZhYTBmYzEzYmNiMmFlY2NlMDI1YzQ3MDFlZDAyNTBkODEwNzE0MTM4YTFlOWFjYjkzMWFlZDU1YTcifQ%3D%3D
ouo.press/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6InZ3MUxmWjNTMGN5dXp2Umd0YWlrbmV2bzU4RDdtNUwweDFKQnFhdlRpcUE9IiwidmFsdWUiOiJMV3pMa29MdVczWDA5VjU0dWsxbUg1djZwZzd2YklibENHTXJMcXZhXC9hNVJCYWpZNlRNUzJKaUVzaWJZVzNmTEVuM3BnOG9DUklyYXdodnMrU3dPRXc9PSIsIm1hYyI6IjM0NDcyNzcxYWRmNTRmMzM2MDQ0NGI5Y2I1Njk1ZTA4NzZjYzBiZDg4NjQxYzhiZjZjNGQ3ZDk3Mjg2MWNlMGYifQ%3D%3D
ouo.press/	1970-01-20 17:53:59	Name: language Value: eyJpdiI6ImF0aTlvNlFYXC9FTlRiTHhmXC9oa09wUG5PSkRveDdiSlZveU0xQnBSSUZ6TT0iLCJ2YWx1ZSI6Ikw4WUZvOWZyTzljS2lkZ0ZSZ1RlRTdVNFUyWFhHUlwvUCtwWDl0QmdTbDhNPSIsIm1hYyI6ImQzODllZDA2NDYzN2M3ZmM3ODFlNmY3MWU5ZWIzMjlhYmU5ZGQ3MWZmNGQ1YmJlZDAyOGExMmNjMjEyMjk4ZTUifQ%3D%3D
ouo.press/	1970-01-20 08:18:06	Name: 0972062708346c0955cc856591094096a396f31e Value: eyJpdiI6InRyQzdDQWhYMTNWOHRNVThSbnVzNVVLN3RNY1pYbXNxNVdPTVRpU2NxSU09IiwidmFsdWUiOiJwMzRraWlOY2hqZUt6ZmVQZE9YVXF3ZitsQ3liQXlBbUREZkZiQXVcL1B3VWM0NHFuMFhnN2syWElWY3FUK3ZkZVpZMjJVcG41b0JKeXRFcUhzR3ZCTGpWUG02TVBYMTQwZzlSd3QyZ1NtYmdiNzR4V3lNTlE2eis1SVZuY2NNSnhNbjZ1NG5VSFVOMGRTdDRuemxyU2J3akwzMmtvckV0dVBWblB1bnZ6ak9TZXByUFFKSTQwMnpDS2grNGtEUCtIZmp0dmxRVmhOUE9GRmtCdUl4dUFLdmtDU2xBSk1FMUFMdnBOcE5OM2dWXC9zalVCNm9EMExvSStrVXdIOXRIVnE1NUdhUFdxaVM1ZWNGVmFTeWZlNGxsODJ5V1FaTnZveHF5cEdtaTJYejlXOXRRS0xjS1wvUVRLbmxLS2RCM0crbkh3eFUybUZzc1wvWVErXC9BS3E4Z2dndmxwUUNJbDRLbGFhSmlxRFpjQ1h4NmNiY25XQTk1UEo5UmdyVTNQenZNcCIsIm1hYyI6IjUwMzQzZjEzNGUxM2I3NzBkYzc4ZGI0OTQ2ODkzMDY1ZjZiZjBlNjljMWIwM2U0YjZiNWY2N2I2Mjk5M2UyMzkifQ%3D%3D
.ouo.press/	1970-01-20 08:18:01	Name: __cf_bm Value: FSFzkT8fRRqKdfFitsU2NFOZcCJ7qfBYaCEHEc3BkUw-1671479431-0-AQL5peVEiUe3wYQBIvDipsNpUuk5BXW1vFwXvKLqUgBV0hpFAM4GVmYaJTy+im95flcXNu5Gl9H9JwhJiO7pOT0=
tv.gourdycortes.com/	1970-01-20 08:19:25	Name: GL_UI4 Value: eJw9jUtugzAYhAHzaJSCOhIH6BFMAlGyrHqILpGNf4gbsCPjBvX2tSq1q%2Fk0D00URUldIX7kDOxLdHgdx4M4yZPkspWdPAztkS5t1%2FCW87M6dhfs9Np7IWfyKZ4nMuT00A9WUYmXEP05N2M3kyKTThhVIltCYy5RSGe3lVzNkBqxEPL3q7NBs0V8WgfW8HNgbQLHHIlda1btUHxoo8Kw2iNpeFXmEfb3WfjRuqXXKo%2BRTU4oQvyGp0F4mqz7RqFovXl7B%2Bys%2Bv%2F%2B7y%2FbGo5c0UMP4dz6K7kfcs1Kig%3D%3D
tv.gourdycortes.com/	1970-01-20 08:19:25	Name: GL_GI10 Value: eJxljNGKwjAURGu6dpUVZcAP6A9s0a4gPmvXPug3hFBvJUhzQxIX69dbFWTBt%2BHMnImiSEzHENpiNF%2F9ZPkymy%2ByfIb4SAyxKTCq%2BGyCa6VRDeFzS65RpkXi6KjZQJQFvp5ZVnwg9DfF9z%2F2sPoleU%2F4qHRogV%2BnzKk%2Bu5CqJt0rbTC8F0992unvg1h7i8E%2BXyzTXThgaChIb4m6uGZn2alAGL%2Fo4yqJMdBeWseXNulhEnRDVzYkua49hQ71%2FhJxA4FWTEs%3D
cdn.firstimpression.io/	1970-01-20 17:03:35	Name: OAID Value: GDPR
.rubiconproject.com/	1970-01-20 17:03:35	Name: khaos Value: LBV7P3XT-1G-24SP
.rubiconproject.com/	1970-01-20 17:03:35	Name: audit Value: 1\|naVuGyos1qqIX5poxQ7F+3NEnEPvxbSem0AuhTX0VRyePzsaxN2h5vfOCZIZWXnk9Krtx9xPUSfgcRgjl6EitXD+ImxgwUvr3OlDu/ORdD8=
ouo.press/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C911109%22%3A%7B%22page%22%3A1%2C%22time%22%3A1671479432089%7D%7D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ouo.press/KoTveC Message: The resource https://ecdn.firstimpression.io/static/js/prebidamp.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ouo.press/KoTveC Message: The resource https://c.amazon-adsystem.com/aax2/apstag.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ouo.press/KoTveC Message: The resource https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
bidder.criteo.com
c.adskeeper.co.uk
c.amazon-adsystem.com
cdn.adskeeper.co.uk
cdn.firstimpression.io
cdn.jsdelivr.net
cm.adskeeper.co.uk
ecdn.analysis.fi
ecdn.firstimpression.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
hhklc.com
ib.adnxs.com
itineraryupper.com
jsc.adskeeper.co.uk
ouo.io
ouo.press
s-img.adskeeper.co.uk
servicer.adskeeper.co.uk
tag.1rx.io
tv.gourdycortes.com
widgets.outbrain.com
www.google.com
www.gstatic.com
13.32.10.16
13.32.110.26
13.32.27.15
172.217.18.6
172.255.6.124
173.233.137.44
18.66.23.213
185.89.210.82
2.18.37.67
213.19.147.43
2602:803:c003:200::41
2606:4700:10::6816:3afb
2606:4700:10::ac43:697
2606:4700:3030::6815:467a
2606:4700:4400::ac40:9914
2a00:1450:4001:813::2003
2a00:1450:4001:82b::200a
2a00:1450:400d:805::2003
2a00:1450:400d:80a::2004
2a02:2638::24
2a04:4e42::485
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
0ba372c8ce207f2b0da834dd555d7dcbaf1c7821f463e869f6c07be51af9700b
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
248f70de6971369370787ad97c0fff12556d9086ebf711615bc9e18769934503
25099b5cc264b36daf2324ca3a338307cfc5b2b1ffafc85f5fd1bb6e755840fc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
411307e2ebb15fd8a8d532372dabb8f643c1a4f46bde7e6508ca41f2832c6d41
422e5b14896b59cfbdb959e91197045509f7551c5c4f3a03621915a5919e6a1a
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
56148b9dfab26b937a329c7e63057d4e13102bb025712e058549db2d09d4478f
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6b8753a93a629dcfbf2a494c5d2c1bcc026754958fcd10c06bfbf4bc3f0e4841
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e
89e5762e9d3030f7f84f342fdfc505dc7efef6157b9988579fcaf23c55a8be54
8e9d6f4d7f31ca301affe27306cd278fa5375943a4fedad6e8496bdb29b8f7cc
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
a494653dccb32704c33b017ed5d9c480b6e5758bc3408952536aa5da77d7792e
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af81de083b3ebb43909ca66d215b9b570416783ccc11b881788d5047a1ec3f16
bb17077dec870ac8a65b5659945f09990ccab5b3c83969c580e6c9b95aff578d
c02b1318df77a20ba76a1a70cf38cd6f15e0e93d7a25ecf1be10eb58c5414f33
cb6aaaf22890abd945f6931b466f0d8a7dda3eb128c02d314f982cf2c7d9a549
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46d7c330d93ed1f46eac182657707e88ef70819d1c44d0a830b9870fe1f3aea
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

ouo.press Open in urlscan Pro 2606:4700:10::6816:3afb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

94 %HTTPS

52 %IPv6

19 Domains

27 Subdomains

21 IPs

7 Countries

993 kBTransfer

2925 kBSize

14 Cookies

2 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

94 %
HTTPS

52 %
IPv6

19
Domains

27
Subdomains

21
IPs

7
Countries

993 kB
Transfer

2925 kB
Size

14
Cookies

53 HTTP transactions
1 data transactions