urlscan.io logo urlscan.io
SecurityTrails logo

ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ouo.io/lYuVAs
Effective URL: https://ouo.press/lYuVAs
Submission: On November 28 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 7 countries across 33 domains to perform 94 HTTP transactions. The main IP is 2606:4700:10::6816:3afb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.
This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 142.91.9.135 7979 (SERVERS-COM)
1 192.243.59.20 39572 (ADVANCEDH...)
10 104.19.132.80 13335 (CLOUDFLAR...)
2 44.195.137.121 14618 (AMAZON-AES)
1 18.66.97.73 16509 (AMAZON-02)
6 18.66.122.74 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.166 15169 (GOOGLE)
1 2.18.234.190 16625 (AKAMAI-AS)
2 173.237.61.68 7979 (SERVERS-COM)
5 18.66.109.174 16509 (AMAZON-02)
1 13.32.99.117 16509 (AMAZON-02)
1 35.158.25.241 16509 (AMAZON-02)
1 178.250.0.165 44788 (ASN-CRITE...)
1 213.19.147.42 26120 (RHYTHMONE)
1 4 185.33.221.13 29990 (ASN-APPNEX)
1 2602:803:c002... 26667 (RUBICONPR...)
1 104.19.131.80 13335 (CLOUDFLAR...)
1 63.34.228.134 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2602:803:c002... 26667 (RUBICONPR...)
1 104.19.138.80 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.251.154.165 16509 (AMAZON-02)
4 23.37.42.132 16625 (AKAMAI-AS)
1 1 185.29.132.245 30419 (MEDIAMATH...)
4 69.173.144.165 26667 (RUBICONPR...)
3 3 69.173.144.138 26667 (RUBICONPR...)
1 3 142.250.186.66 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
1 35.244.174.68 15169 (GOOGLE)
1 3.33.220.150 16509 (AMAZON-02)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 151.101.65.108 54113 (FASTLY)
94 42
1    2606:4700:10::6816:16a2 (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.io
6    2606:4700:10::6816:3afb (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.press
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    142.91.9.135 (Netherlands)

ASN7979 (SERVERS-COM, US)
video.your-notice.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
itineraryupper.com
10    104.19.132.80 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.co.uk
c.adskeeper.co.uk
cdn.adskeeper.co.uk
servicer.adskeeper.co.uk
cm.adskeeper.co.uk
2    44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com
aphycolourses.info
lasticalsdeb.xyz
1    18.66.97.73 (United States)

ASN16509 (AMAZON-02, US)
ecdn.analysis.fi
6    18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
ecdn.firstimpression.io
cdn.firstimpression.io
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
1    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net
ad.doubleclick.net
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    173.237.61.68 (United States)

ASN7979 (SERVERS-COM, US)
cdn.viaplays.com
vids.viaplays.com
5    18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
1    13.32.99.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-117.fra60.r.cloudfront.net
athyouglas.xyz
1    35.158.25.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
4    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    104.19.131.80 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.co.uk
1    63.34.228.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-228-134.eu-west-1.compute.amazonaws.com
tracking1.firstimpression.io
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2602:803:c002:200::44 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-iad2.rubiconproject.com
1    104.19.138.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.steepto.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    34.251.154.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
s.update.rubiconproject.com
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    2a05:d018:d29:3605:14b1:76c0:1806:81d9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
14 rubiconproject.com
fastlane.rubiconproject.com
beacon-iad2.rubiconproject.com
s.update.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
31 KB
11 adskeeper.co.uk
jsc.adskeeper.co.uk
c.adskeeper.co.uk
cdn.adskeeper.co.uk
servicer.adskeeper.co.uk
s-img.adskeeper.co.uk
cm.adskeeper.co.uk
112 KB
8 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
50 KB
8 doubleclick.net
ad.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
31 KB
7 firstimpression.io
ecdn.firstimpression.io
cdn.firstimpression.io
tracking1.firstimpression.io
370 KB
6 ouo.press
ouo.press
68 KB
5 adnxs.com
ib.adnxs.com
acdn.adnxs.com
27 KB
5 amazon-adsystem.com
c.amazon-adsystem.com
76 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
327 KB
4 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
6 KB
4 google.com
www.google.com
37 KB
2 criteo.net
static.criteo.net
54 KB
2 everesttech.net
sync-tm.everesttech.net
630 B
2 viaplays.com
cdn.viaplays.com
vids.viaplays.com
155 KB
2 your-notice.com
video.your-notice.com
6 KB
2 googleapis.com
fonts.googleapis.com
2 KB
1 brealtime.com
biddr.brealtime.com
1 KB
1 adsrvr.org
match.adsrvr.org
265 B
1 rlcdn.com
id.rlcdn.com
1 yahoo.com
pr-bh.ybp.yahoo.com
870 B
1 mathtag.com
sync.mathtag.com
656 B
1 2mdn.net
s0.2mdn.net
72 KB
1 googletagservices.com
www.googletagservices.com
37 KB
1 steepto.com
cm.steepto.com
173 B
1 1rx.io
tag.1rx.io
165 B
1 emxdgt.com
hb.emxdgt.com
154 B
1 lasticalsdeb.xyz
lasticalsdeb.xyz
37 B
1 athyouglas.xyz
athyouglas.xyz
411 B
1 outbrain.com
widgets.outbrain.com
3 KB
1 analysis.fi
ecdn.analysis.fi
2 KB
1 aphycolourses.info
aphycolourses.info
23 KB
1 itineraryupper.com
itineraryupper.com
1 ouo.io
ouo.io
1 KB
94 33
Domain Requested by
6 pagead2.googlesyndication.com ouo.press
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 ouo.press ouo.press
5 c.amazon-adsystem.com ecdn.firstimpression.io
c.amazon-adsystem.com
4 pixel.rubiconproject.com
4 eus.rubiconproject.com ouo.press
eus.rubiconproject.com
ecdn.firstimpression.io
4 ib.adnxs.com 1 redirects ecdn.firstimpression.io
acdn.adnxs.com
4 ecdn.firstimpression.io ouo.press
ecdn.firstimpression.io
4 www.google.com ouo.press
www.gstatic.com
3 cm.g.doubleclick.net 1 redirects
3 token.rubiconproject.com 3 redirects
3 cdn.adskeeper.co.uk jsc.adskeeper.co.uk
3 www.gstatic.com www.google.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net ecdn.firstimpression.io
static.criteo.net
2 sync-tm.everesttech.net 2 redirects
2 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 googleads.g.doubleclick.net ouo.press
2 cm.adskeeper.co.uk jsc.adskeeper.co.uk
2 c.adskeeper.co.uk jsc.adskeeper.co.uk
2 cdn.firstimpression.io ecdn.firstimpression.io
2 fonts.gstatic.com fonts.googleapis.com
2 jsc.adskeeper.co.uk ouo.press
jsc.adskeeper.co.uk
2 video.your-notice.com ouo.press
video.your-notice.com
2 fonts.googleapis.com ouo.press
client
1 acdn.adnxs.com ecdn.firstimpression.io
1 biddr.brealtime.com ecdn.firstimpression.io
1 mug.criteo.com
1 match.adsrvr.org
1 id.rlcdn.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 vids.viaplays.com cdn.viaplays.com
1 s.update.rubiconproject.com ouo.press
1 s0.2mdn.net ouo.press
1 www.googletagservices.com googleads.g.doubleclick.net
1 cm.steepto.com
1 beacon-iad2.rubiconproject.com ouo.press
1 tracking1.firstimpression.io ecdn.firstimpression.io
1 s-img.adskeeper.co.uk
1 servicer.adskeeper.co.uk jsc.adskeeper.co.uk
1 fastlane.rubiconproject.com ecdn.firstimpression.io
1 tag.1rx.io ecdn.firstimpression.io
1 bidder.criteo.com ecdn.firstimpression.io
1 hb.emxdgt.com ecdn.firstimpression.io
1 lasticalsdeb.xyz aphycolourses.info
1 athyouglas.xyz aphycolourses.info
1 cdn.viaplays.com video.your-notice.com
cdn.viaplays.com
1 widgets.outbrain.com ouo.press
1 ad.doubleclick.net ouo.press
1 ecdn.analysis.fi ouo.press
1 aphycolourses.info ouo.press
1 itineraryupper.com ouo.press
1 ouo.io 1 redirects
94 54

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
www.adskeeper.co.uk
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
your-notice.com
R3		 2021-11-06 -
2022-02-04		 3 months crt.sh
itineraryupper.com
R3		 2021-11-18 -
2022-02-16		 3 months crt.sh
aphycolourses.info
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
analysis.fi
Amazon		 2021-01-03 -
2022-02-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
cdn.viaplays.com
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
athyouglas.xyz
Amazon		 2021-11-25 -
2022-12-24		 a year crt.sh
lasticalsdeb.xyz
R3		 2021-11-18 -
2022-02-16		 3 months crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
update.rubiconproject.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
vids.viaplays.com
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh

This page contains 13 frames:

Primary Page: https://ouo.press/lYuVAs
Frame ID: E62C3F2E5F5909D94E052D4A97951D35
Requests: 36 HTTP requests in this frame

Frame: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/lYuVAs
Frame ID: 587CECF84B1A24FE1FE7AFC336FB0112
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=4nd95l396225
Frame ID: D7CECAB7194B40962E0D4AF515397169
Requests: 5 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 04AF30F1909FB794B514894633566A60
Requests: 15 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1638133948841434796872
Frame ID: BE66C0D10E23C05BB2103372FCA6A31C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjbfRCit6ICGPz3z7gBMAE&v=APEucNWWaPdzsd9HTpjDPf9V4UuL5ZWxjQXpHkd9pvPp0jQRXmvFxLeSg4NPnthUXSMTofcddBAnXRVVlq9dnmYW_5R0uNQp1e5Yvb72w8-6qVayTh3sDg0Q5wzkItgmF0upQDmfs42VKMBz6QGag2XMBgMviX-TBAUEHad9lvAC-iiJ-9ERo0s
Frame ID: CAFC3F185CAF57D06C2E2BFF3ABC46E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axt7_octnBA5gv9m4BzvC2zsMGeMytr6s_SxPoC8DDtIvVMK3vI9Eou4jx8rBqs0UXYA-XWurBESkWBX7aNJ89ouQRQql2-el5MX92uh8DBi1GDITY0WFwd0OpyB3gMGmIhiLn506wsdCz9WUQ3U3zU8UjHg&cry=1&dbm_d=AKAmf-DLvByEZItXGrOmcyX37OyzcpQ0RdHLUr4egBvoSQutkeZNVEepeAc2HgWTcAfpBIOaeWcjY9TCR6x7bX19P5dPwGDW7Y7lTvscDbcfGg9KBhL4K03o8Pp3EcoPR9dsoYwqexf4zom5lZ44RXAkUOa_y_4-1RAYCY9ozyQKLONQzHY3nvRrGzbda6VIXyWnSo-ElhEgOGDNpJZnTiYHiKo8bIdEP4seKq7YIV-58VsLzbiSzMU5vpjH8nN7W7z9PJFLkDv1C-mFWuHOVFWH7EOWYaDjHLbPuHkO9atRhpj_-0BY5Eq-xDa3bQ0hXKCBvQfWrA44IZ3Gi69RvP9B7RPoZ-g7yfm7_qhA_k0HIblSuMc5SNgZ_HI0v75JCsptbEsq7tvLECO0Gna6NXC6qZIEamcnPJty5CxPSkg2YWpGynOwAWowSB-CbgLAgzRuo06Kd1ZqLkABImZNksPPdVTxzu3eqzezSkEFZCn-9sRjr5wnAiqtzCY-Hu2j1J5g1r6koGzpl9JvqdsixoHZyEc-KHn2fxGFRf_4tqFfzAlshCSjwAulJYRQwO7rvFJrPLu7AVwZbxibdntLXvBJ3sJr50v7vUKX7jdaaU1U8UFRhFtR_JYjVa_mOV34Ot4h4Y0FA-SD_A6FM1wVD4AYuY28GZmkYMwbw009RPLx4Iwomn95VfY92kPc-mGZiMn_UTnPqylw2SY0UnbslwEyueiD1krCv_daI3b-POSjXcPvEnbJVCORKjJjrXPDRgSCIBQVH7hF9tRZ2kL-VSY8bFnliBhByaL00bXJnkDxnRJTMN0SIcT-FgnEzmIY1AALOLn0O0HghzULdt000YzwJ4tdHrPnhpZK2PLdUCFC8bFYsailHLAeOwT4g37VsCtXmYmq6ED8Z9Dd54ow159G0LsIeC8uj9JyI9w57ZFrjRJwD9Yz-GKexQRWC4_5rj_f_ywXB5eEOWqBtEr3XBZukmJ0PdUfLVJ3r_vqBahlECWZ2yYBlKXpcLoCvIayHUIQ4E3G4Hf23zBJBL5_ECkh-JWFe6NFKCZTlxgoa3VJ5EfFQgBoElP2MD9wxG0s4nx4zgDi5caSeRCc379iDet82s7rIQsjERRthcWNiBBETRci1b36lrW_uazXJ1VBsBaXsFn0Tbf46pJg3FMsSxaDiY7o66gzZAFbT9HjYLJir5a42YIN4-dB5qmGLtNFdpKyYHU7orZwIeuYOgXtKzadraeA7KiKPrdDPZIMXoW-cg6wmacxEbbx_KkYO4SPPfvtb6-FXKZdddo_eKNpc1MLrqF6vMLNVAG7T2r_p0Q0LZfqecHenh7DXiJKwFufqypHbijq0qxuKt8ZW3HepvrJW5eu5nDZD-DWhzhhVTi3Fd-yrs80y4go_RotJpFWpvvFXsu65IlcaHJd3ZPS0PEiBqsczaGgi99Op9innGB0Y5crxfQMDG8AAnY7HxfHAX9Jp8x--q5OWRc1wo91Oz4r2jzsd2_3tXfc-A2prxNZRfB-h_SqXTJqzTJ7btM9nx9Pwu_mPY80F-hRsx48uya3aCmIJpuss7YO5ha7U96CMQHN-cmvF0U74sFke3pIultUtsqzmPgfIjyEym1F7A8xY5JCL8OmyKRRO63KxnnfZoyR4gNp4-8CfZlXJBfNgJvRIdYa1eRQi5LTu0qltsNesoE7lQgOiVA2yTgiUrFy4i3aIsZWMjgBa7YcFXOiPI5PAYh5sp85RzUYEcZxe06S9lk8bhizRJFrP2tr9xi0mKrG4gxNHLuurLIxMVKnoREI7B-NwZb2fdpeFvhm_4qTqs_IbfbzB-TjMAU71AktuZ7krWHXT1zJ5eRMhOHnJKcYgfa1O86sxlCS3Lf0kmv_9xAUF5FQ0XmNZ1tGfj_tFnhlsKspcPS-9RCRg82n3MD94WpqZlNIGcHXfIBn4litPBX0NMgthmxwnAB48XriahDJd9gylssWt0rm-hIv_-eqdKWPIPxX021BQqQyZ63fB7DmUiho4y46Di-DX3pRc4An6x_ddOvC5ALuSH1t0ct1WMXMFuhnaydu-n77USF6Kx0McwkxLJ0Rd2ID2FkUkATWShWnYcwRI4Cn5vGCH8pZtU1wFpN6C9BD_EIkCvIrmPaiNWQFK64iU17FhKFRjn6aGHtOzDO7JTJbU6oQJueNOMIKVInSmVQW7O-_aTe2ZAh5b2-eGNKGH3eoRzMVKWbDuaOBkpqxLtrHl37Ql7fSrimWebWdZg04yu_WnG_5OBthuJROegTIMUg9EQgwpOXZD1-tx2khlompJNXykhtL7Ip8UWSbU_szFxT8B8FDQqXFqJbCY1TMO-sm3BMyHuT6b6XbJfX4_73Q_tg6V4XPyWoV4PI93ytMUPEEbTGkZkAGkeJ7XLBRQBlVPARHPG9v5VZ_klq04WG22KSStv8do5iOTw-IKqtlXd369ufVRX-8OELWeTZUpqWgQxi-McYFoxcWgNNx43E7bgu1KGqvMxXDjIJOPZVdyXmDlxRYT3hBq0F2-0fehq8x5XEzCxR5DSt0PRtWKZubHKC5j8L44_o0b_s_gmSsMngx8md34bvsLmgkbt0k3pFuHwn1lI_Bx2W-bhnprpzOjIeQMOvECGtU6LgszKjyoP-6F_P_gl9cfBa7PmJAYPa80gq2u-C83AiYNNmSAbrQcgNalZPl98e34oc2JDVKcvwlO4gSF2MPotv7zVd_Qbd2w7yGRa4EIKwJZeuzLlQXTo5mgZagOFBwE7zRw4cdRVElR48lXF7jjXQHRubY9MhyOlMEMIC1oZppA_F9NCZ-2yusd57xRggrMIZlVYmJpzNRC22ToyCYEucrcvaEyyBx8pRnrPRgihrA9uy6B2IlwM_bRuroDBHLO2LNernBbkAQmOaj9AjJBUuZSeSjxWxBH897Lg6CjaZ3n9MVuqoW4INXCsC1cEjJqP8Wgep5PkcQLjE-v8Pgz8KTdljMnIBW0xWvJjryvD1Jcsk2FAjpXdlnwVFN2fmo7mEWTZAt5rFrIG_0beQ7iZQ4sNK-Y_3VmkbhCASHRzZL94DNS8Q_hJkO3Uuuqzf60Pr5i8ms_dzQPurmd_K3FYoceA&pr=8:9F464A194B16EA9D&cid=CAASBORoiQI&rfl=2%2Chttps%253A%252F%252Fouo.press%252FlYuVAs%240
Frame ID: 1ED3745196FA57F6B8D2BEEAC27464E8
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=uk
Frame ID: 4C3D0F3AC1A2FFD7ED1D1AF5399BA2F5
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 604794EB6F957C699DBFF2EA9137976C
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: FB547385BFC050D562831A17AB699544
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 66A900DC49A9B01FAD3D0E6ABE8A662B
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 8D27607718609EFA22275201BBE8D598
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0A686D9ED13605D15D6B9C8153BA9925
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

  1. https://ouo.io/lYuVAs HTTP 302
    https://ouo.press/lYuVAs Page URL

Page Statistics

94
Requests

90 %
HTTPS

33 %
IPv6

33
Domains

54
Subdomains

42
IPs

7
Countries

1487 kB
Transfer

4239 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ouo.io/lYuVAs HTTP 302
    https://ouo.press/lYuVAs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5fdb61a3-f0bd-4400-bd25-369c9f6448d0
Request Chain 74
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dKUU5PV1AtMUwtNFZFQw==
Request Chain 75
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YYCippuDvIqP9JXFbfUe2cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6752027671166635117
Request Chain 76
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECyeIRkX0QnsNtOGI7FGLJ4&google_cver=1
Request Chain 77
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YaPwvgAIG408rABG HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaPwvgAIG408rABG&_test=YaPwvgAIG408rABG
Request Chain 79
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmJmYzY4NDAxMDExMjFmYWQ2MmFhZWI3Y2QxNDU2OThlNTk0Y2IyYg
Request Chain 87
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=0&topUrl=ouo.press&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=wh8JcHx4dDZlQ1p4dGVhUyt1U3B6RXdob1JJT29ySkRUWnFNcWc3ejBWWWwrb3FqV1h0WU1jNXlvSVZwdnZMTVJkS2IrblpFZkxWbWIvNHJtV2ozV2xrWFkxb0pieXN2SWRNdlZmN3R1WVVPV2t4M0d4d25PdTFkb1RadHN6bEx0TVRaRmNNQ2luajJrWUZiOG5FR2hkclBQZlljU1hsdUd3L3JCR1RXTStMQUJaSStIclYralJ5UTEzZWhab3h2ZnR3RyswNE83S2tERkJObmtJeFRhUTNWbXc3MlQ2SDl0TWQzd3h2WWNIalNJWWxqU2lTaDBWaHVPRm9sM1k0aVg1VVl6ODN1ZnZwZEFpR0UyREgxYUdKWEFlUT09fA&cppv=2
Request Chain 93
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lYuVAs
ouo.press/
Redirect Chain
  • https://ouo.io/lYuVAs
  • https://ouo.press/lYuVAs
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50cc853b333d0ddce8553fd8084d7cbca908e19ca1eb85a5bef254ff7699e1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Sun, 28 Nov 2021 21:12:27 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b569833a8000e1a-MXP
content-encoding
br

Redirect headers

date
Sun, 28 Nov 2021 21:12:27 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
location
https://ouo.press/lYuVAs
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b56982fbb2a0f86-MXP
css
fonts.googleapis.com/ 		1020 B
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0bfa9b1629f8060bbddfae32fbd6dfd8b9b18c0d39ef5041b4ea12469712fff8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 28 Nov 2021 20:54:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 28 Nov 2021 21:12:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Nov 2021 21:12:28 GMT
bootstrap.css
ouo.press/css/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/bootstrap.css
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/lYuVAs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7472
cf-polished
origSize=109522
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Sat, 14 Feb 2015 06:58:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"54def1fc-1abd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
6b56983728280e1a-MXP
expires
Mon, 29 Nov 2021 07:07:56 GMT
link-safe.css
ouo.press/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/link-safe.css
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/lYuVAs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7007
cf-polished
status=cannot_optimize
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Wed, 02 Oct 2019 21:46:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d951ace-1830"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
6b56983728340e1a-MXP
expires
Mon, 29 Nov 2021 07:15:41 GMT
sw-mav-n.js
ouo.press/ 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ouo.press/sw-mav-n.js
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911e3c686b479a09d9d41a501e53ad7f52cd1d1a1f83a723598d313ed9b681e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/lYuVAs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5122
cf-polished
origSize=95651
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Thu, 09 Jan 2020 08:01:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e16ddd3-175a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6b56983728370e1a-MXP
expires
Mon, 29 Nov 2021 07:47:06 GMT
api.js
www.google.com/recaptcha/ 		884 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
af4e627064bcaf89fa352a90d71f8ad6294ed8e5625290b2f4cdc173fa15ee1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Sun, 28 Nov 2021 21:12:28 GMT
html_102001.js
video.your-notice.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.your-notice.com/html_102001.js
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
45284cf5f66bf13b5df3efb6673d4968619259f53d317c6dd7c5853a1e68a471

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:23 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
ed36014633829dc70a42dccaefdf3f11.js
itineraryupper.com/ed/36/01/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
ouo.press.911109.js
jsc.adskeeper.co.uk/o/u/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7748820d0cfdbc69f5055faf8912715b8c8454dec2831703870c2a82a57c51e4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
br
cf-cache-status
HIT
age
7037
last-modified
Thu, 25 Nov 2021 12:13:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
EXJD10Z1BQFY0849
x-amz-id-2
1K5NYIhH5+cObLWydwOZH/uOF4ApZFMRck7Q/n6cnoI/YrI/sTbVAD002+HZ84dt1sVjKFv+tP8=
cf-bgj
minify
server
cloudflare
etag
W/"f085d669d42d638766c00aa812daae61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
6b569838ad1171cc-LHR
expires
Mon, 29 Nov 2021 01:12:28 GMT
world.png
ouo.press/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouo.press/images/world.png
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/lYuVAs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
852361
cf-polished
status=not_needed
content-length
5692
x-xss-protection
1; mode=block
last-modified
Wed, 06 May 2015 05:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5549a07c-163c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Sun, 19 Dec 2021 00:26:27 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6b5698384a9c0e1a-MXP
cf-bgj
imgq:85,h2pri
email-decode.min.js
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/lYuVAs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Nov 2021 17:32:49 GMT
server
cloudflare
etag
W/"619bd441-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6b5698382a570e1a-MXP
vary
Accept-Encoding
expires
Tue, 30 Nov 2021 21:12:28 GMT
WmkyVmohS0EhNS8bXnRQeAFGIhopUx15BS8GHCYYPxpBeRktRF83HHcHHDwZeEUQJQc8SwhnRngdUzE1Mw0QbEhtUQVgX2pLHnQZLwttPw5oSwh0X2hRVG8JPwwfNFs8UB9iCDhYHzQJY10fMF9uWgZiX2pQB2BTeBQ
aphycolourses.info/ 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphycolourses.info/WmkyVmohS0EhNS8bXnRQeAFGIhopUx15BS8GHCYYPxpBeRktRF83HHcHHDwZeEUQJQc8SwhnRngdUzE1Mw0QbEhtUQVgX2pLHnQZLwttPw5oSwh0X2hRVG8JPwwfNFs8UB9iCDhYHzQJY10fMF9uWgZiX2pQB2BTeBQ
Requested by
Host: ouo.press
URL: https://ouo.press/sw-mav-n.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-137-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
763ce08de6deff3abf1458fb32a757404d58f781b8a950435c5b5b78f9c7ba6c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"e0f6-aRhDMHhuf0mfuj6diQx3j8U8HTU"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 20:34:15 GMT
content-encoding
gzip
last-modified
Sun, 28 Nov 2021 16:43:50 GMT
server
nginx/1.18.0
age
2293
etag
W/"61a3b1c6-10af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
iSzSYAQo3tHvHFtox1ot2yjaLgj8Nap02_wzG8WzNg04aSbf0XK3Ew==
via
1.1 3a3c1dcacd115187f53f40028ae4bd25.cloudfront.net (CloudFront)
expires
Sun, 28 Nov 2021 21:34:15 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
951ef58110da257af184d070debdb8c9a82eb8810d44158524c4c31a59dc9b61
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 20:34:14 GMT
content-encoding
br
age
2294
x-powered-by
PHP/7.3.23
x-cache
Hit from cloudfront
x-xss-protection
0
access-control-allow-origin
*
last-modified
Sun, 28 Nov 2021 20:34:14 UTC
server
nginx/1.18.0
etag
W/"954cfe983cffc758b6364b42130ed776"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
-MAy6RGZc5atSsojbvW_e_SowkkbeCeiYwZvVuzkf3SQpC3gcVzutA==
expires
Sun, 28 Nov 2021 21:34:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 		343 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 16:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137335
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Mon, 28 Nov 2022 16:24:50 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 13:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Nov 2021 13:28:01 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
last-modified
Sun, 28 Nov 2021 09:31:35 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1638092476.569147"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Tue, 28 Dec 2021 21:12:28 GMT
ouo.press.911109.es6.js
jsc.adskeeper.co.uk/o/u/ 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
935dce9553032fcf99a5dd32430786c187b47f8f4d99042ac9f3d3a52c51f5df

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
br
cf-cache-status
HIT
age
7037
last-modified
Thu, 25 Nov 2021 12:13:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
N3VX53EHW3SEYWGS
x-amz-id-2
HOQxJoFBrDyHZRI4Ek7ESQddPX9fVLhGM7PgzZJF4hlMplqLABPB4089KQEE5AHxV+Ru8XZ0LOE=
cf-bgj
minify
server
cloudflare
etag
W/"91112271f7a60a882e74dadefa29a27f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
6b569839df8571cc-LHR
expires
Mon, 29 Nov 2021 01:12:28 GMT
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v13/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/questrial/v13/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62a17bc7232cf7af5c41ff98ec5a59d300d586773b5850e460aea5387f60c8b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ouo.press
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 18:03:35 GMT
x-content-type-options
nosniff
age
356933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19404
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:43:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 18:03:35 GMT
slider-44.php
video.your-notice.com/ Frame 587C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/lYuVAs
Requested by
Host: video.your-notice.com
URL: https://video.your-notice.com/html_102001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f0ef138a8e7708885f1e02cb5d4548d55ea4a48cee7aa115e3f438ca89af0240

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:24 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
anchor
www.google.com/recaptcha/api2/ Frame D7CE 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=4nd95l396225
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1726e1aae1da6f5b16c581f5c249ba0ff7c79d2d985875408f75facf4a0d0739
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-848rJic0DBTEbRKgGnVPHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 28 Nov 2021 21:12:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-848rJic0DBTEbRKgGnVPHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20135
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
spc_fi.php
cdn.firstimpression.io/delivery/ 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FlYuVAs&charset=UTF-8&ch=21&ref=ouo.press&viewerId=null&referer=&_firid=73874569
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
52d6d47a3c3542354e48c8cfd3d1ca9e02a57edd4c1dfca35c2abbbe7a10cd3f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/7.3.23
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://ouo.press
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
K-w5cEFwHIxOFP0F72IP7GgqxjpBKX_5oAdZO7VlBm9s7RCJwggiig==
expires
0
PLAYER-200128-pack.js
cdn.viaplays.com/static/ Frame 587C 		710 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viaplays.com/static/PLAYER-200128-pack.js
Requested by
Host: video.your-notice.com
URL: https://video.your-notice.com/slider-44.php?html=102001&new_left=1&ref_page=https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.61.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 17:43:54 GMT
server
nginx
etag
W/"5e5e975a-b1749"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
09d3acef1da23f7add4af1011a6ba2a252dedbc4674845da969464fb0cc43c04

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 20:34:14 GMT
content-encoding
gzip
last-modified
Sun, 28 Nov 2021 14:21:58 GMT
server
nginx/1.18.0
age
2294
etag
W/"61a39086-4e125"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
gZlazRFoSAlbDb-Kc3dhhnW7xRjGoVO9j2J1wMbjB9X7t9wiH9XMJg==
via
1.1 0cef334729aed841ca9f130c177beebb.cloudfront.net (CloudFront)
expires
Sun, 28 Nov 2021 21:34:14 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:02:15 GMT
content-encoding
gzip
age
612
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
108PTX272Z73M8BQ9R9R
etag
1e39d25f07f5619925357b752ab10d04
vary
Accept-Encoding
x-amz-version-id
qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
via
1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
oVmqx2SGjZUN-NG88WmGm6Wv22n3_kjjH2CCYCxD6WBLwxM33Y-wxw==
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 04AF 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b86de1f94e460206292c4a8e29891e04e684c12d431dda6e0e10570f253a81ef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 20:34:14 GMT
content-encoding
gzip
last-modified
Sun, 28 Nov 2021 18:07:28 GMT
server
nginx/1.18.0
age
2294
etag
W/"61a3c560-1b91f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
ouver-lCyKTH66c02M2VNXbKYzbi2GD3xSc5woIgwLXi8TA2i-kUOg==
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
expires
Sun, 28 Nov 2021 21:34:14 GMT
truncated
/ 		592 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame D7CE 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=4nd95l396225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 17:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Mon, 28 Nov 2022 17:01:08 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame D7CE 		343 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=4nd95l396225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 16:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137335
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Mon, 28 Nov 2022 16:24:50 GMT
utx
athyouglas.xyz/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://athyouglas.xyz/utx?tid=787650&top=ouo.press&cb=1l2IsQsw0U2z
Requested by
Host: aphycolourses.info
URL: https://aphycolourses.info/WmkyVmohS0EhNS8bXnRQeAFGIhopUx15BS8GHCYYPxpBeRktRF83HHcHHDwZeEUQJQc8SwhnRngdUzE1Mw0QbEhtUQVgX2pLHnQZLwttPw5oSwh0X2hRVG8JPwwfNFs8UB9iCDhYHzQJY10fMF9uWgZiX2pQB2BTeBQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-117.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:28 GMT
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://ouo.press
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
P5waHHAfKn3zIBxUtGNwBtCz6O5teRZtmNSD2MvqFzmSDmrZSKJjrg==
/
lasticalsdeb.xyz/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lasticalsdeb.xyz/
Requested by
Host: aphycolourses.info
URL: https://aphycolourses.info/WmkyVmohS0EhNS8bXnRQeAFGIhopUx15BS8GHCYYPxpBeRktRF83HHcHHDwZeEUQJQc8SwhnRngdUzE1Mw0QbEhtUQVgX2pLHnQZLwttPw5oSwh0X2hRVG8JPwwfNFs8UB9iCDhYHzQJY10fMF9uWgZiX2pQB2BTeBQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-137-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 04AF 		312 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
09d3acef1da23f7add4af1011a6ba2a252dedbc4674845da969464fb0cc43c04

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 20:34:14 GMT
content-encoding
gzip
last-modified
Sun, 28 Nov 2021 14:21:58 GMT
server
nginx/1.18.0
age
2294
etag
W/"61a39086-4e125"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
11JK-Kxh91Qi4CuUlciW4n0dJWqBauFjK_zWUv23N6Y3Y-jE3n3s-w==
via
1.1 0cef334729aed841ca9f130c177beebb.cloudfront.net (CloudFront)
expires
Sun, 28 Nov 2021 21:34:14 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D7CE 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=4nd95l396225
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 28 Nov 2021 21:12:28 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame 04AF 		1 B
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C88461%7C93863&campaignid=18%7C15%7C9%7C44%7C6%7C43&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:28 GMT
content-encoding
gzip
server
nginx/1.18.0
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
n_Dzteuy2SwgtITU0_1VPkHkez8jiy2N98oBHaWjrFYNWmK4viK_aA==
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
expires
0
/
hb.emxdgt.com/ Frame 04AF 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1638133948433&src=pbjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sun, 28 Nov 2021 21:12:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
cdb
bidder.criteo.com/ Frame 04AF 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=28147529714
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sun, 28 Nov 2021 21:12:29 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
mvo
tag.1rx.io/rmp/212927/0/ Frame 04AF 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
pragma
no-cache
date
Sun, 28 Nov 2021 21:12:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ Frame 04AF 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
15f13473df0f6891c25abdac47dfbd82f994e8d1c0037bf47d74b54fcdd059e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 28 Nov 2021 21:12:29 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.238.142.216; 89.238.142.216; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e3bd7261-6b8f-4dde-a397-1fb7770b147f
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 04AF 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FlYuVAs&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FlYuVAs&tg_i.page=https%3A%2F%2Fouo.press%2FlYuVAs&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=833a4165-4e1c-41c4-8f73-11c39cc8202c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12502698239692056
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3d70de144aa6da2d15fe3984f8fa36c19e05c310ff197779493924279f1e54fc

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 28 Nov 2021 21:12:29 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7264
Expires
Wed, 17 Sep 1975 21:32:10 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 04AF 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:02:15 GMT
content-encoding
gzip
age
612
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
108PTX272Z73M8BQ9R9R
etag
1e39d25f07f5619925357b752ab10d04
vary
Accept-Encoding
x-amz-version-id
qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
via
1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ACHFLkyq1rggTwbfupoJzRR1dYAJTmTs9RWVqEnRC-RIlb9CKE_Fug==
reload
www.google.com/recaptcha/api2/ Frame D7CE 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
662457688e5e95884cd6e8f3e2145f35e7c04a3237407eac6e57cef11c65ec14
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=4nd95l396225
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 28 Nov 2021 21:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16314
x-xss-protection
1; mode=block
expires
Sun, 28 Nov 2021 21:12:29 GMT
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 28 Nov 2021 20:00:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 28 Nov 2021 21:12:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Nov 2021 21:12:29 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 04AF 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 18:02:08 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
server
Server
age
11420
x-cache
Hit from cloudfront
access-control-allow-origin
https://ouo.press
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
Xx3pSBFvs-x_hMLOypoJ70u2hzp6CKBpojgqj-4ixzJAb0yapEOToQ==
bid
c.amazon-adsystem.com/e/dtb/ Frame 04AF 		23 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FlYuVAs&pid=JhP8Zu7HxbNxq&cb=0&ws=728x90&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:29 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
VJ0EMPT05G54HF524DNR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
VRiS33LvdwCbV5man8vj9efuwlzil0onsBb0Mu18olcUatw89KpN_A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 04AF 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
65515
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
date
Sun, 28 Nov 2021 03:00:34 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
-S7z0KucdA94cO8ROmOG3IXN7S6pSQQR-HOaXJn6hB7emwpiePHWig==
/
c.adskeeper.co.uk/pv/ 		0
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.co.uk/pv/?pv=5&cbuster=1638133948584290038555&uniqId=0f688&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fouo.press%2FlYuVAs&lu=https%3A%2F%2Fouo.press%2FlYuVAs&sessionId=61a3f0bd-0995d&pageView=1&pvid=17d686460a8a8d96c04&site=272839&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b56983e28d171cc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:29 GMT
content-encoding
br
cf-cache-status
HIT
age
977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
W750EWWBEB7695CK
x-amz-id-2
5XW9mpMf7BEBaWg6L5N02ER8RQ5JXVFm2XFDqCJ0AnalPRIWj8bJDh0v0ZcMOnl7jLcuxvTzhRU=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6b56983e38f571cc-LHR
expires
Mon, 29 Nov 2021 01:12:29 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ouo.press
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options
nosniff
age
357370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 17:56:19 GMT
1
servicer.adskeeper.co.uk/911109/ 		1004 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.co.uk/911109/1?pv=5&cbuster=1638133948664781634035&uniqId=0f688&niet=4g&nisd=false&jsv=es6&w=495&h=387&cols=1&ref=&cxurl=https%3A%2F%2Fouo.press%2FlYuVAs&lu=https%3A%2F%2Fouo.press%2FlYuVAs&sessionId=61a3f0bd-0995d&pageView=1&pvid=17d686460a8a8d96c04&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9777430d5d6bfa55792658951fe20f2bb7e239736d7f98c1ccb535a2bb2a1fd3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b56983e99ce71cc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:29 GMT
content-encoding
br
cf-cache-status
HIT
age
1516
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
JFFMQEW5158PPTZS
x-amz-id-2
D2/onbJF8DykmMyBInw3WCo3j7hZXbk6XcvYLw1bVPl00vSmp/sIOU22QGoMfYDD8rx6OxUnU8s=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6b56983f4e867789-LHR
expires
Mon, 29 Nov 2021 01:12:29 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzRlNGQ3OTFiYWM0Y2I3NjA1MmJjNzM3YWJjZWZmMjRiLmpwZWc.webp
s-img.adskeeper.co.uk/g/5097648/492x328/0x0x750x500/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/5097648/492x328/0x0x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzRlNGQ3OTFiYWM0Y2I3NjA1MmJjNzM3YWJjZWZmMjRiLmpwZWc.webp?v=1638133949-sa1Xpi2dkR1cF3yfm1pUDIIRHtEn68EZwmd62Lhadqc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a6fe12eda0292d2087434b27aae12b65306806ed7929228ac8c657cf4c6b31

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:29 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:02 GMT
x-mg-request-uuid
5e74533c-805b-4145-b09b-90d0698dd2fc
age
2871619
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6b569840094776c0-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35760
server
cloudflare
int_exchange_wages_ad.svg
cdn.adskeeper.co.uk/images/adskeeper/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:29 GMT
content-encoding
br
cf-cache-status
HIT
age
28
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
QRDHHMHHS4AJ32X3
x-amz-id-2
OlUuZXUryQoajYaK3syQlTqOp7mz3g5LDmVcdFuwECZQS5tGkKEbEQRQmK+1aMMD9pxe8tdNOws=
last-modified
Mon, 04 May 2020 12:16:42 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6b56983f6ee27789-LHR
expires
Mon, 29 Nov 2021 01:12:29 GMT
i.js
cm.adskeeper.co.uk/ 		113 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i.js?&cbuster=1638133948821689084802
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
689e94d9fb8718f3f8761bf8408fbbf7d4eb5ec5b3894e846469d45d3417be69

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Nov 2021 21:12:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b56983f9be771cc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i-noref.js
cm.adskeeper.co.uk/ Frame BE66 		19 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i-noref.js?cbuster=1638133948841434796872
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Nov 2021 21:12:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b56983fabfd71cc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ Frame 587C 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
v1
tracking1.firstimpression.io/habit/ Frame 04AF 		2 B
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.228.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-228-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 28 Nov 2021 21:12:29 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame CAFC 		0
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjbfRCit6ICGPz3z7gBMAE&v=APEucNWWaPdzsd9HTpjDPf9V4UuL5ZWxjQXpHkd9pvPp0jQRXmvFxLeSg4NPnthUXSMTofcddBAnXRVVlq9dnmYW_5R0uNQp1e5Yvb72w8-6qVayTh3sDg0Q5wzkItgmF0upQDmfs42VKMBz6QGag2XMBgMviX-TBAUEHad9lvAC-iiJ-9ERo0s
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 28 Nov 2021 21:12:29 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 28 Nov 2021 21:12:29 GMT
cache-control
private
ad
googleads.g.doubleclick.net/dbm/ Frame 1ED3 		55 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axt7_octnBA5gv9m4BzvC2zsMGeMytr6s_SxPoC8DDtIvVMK3vI9Eou4jx8rBqs0UXYA-XWurBESkWBX7aNJ89ouQRQql2-el5MX92uh8DBi1GDITY0WFwd0OpyB3gMGmIhiLn506wsdCz9WUQ3U3zU8UjHg&cry=1&dbm_d=AKAmf-DLvByEZItXGrOmcyX37OyzcpQ0RdHLUr4egBvoSQutkeZNVEepeAc2HgWTcAfpBIOaeWcjY9TCR6x7bX19P5dPwGDW7Y7lTvscDbcfGg9KBhL4K03o8Pp3EcoPR9dsoYwqexf4zom5lZ44RXAkUOa_y_4-1RAYCY9ozyQKLONQzHY3nvRrGzbda6VIXyWnSo-ElhEgOGDNpJZnTiYHiKo8bIdEP4seKq7YIV-58VsLzbiSzMU5vpjH8nN7W7z9PJFLkDv1C-mFWuHOVFWH7EOWYaDjHLbPuHkO9atRhpj_-0BY5Eq-xDa3bQ0hXKCBvQfWrA44IZ3Gi69RvP9B7RPoZ-g7yfm7_qhA_k0HIblSuMc5SNgZ_HI0v75JCsptbEsq7tvLECO0Gna6NXC6qZIEamcnPJty5CxPSkg2YWpGynOwAWowSB-CbgLAgzRuo06Kd1ZqLkABImZNksPPdVTxzu3eqzezSkEFZCn-9sRjr5wnAiqtzCY-Hu2j1J5g1r6koGzpl9JvqdsixoHZyEc-KHn2fxGFRf_4tqFfzAlshCSjwAulJYRQwO7rvFJrPLu7AVwZbxibdntLXvBJ3sJr50v7vUKX7jdaaU1U8UFRhFtR_JYjVa_mOV34Ot4h4Y0FA-SD_A6FM1wVD4AYuY28GZmkYMwbw009RPLx4Iwomn95VfY92kPc-mGZiMn_UTnPqylw2SY0UnbslwEyueiD1krCv_daI3b-POSjXcPvEnbJVCORKjJjrXPDRgSCIBQVH7hF9tRZ2kL-VSY8bFnliBhByaL00bXJnkDxnRJTMN0SIcT-FgnEzmIY1AALOLn0O0HghzULdt000YzwJ4tdHrPnhpZK2PLdUCFC8bFYsailHLAeOwT4g37VsCtXmYmq6ED8Z9Dd54ow159G0LsIeC8uj9JyI9w57ZFrjRJwD9Yz-GKexQRWC4_5rj_f_ywXB5eEOWqBtEr3XBZukmJ0PdUfLVJ3r_vqBahlECWZ2yYBlKXpcLoCvIayHUIQ4E3G4Hf23zBJBL5_ECkh-JWFe6NFKCZTlxgoa3VJ5EfFQgBoElP2MD9wxG0s4nx4zgDi5caSeRCc379iDet82s7rIQsjERRthcWNiBBETRci1b36lrW_uazXJ1VBsBaXsFn0Tbf46pJg3FMsSxaDiY7o66gzZAFbT9HjYLJir5a42YIN4-dB5qmGLtNFdpKyYHU7orZwIeuYOgXtKzadraeA7KiKPrdDPZIMXoW-cg6wmacxEbbx_KkYO4SPPfvtb6-FXKZdddo_eKNpc1MLrqF6vMLNVAG7T2r_p0Q0LZfqecHenh7DXiJKwFufqypHbijq0qxuKt8ZW3HepvrJW5eu5nDZD-DWhzhhVTi3Fd-yrs80y4go_RotJpFWpvvFXsu65IlcaHJd3ZPS0PEiBqsczaGgi99Op9innGB0Y5crxfQMDG8AAnY7HxfHAX9Jp8x--q5OWRc1wo91Oz4r2jzsd2_3tXfc-A2prxNZRfB-h_SqXTJqzTJ7btM9nx9Pwu_mPY80F-hRsx48uya3aCmIJpuss7YO5ha7U96CMQHN-cmvF0U74sFke3pIultUtsqzmPgfIjyEym1F7A8xY5JCL8OmyKRRO63KxnnfZoyR4gNp4-8CfZlXJBfNgJvRIdYa1eRQi5LTu0qltsNesoE7lQgOiVA2yTgiUrFy4i3aIsZWMjgBa7YcFXOiPI5PAYh5sp85RzUYEcZxe06S9lk8bhizRJFrP2tr9xi0mKrG4gxNHLuurLIxMVKnoREI7B-NwZb2fdpeFvhm_4qTqs_IbfbzB-TjMAU71AktuZ7krWHXT1zJ5eRMhOHnJKcYgfa1O86sxlCS3Lf0kmv_9xAUF5FQ0XmNZ1tGfj_tFnhlsKspcPS-9RCRg82n3MD94WpqZlNIGcHXfIBn4litPBX0NMgthmxwnAB48XriahDJd9gylssWt0rm-hIv_-eqdKWPIPxX021BQqQyZ63fB7DmUiho4y46Di-DX3pRc4An6x_ddOvC5ALuSH1t0ct1WMXMFuhnaydu-n77USF6Kx0McwkxLJ0Rd2ID2FkUkATWShWnYcwRI4Cn5vGCH8pZtU1wFpN6C9BD_EIkCvIrmPaiNWQFK64iU17FhKFRjn6aGHtOzDO7JTJbU6oQJueNOMIKVInSmVQW7O-_aTe2ZAh5b2-eGNKGH3eoRzMVKWbDuaOBkpqxLtrHl37Ql7fSrimWebWdZg04yu_WnG_5OBthuJROegTIMUg9EQgwpOXZD1-tx2khlompJNXykhtL7Ip8UWSbU_szFxT8B8FDQqXFqJbCY1TMO-sm3BMyHuT6b6XbJfX4_73Q_tg6V4XPyWoV4PI93ytMUPEEbTGkZkAGkeJ7XLBRQBlVPARHPG9v5VZ_klq04WG22KSStv8do5iOTw-IKqtlXd369ufVRX-8OELWeTZUpqWgQxi-McYFoxcWgNNx43E7bgu1KGqvMxXDjIJOPZVdyXmDlxRYT3hBq0F2-0fehq8x5XEzCxR5DSt0PRtWKZubHKC5j8L44_o0b_s_gmSsMngx8md34bvsLmgkbt0k3pFuHwn1lI_Bx2W-bhnprpzOjIeQMOvECGtU6LgszKjyoP-6F_P_gl9cfBa7PmJAYPa80gq2u-C83AiYNNmSAbrQcgNalZPl98e34oc2JDVKcvwlO4gSF2MPotv7zVd_Qbd2w7yGRa4EIKwJZeuzLlQXTo5mgZagOFBwE7zRw4cdRVElR48lXF7jjXQHRubY9MhyOlMEMIC1oZppA_F9NCZ-2yusd57xRggrMIZlVYmJpzNRC22ToyCYEucrcvaEyyBx8pRnrPRgihrA9uy6B2IlwM_bRuroDBHLO2LNernBbkAQmOaj9AjJBUuZSeSjxWxBH897Lg6CjaZ3n9MVuqoW4INXCsC1cEjJqP8Wgep5PkcQLjE-v8Pgz8KTdljMnIBW0xWvJjryvD1Jcsk2FAjpXdlnwVFN2fmo7mEWTZAt5rFrIG_0beQ7iZQ4sNK-Y_3VmkbhCASHRzZL94DNS8Q_hJkO3Uuuqzf60Pr5i8ms_dzQPurmd_K3FYoceA&pr=8:9F464A194B16EA9D&cid=CAASBORoiQI&rfl=2%2Chttps%253A%252F%252Fouo.press%252FlYuVAs%240
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
659cd2a5012e929a12042a0fec33cb2d0d2dc1cfe25088cf6594b5d103b6b514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28066
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ED3 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3SbAGNYcgjPG6mxbMwZv4GvrVrmP-MMT87zAkOGksLCFFOrMTGcT6LAjfX4Cg_6lVlP7VNmFzq0LUKoBtFwP8BIfOLvAFCcPs3QFWOiQqjZ9WY6M
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7fa2ec49-63fc-4337-a1b4-b5c2fa13c5bf
beacon-iad2.rubiconproject.com/beacon/d/ Frame 1ED3 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/7fa2ec49-63fc-4337-a1b4-b5c2fa13c5bf?oo=0&accountId=18438&siteId=202928&zoneId=1317174&sizeId=2&e=6A1E40E384DA563BD2218B2262B16D6842754C5F35A16904AA5D80A43303BD93155AC4A6F7E41CD4969EC1496D3B7853E9F89206FC79094A672EA5E95EF032D6CF80145B599E6F2EFC570450F671272FAA57DCBD924C4BA30CBED9439EEBAD763710F82D72FF94F736F1E0F51A586117BD3950017A212E6A936B4ECC0D272F7197F998B6BFBB089B8FF28CF001F560B1C7E04D16EA6B16BEC5FF4F1C2C6A1CE2E640FD7725A888DA05903475C0D3A6B2691EA7BA8667C925CDA10306204D320B
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::44 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Nov 2021 21:12:29 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
/
cm.steepto.com/setmuidn/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.steepto.com/setmuidn/?muidf=last9TqZsNcd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b569841b9cc7779-LHR
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 1ED3 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axt7_octnBA5gv9m4BzvC2zsMGeMytr6s_SxPoC8DDtIvVMK3vI9Eou4jx8rBqs0UXYA-XWurBESkWBX7aNJ89ouQRQql2-el5MX92uh8DBi1GDITY0WFwd0OpyB3gMGmIhiLn506wsdCz9WUQ3U3zU8UjHg&cry=1&dbm_d=AKAmf-DLvByEZItXGrOmcyX37OyzcpQ0RdHLUr4egBvoSQutkeZNVEepeAc2HgWTcAfpBIOaeWcjY9TCR6x7bX19P5dPwGDW7Y7lTvscDbcfGg9KBhL4K03o8Pp3EcoPR9dsoYwqexf4zom5lZ44RXAkUOa_y_4-1RAYCY9ozyQKLONQzHY3nvRrGzbda6VIXyWnSo-ElhEgOGDNpJZnTiYHiKo8bIdEP4seKq7YIV-58VsLzbiSzMU5vpjH8nN7W7z9PJFLkDv1C-mFWuHOVFWH7EOWYaDjHLbPuHkO9atRhpj_-0BY5Eq-xDa3bQ0hXKCBvQfWrA44IZ3Gi69RvP9B7RPoZ-g7yfm7_qhA_k0HIblSuMc5SNgZ_HI0v75JCsptbEsq7tvLECO0Gna6NXC6qZIEamcnPJty5CxPSkg2YWpGynOwAWowSB-CbgLAgzRuo06Kd1ZqLkABImZNksPPdVTxzu3eqzezSkEFZCn-9sRjr5wnAiqtzCY-Hu2j1J5g1r6koGzpl9JvqdsixoHZyEc-KHn2fxGFRf_4tqFfzAlshCSjwAulJYRQwO7rvFJrPLu7AVwZbxibdntLXvBJ3sJr50v7vUKX7jdaaU1U8UFRhFtR_JYjVa_mOV34Ot4h4Y0FA-SD_A6FM1wVD4AYuY28GZmkYMwbw009RPLx4Iwomn95VfY92kPc-mGZiMn_UTnPqylw2SY0UnbslwEyueiD1krCv_daI3b-POSjXcPvEnbJVCORKjJjrXPDRgSCIBQVH7hF9tRZ2kL-VSY8bFnliBhByaL00bXJnkDxnRJTMN0SIcT-FgnEzmIY1AALOLn0O0HghzULdt000YzwJ4tdHrPnhpZK2PLdUCFC8bFYsailHLAeOwT4g37VsCtXmYmq6ED8Z9Dd54ow159G0LsIeC8uj9JyI9w57ZFrjRJwD9Yz-GKexQRWC4_5rj_f_ywXB5eEOWqBtEr3XBZukmJ0PdUfLVJ3r_vqBahlECWZ2yYBlKXpcLoCvIayHUIQ4E3G4Hf23zBJBL5_ECkh-JWFe6NFKCZTlxgoa3VJ5EfFQgBoElP2MD9wxG0s4nx4zgDi5caSeRCc379iDet82s7rIQsjERRthcWNiBBETRci1b36lrW_uazXJ1VBsBaXsFn0Tbf46pJg3FMsSxaDiY7o66gzZAFbT9HjYLJir5a42YIN4-dB5qmGLtNFdpKyYHU7orZwIeuYOgXtKzadraeA7KiKPrdDPZIMXoW-cg6wmacxEbbx_KkYO4SPPfvtb6-FXKZdddo_eKNpc1MLrqF6vMLNVAG7T2r_p0Q0LZfqecHenh7DXiJKwFufqypHbijq0qxuKt8ZW3HepvrJW5eu5nDZD-DWhzhhVTi3Fd-yrs80y4go_RotJpFWpvvFXsu65IlcaHJd3ZPS0PEiBqsczaGgi99Op9innGB0Y5crxfQMDG8AAnY7HxfHAX9Jp8x--q5OWRc1wo91Oz4r2jzsd2_3tXfc-A2prxNZRfB-h_SqXTJqzTJ7btM9nx9Pwu_mPY80F-hRsx48uya3aCmIJpuss7YO5ha7U96CMQHN-cmvF0U74sFke3pIultUtsqzmPgfIjyEym1F7A8xY5JCL8OmyKRRO63KxnnfZoyR4gNp4-8CfZlXJBfNgJvRIdYa1eRQi5LTu0qltsNesoE7lQgOiVA2yTgiUrFy4i3aIsZWMjgBa7YcFXOiPI5PAYh5sp85RzUYEcZxe06S9lk8bhizRJFrP2tr9xi0mKrG4gxNHLuurLIxMVKnoREI7B-NwZb2fdpeFvhm_4qTqs_IbfbzB-TjMAU71AktuZ7krWHXT1zJ5eRMhOHnJKcYgfa1O86sxlCS3Lf0kmv_9xAUF5FQ0XmNZ1tGfj_tFnhlsKspcPS-9RCRg82n3MD94WpqZlNIGcHXfIBn4litPBX0NMgthmxwnAB48XriahDJd9gylssWt0rm-hIv_-eqdKWPIPxX021BQqQyZ63fB7DmUiho4y46Di-DX3pRc4An6x_ddOvC5ALuSH1t0ct1WMXMFuhnaydu-n77USF6Kx0McwkxLJ0Rd2ID2FkUkATWShWnYcwRI4Cn5vGCH8pZtU1wFpN6C9BD_EIkCvIrmPaiNWQFK64iU17FhKFRjn6aGHtOzDO7JTJbU6oQJueNOMIKVInSmVQW7O-_aTe2ZAh5b2-eGNKGH3eoRzMVKWbDuaOBkpqxLtrHl37Ql7fSrimWebWdZg04yu_WnG_5OBthuJROegTIMUg9EQgwpOXZD1-tx2khlompJNXykhtL7Ip8UWSbU_szFxT8B8FDQqXFqJbCY1TMO-sm3BMyHuT6b6XbJfX4_73Q_tg6V4XPyWoV4PI93ytMUPEEbTGkZkAGkeJ7XLBRQBlVPARHPG9v5VZ_klq04WG22KSStv8do5iOTw-IKqtlXd369ufVRX-8OELWeTZUpqWgQxi-McYFoxcWgNNx43E7bgu1KGqvMxXDjIJOPZVdyXmDlxRYT3hBq0F2-0fehq8x5XEzCxR5DSt0PRtWKZubHKC5j8L44_o0b_s_gmSsMngx8md34bvsLmgkbt0k3pFuHwn1lI_Bx2W-bhnprpzOjIeQMOvECGtU6LgszKjyoP-6F_P_gl9cfBa7PmJAYPa80gq2u-C83AiYNNmSAbrQcgNalZPl98e34oc2JDVKcvwlO4gSF2MPotv7zVd_Qbd2w7yGRa4EIKwJZeuzLlQXTo5mgZagOFBwE7zRw4cdRVElR48lXF7jjXQHRubY9MhyOlMEMIC1oZppA_F9NCZ-2yusd57xRggrMIZlVYmJpzNRC22ToyCYEucrcvaEyyBx8pRnrPRgihrA9uy6B2IlwM_bRuroDBHLO2LNernBbkAQmOaj9AjJBUuZSeSjxWxBH897Lg6CjaZ3n9MVuqoW4INXCsC1cEjJqP8Wgep5PkcQLjE-v8Pgz8KTdljMnIBW0xWvJjryvD1Jcsk2FAjpXdlnwVFN2fmo7mEWTZAt5rFrIG_0beQ7iZQ4sNK-Y_3VmkbhCASHRzZL94DNS8Q_hJkO3Uuuqzf60Pr5i8ms_dzQPurmd_K3FYoceA&pr=8:9F464A194B16EA9D&cid=CAASBORoiQI&rfl=2%2Chttps%253A%252F%252Fouo.press%252FlYuVAs%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9475
x-xss-protection
0
server
cafe
etag
15988442915344899701
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Dec 2021 21:10:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1ED3 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axt7_octnBA5gv9m4BzvC2zsMGeMytr6s_SxPoC8DDtIvVMK3vI9Eou4jx8rBqs0UXYA-XWurBESkWBX7aNJ89ouQRQql2-el5MX92uh8DBi1GDITY0WFwd0OpyB3gMGmIhiLn506wsdCz9WUQ3U3zU8UjHg&cry=1&dbm_d=AKAmf-DLvByEZItXGrOmcyX37OyzcpQ0RdHLUr4egBvoSQutkeZNVEepeAc2HgWTcAfpBIOaeWcjY9TCR6x7bX19P5dPwGDW7Y7lTvscDbcfGg9KBhL4K03o8Pp3EcoPR9dsoYwqexf4zom5lZ44RXAkUOa_y_4-1RAYCY9ozyQKLONQzHY3nvRrGzbda6VIXyWnSo-ElhEgOGDNpJZnTiYHiKo8bIdEP4seKq7YIV-58VsLzbiSzMU5vpjH8nN7W7z9PJFLkDv1C-mFWuHOVFWH7EOWYaDjHLbPuHkO9atRhpj_-0BY5Eq-xDa3bQ0hXKCBvQfWrA44IZ3Gi69RvP9B7RPoZ-g7yfm7_qhA_k0HIblSuMc5SNgZ_HI0v75JCsptbEsq7tvLECO0Gna6NXC6qZIEamcnPJty5CxPSkg2YWpGynOwAWowSB-CbgLAgzRuo06Kd1ZqLkABImZNksPPdVTxzu3eqzezSkEFZCn-9sRjr5wnAiqtzCY-Hu2j1J5g1r6koGzpl9JvqdsixoHZyEc-KHn2fxGFRf_4tqFfzAlshCSjwAulJYRQwO7rvFJrPLu7AVwZbxibdntLXvBJ3sJr50v7vUKX7jdaaU1U8UFRhFtR_JYjVa_mOV34Ot4h4Y0FA-SD_A6FM1wVD4AYuY28GZmkYMwbw009RPLx4Iwomn95VfY92kPc-mGZiMn_UTnPqylw2SY0UnbslwEyueiD1krCv_daI3b-POSjXcPvEnbJVCORKjJjrXPDRgSCIBQVH7hF9tRZ2kL-VSY8bFnliBhByaL00bXJnkDxnRJTMN0SIcT-FgnEzmIY1AALOLn0O0HghzULdt000YzwJ4tdHrPnhpZK2PLdUCFC8bFYsailHLAeOwT4g37VsCtXmYmq6ED8Z9Dd54ow159G0LsIeC8uj9JyI9w57ZFrjRJwD9Yz-GKexQRWC4_5rj_f_ywXB5eEOWqBtEr3XBZukmJ0PdUfLVJ3r_vqBahlECWZ2yYBlKXpcLoCvIayHUIQ4E3G4Hf23zBJBL5_ECkh-JWFe6NFKCZTlxgoa3VJ5EfFQgBoElP2MD9wxG0s4nx4zgDi5caSeRCc379iDet82s7rIQsjERRthcWNiBBETRci1b36lrW_uazXJ1VBsBaXsFn0Tbf46pJg3FMsSxaDiY7o66gzZAFbT9HjYLJir5a42YIN4-dB5qmGLtNFdpKyYHU7orZwIeuYOgXtKzadraeA7KiKPrdDPZIMXoW-cg6wmacxEbbx_KkYO4SPPfvtb6-FXKZdddo_eKNpc1MLrqF6vMLNVAG7T2r_p0Q0LZfqecHenh7DXiJKwFufqypHbijq0qxuKt8ZW3HepvrJW5eu5nDZD-DWhzhhVTi3Fd-yrs80y4go_RotJpFWpvvFXsu65IlcaHJd3ZPS0PEiBqsczaGgi99Op9innGB0Y5crxfQMDG8AAnY7HxfHAX9Jp8x--q5OWRc1wo91Oz4r2jzsd2_3tXfc-A2prxNZRfB-h_SqXTJqzTJ7btM9nx9Pwu_mPY80F-hRsx48uya3aCmIJpuss7YO5ha7U96CMQHN-cmvF0U74sFke3pIultUtsqzmPgfIjyEym1F7A8xY5JCL8OmyKRRO63KxnnfZoyR4gNp4-8CfZlXJBfNgJvRIdYa1eRQi5LTu0qltsNesoE7lQgOiVA2yTgiUrFy4i3aIsZWMjgBa7YcFXOiPI5PAYh5sp85RzUYEcZxe06S9lk8bhizRJFrP2tr9xi0mKrG4gxNHLuurLIxMVKnoREI7B-NwZb2fdpeFvhm_4qTqs_IbfbzB-TjMAU71AktuZ7krWHXT1zJ5eRMhOHnJKcYgfa1O86sxlCS3Lf0kmv_9xAUF5FQ0XmNZ1tGfj_tFnhlsKspcPS-9RCRg82n3MD94WpqZlNIGcHXfIBn4litPBX0NMgthmxwnAB48XriahDJd9gylssWt0rm-hIv_-eqdKWPIPxX021BQqQyZ63fB7DmUiho4y46Di-DX3pRc4An6x_ddOvC5ALuSH1t0ct1WMXMFuhnaydu-n77USF6Kx0McwkxLJ0Rd2ID2FkUkATWShWnYcwRI4Cn5vGCH8pZtU1wFpN6C9BD_EIkCvIrmPaiNWQFK64iU17FhKFRjn6aGHtOzDO7JTJbU6oQJueNOMIKVInSmVQW7O-_aTe2ZAh5b2-eGNKGH3eoRzMVKWbDuaOBkpqxLtrHl37Ql7fSrimWebWdZg04yu_WnG_5OBthuJROegTIMUg9EQgwpOXZD1-tx2khlompJNXykhtL7Ip8UWSbU_szFxT8B8FDQqXFqJbCY1TMO-sm3BMyHuT6b6XbJfX4_73Q_tg6V4XPyWoV4PI93ytMUPEEbTGkZkAGkeJ7XLBRQBlVPARHPG9v5VZ_klq04WG22KSStv8do5iOTw-IKqtlXd369ufVRX-8OELWeTZUpqWgQxi-McYFoxcWgNNx43E7bgu1KGqvMxXDjIJOPZVdyXmDlxRYT3hBq0F2-0fehq8x5XEzCxR5DSt0PRtWKZubHKC5j8L44_o0b_s_gmSsMngx8md34bvsLmgkbt0k3pFuHwn1lI_Bx2W-bhnprpzOjIeQMOvECGtU6LgszKjyoP-6F_P_gl9cfBa7PmJAYPa80gq2u-C83AiYNNmSAbrQcgNalZPl98e34oc2JDVKcvwlO4gSF2MPotv7zVd_Qbd2w7yGRa4EIKwJZeuzLlQXTo5mgZagOFBwE7zRw4cdRVElR48lXF7jjXQHRubY9MhyOlMEMIC1oZppA_F9NCZ-2yusd57xRggrMIZlVYmJpzNRC22ToyCYEucrcvaEyyBx8pRnrPRgihrA9uy6B2IlwM_bRuroDBHLO2LNernBbkAQmOaj9AjJBUuZSeSjxWxBH897Lg6CjaZ3n9MVuqoW4INXCsC1cEjJqP8Wgep5PkcQLjE-v8Pgz8KTdljMnIBW0xWvJjryvD1Jcsk2FAjpXdlnwVFN2fmo7mEWTZAt5rFrIG_0beQ7iZQ4sNK-Y_3VmkbhCASHRzZL94DNS8Q_hJkO3Uuuqzf60Pr5i8ms_dzQPurmd_K3FYoceA&pr=8:9F464A194B16EA9D&cid=CAASBORoiQI&rfl=2%2Chttps%253A%252F%252Fouo.press%252FlYuVAs%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Nov 2021 21:12:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 1ED3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axt7_octnBA5gv9m4BzvC2zsMGeMytr6s_SxPoC8DDtIvVMK3vI9Eou4jx8rBqs0UXYA-XWurBESkWBX7aNJ89ouQRQql2-el5MX92uh8DBi1GDITY0WFwd0OpyB3gMGmIhiLn506wsdCz9WUQ3U3zU8UjHg&cry=1&dbm_d=AKAmf-DLvByEZItXGrOmcyX37OyzcpQ0RdHLUr4egBvoSQutkeZNVEepeAc2HgWTcAfpBIOaeWcjY9TCR6x7bX19P5dPwGDW7Y7lTvscDbcfGg9KBhL4K03o8Pp3EcoPR9dsoYwqexf4zom5lZ44RXAkUOa_y_4-1RAYCY9ozyQKLONQzHY3nvRrGzbda6VIXyWnSo-ElhEgOGDNpJZnTiYHiKo8bIdEP4seKq7YIV-58VsLzbiSzMU5vpjH8nN7W7z9PJFLkDv1C-mFWuHOVFWH7EOWYaDjHLbPuHkO9atRhpj_-0BY5Eq-xDa3bQ0hXKCBvQfWrA44IZ3Gi69RvP9B7RPoZ-g7yfm7_qhA_k0HIblSuMc5SNgZ_HI0v75JCsptbEsq7tvLECO0Gna6NXC6qZIEamcnPJty5CxPSkg2YWpGynOwAWowSB-CbgLAgzRuo06Kd1ZqLkABImZNksPPdVTxzu3eqzezSkEFZCn-9sRjr5wnAiqtzCY-Hu2j1J5g1r6koGzpl9JvqdsixoHZyEc-KHn2fxGFRf_4tqFfzAlshCSjwAulJYRQwO7rvFJrPLu7AVwZbxibdntLXvBJ3sJr50v7vUKX7jdaaU1U8UFRhFtR_JYjVa_mOV34Ot4h4Y0FA-SD_A6FM1wVD4AYuY28GZmkYMwbw009RPLx4Iwomn95VfY92kPc-mGZiMn_UTnPqylw2SY0UnbslwEyueiD1krCv_daI3b-POSjXcPvEnbJVCORKjJjrXPDRgSCIBQVH7hF9tRZ2kL-VSY8bFnliBhByaL00bXJnkDxnRJTMN0SIcT-FgnEzmIY1AALOLn0O0HghzULdt000YzwJ4tdHrPnhpZK2PLdUCFC8bFYsailHLAeOwT4g37VsCtXmYmq6ED8Z9Dd54ow159G0LsIeC8uj9JyI9w57ZFrjRJwD9Yz-GKexQRWC4_5rj_f_ywXB5eEOWqBtEr3XBZukmJ0PdUfLVJ3r_vqBahlECWZ2yYBlKXpcLoCvIayHUIQ4E3G4Hf23zBJBL5_ECkh-JWFe6NFKCZTlxgoa3VJ5EfFQgBoElP2MD9wxG0s4nx4zgDi5caSeRCc379iDet82s7rIQsjERRthcWNiBBETRci1b36lrW_uazXJ1VBsBaXsFn0Tbf46pJg3FMsSxaDiY7o66gzZAFbT9HjYLJir5a42YIN4-dB5qmGLtNFdpKyYHU7orZwIeuYOgXtKzadraeA7KiKPrdDPZIMXoW-cg6wmacxEbbx_KkYO4SPPfvtb6-FXKZdddo_eKNpc1MLrqF6vMLNVAG7T2r_p0Q0LZfqecHenh7DXiJKwFufqypHbijq0qxuKt8ZW3HepvrJW5eu5nDZD-DWhzhhVTi3Fd-yrs80y4go_RotJpFWpvvFXsu65IlcaHJd3ZPS0PEiBqsczaGgi99Op9innGB0Y5crxfQMDG8AAnY7HxfHAX9Jp8x--q5OWRc1wo91Oz4r2jzsd2_3tXfc-A2prxNZRfB-h_SqXTJqzTJ7btM9nx9Pwu_mPY80F-hRsx48uya3aCmIJpuss7YO5ha7U96CMQHN-cmvF0U74sFke3pIultUtsqzmPgfIjyEym1F7A8xY5JCL8OmyKRRO63KxnnfZoyR4gNp4-8CfZlXJBfNgJvRIdYa1eRQi5LTu0qltsNesoE7lQgOiVA2yTgiUrFy4i3aIsZWMjgBa7YcFXOiPI5PAYh5sp85RzUYEcZxe06S9lk8bhizRJFrP2tr9xi0mKrG4gxNHLuurLIxMVKnoREI7B-NwZb2fdpeFvhm_4qTqs_IbfbzB-TjMAU71AktuZ7krWHXT1zJ5eRMhOHnJKcYgfa1O86sxlCS3Lf0kmv_9xAUF5FQ0XmNZ1tGfj_tFnhlsKspcPS-9RCRg82n3MD94WpqZlNIGcHXfIBn4litPBX0NMgthmxwnAB48XriahDJd9gylssWt0rm-hIv_-eqdKWPIPxX021BQqQyZ63fB7DmUiho4y46Di-DX3pRc4An6x_ddOvC5ALuSH1t0ct1WMXMFuhnaydu-n77USF6Kx0McwkxLJ0Rd2ID2FkUkATWShWnYcwRI4Cn5vGCH8pZtU1wFpN6C9BD_EIkCvIrmPaiNWQFK64iU17FhKFRjn6aGHtOzDO7JTJbU6oQJueNOMIKVInSmVQW7O-_aTe2ZAh5b2-eGNKGH3eoRzMVKWbDuaOBkpqxLtrHl37Ql7fSrimWebWdZg04yu_WnG_5OBthuJROegTIMUg9EQgwpOXZD1-tx2khlompJNXykhtL7Ip8UWSbU_szFxT8B8FDQqXFqJbCY1TMO-sm3BMyHuT6b6XbJfX4_73Q_tg6V4XPyWoV4PI93ytMUPEEbTGkZkAGkeJ7XLBRQBlVPARHPG9v5VZ_klq04WG22KSStv8do5iOTw-IKqtlXd369ufVRX-8OELWeTZUpqWgQxi-McYFoxcWgNNx43E7bgu1KGqvMxXDjIJOPZVdyXmDlxRYT3hBq0F2-0fehq8x5XEzCxR5DSt0PRtWKZubHKC5j8L44_o0b_s_gmSsMngx8md34bvsLmgkbt0k3pFuHwn1lI_Bx2W-bhnprpzOjIeQMOvECGtU6LgszKjyoP-6F_P_gl9cfBa7PmJAYPa80gq2u-C83AiYNNmSAbrQcgNalZPl98e34oc2JDVKcvwlO4gSF2MPotv7zVd_Qbd2w7yGRa4EIKwJZeuzLlQXTo5mgZagOFBwE7zRw4cdRVElR48lXF7jjXQHRubY9MhyOlMEMIC1oZppA_F9NCZ-2yusd57xRggrMIZlVYmJpzNRC22ToyCYEucrcvaEyyBx8pRnrPRgihrA9uy6B2IlwM_bRuroDBHLO2LNernBbkAQmOaj9AjJBUuZSeSjxWxBH897Lg6CjaZ3n9MVuqoW4INXCsC1cEjJqP8Wgep5PkcQLjE-v8Pgz8KTdljMnIBW0xWvJjryvD1Jcsk2FAjpXdlnwVFN2fmo7mEWTZAt5rFrIG_0beQ7iZQ4sNK-Y_3VmkbhCASHRzZL94DNS8Q_hJkO3Uuuqzf60Pr5i8ms_dzQPurmd_K3FYoceA&pr=8:9F464A194B16EA9D&cid=CAASBORoiQI&rfl=2%2Chttps%253A%252F%252Fouo.press%252FlYuVAs%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Dec 2021 21:01:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1ED3 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6BXs16iSPk6-7QZGY-yqOBe8tGlMsNpNtfUaW5SU67tUuEgOrUGzSLXJ0fnt3kejAANu5i-9ttSWfQM4TNG7BXufyN59QhOwIHiiOSGK6Tn0G3jg9UDB5Neh1074ygrGtRbZBKof8wwaXu4dssXLNiCpoHUTy8Qglwkpzym9U581XSA5drRweiC5zU8KFgJJ2gp8ws31Yi8AxnT8sIQlsyPAhoFPDBB8y3spW-fK4wKK9xNpGIZPK8WEdJ4fMElHb5i4Nax9qSOqEWnyrDk-COEFAO4KQnxBWeFvmZSXWX87ir-GNtlJWk3jtHZ5klhsgzPrbzOLV_cuS7KQy4V86YS9_O_19xel3TEHyJRnnz2DxUOqeUo8rA15j3l1lK3Gqn2vA-bCox5NbvZqasK7bnN0LyJ7cBYjns5dNa77KEPIJAfdh1FVIo0S_7WiLFZqngBPW-1f4Q0cbvVyVoFm0ONzMmyC0BZ_1H2sVQmvheXhXqADyY9-Mj5U7FOLn8e5SxG7kYizjnD37dyyPG4cvaYJqCl07VQpy6LodvVjEhC3xVYxVL1YeLNMhwFjairv8ICrVDBlabi1iXvKimZM2zIwKzA55ryeuuZxQVelwBiHNc8RHY_JXuwbLDL-39B7O9spYWrJzl6TkMDWD4jCfdGwDaj1Z4DvDA_aFFO_Yz1y1FSVHTreQvGgZRZ3TEPYTows8oEcjpeU_Eqow20-In0wzQ4nYFAo_84-loyqUVIXOqu6Xd7U5bfCZVo7U7IwsYeL3TrjPVD2NBaDbYfGGRsyNO93IBKeYdcpkCr6x_yk_X3Mevy3_pr9NPsRRv_qdFsM0yrj5yy9HLzTh9kG4_epkR8CvVaeJEtxgF7VNvBUstjuyt3Ynlod9KOVbfMwW3d34gNiwbxd13c9EHaPmIjQkbvL18tuz1zPM5xExIc9eHIRLZQQGwCm3Za4v-fcQrx0jgIuF_lKB8P16c59tPH0enlxXJiQrgby6zrhHwniT2IRZ&sai=AMfl-YS2zkZqqNVNkJW9GZ84d-ojb_2jlbCimpD_OtaI2p1A8xoTPILTXC7T1cGWCtX5pZmli7Jfil9tjl5yJ6RAzgQpMvDSV1FDe8UGWpjm2DUUE5Zj7w&sig=Cg0ArKJSzE6cUDiNnppCEAE&uach_m=[UACH]&pr=8:9F464A194B16EA9D&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20211111.26193&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axt7_octnBA5gv9m4BzvC2zsMGeMytr6s_SxPoC8DDtIvVMK3vI9Eou4jx8rBqs0UXYA-XWurBESkWBX7aNJ89ouQRQql2-el5MX92uh8DBi1GDITY0WFwd0OpyB3gMGmIhiLn506wsdCz9WUQ3U3zU8UjHg&cry=1&dbm_d=AKAmf-DLvByEZItXGrOmcyX37OyzcpQ0RdHLUr4egBvoSQutkeZNVEepeAc2HgWTcAfpBIOaeWcjY9TCR6x7bX19P5dPwGDW7Y7lTvscDbcfGg9KBhL4K03o8Pp3EcoPR9dsoYwqexf4zom5lZ44RXAkUOa_y_4-1RAYCY9ozyQKLONQzHY3nvRrGzbda6VIXyWnSo-ElhEgOGDNpJZnTiYHiKo8bIdEP4seKq7YIV-58VsLzbiSzMU5vpjH8nN7W7z9PJFLkDv1C-mFWuHOVFWH7EOWYaDjHLbPuHkO9atRhpj_-0BY5Eq-xDa3bQ0hXKCBvQfWrA44IZ3Gi69RvP9B7RPoZ-g7yfm7_qhA_k0HIblSuMc5SNgZ_HI0v75JCsptbEsq7tvLECO0Gna6NXC6qZIEamcnPJty5CxPSkg2YWpGynOwAWowSB-CbgLAgzRuo06Kd1ZqLkABImZNksPPdVTxzu3eqzezSkEFZCn-9sRjr5wnAiqtzCY-Hu2j1J5g1r6koGzpl9JvqdsixoHZyEc-KHn2fxGFRf_4tqFfzAlshCSjwAulJYRQwO7rvFJrPLu7AVwZbxibdntLXvBJ3sJr50v7vUKX7jdaaU1U8UFRhFtR_JYjVa_mOV34Ot4h4Y0FA-SD_A6FM1wVD4AYuY28GZmkYMwbw009RPLx4Iwomn95VfY92kPc-mGZiMn_UTnPqylw2SY0UnbslwEyueiD1krCv_daI3b-POSjXcPvEnbJVCORKjJjrXPDRgSCIBQVH7hF9tRZ2kL-VSY8bFnliBhByaL00bXJnkDxnRJTMN0SIcT-FgnEzmIY1AALOLn0O0HghzULdt000YzwJ4tdHrPnhpZK2PLdUCFC8bFYsailHLAeOwT4g37VsCtXmYmq6ED8Z9Dd54ow159G0LsIeC8uj9JyI9w57ZFrjRJwD9Yz-GKexQRWC4_5rj_f_ywXB5eEOWqBtEr3XBZukmJ0PdUfLVJ3r_vqBahlECWZ2yYBlKXpcLoCvIayHUIQ4E3G4Hf23zBJBL5_ECkh-JWFe6NFKCZTlxgoa3VJ5EfFQgBoElP2MD9wxG0s4nx4zgDi5caSeRCc379iDet82s7rIQsjERRthcWNiBBETRci1b36lrW_uazXJ1VBsBaXsFn0Tbf46pJg3FMsSxaDiY7o66gzZAFbT9HjYLJir5a42YIN4-dB5qmGLtNFdpKyYHU7orZwIeuYOgXtKzadraeA7KiKPrdDPZIMXoW-cg6wmacxEbbx_KkYO4SPPfvtb6-FXKZdddo_eKNpc1MLrqF6vMLNVAG7T2r_p0Q0LZfqecHenh7DXiJKwFufqypHbijq0qxuKt8ZW3HepvrJW5eu5nDZD-DWhzhhVTi3Fd-yrs80y4go_RotJpFWpvvFXsu65IlcaHJd3ZPS0PEiBqsczaGgi99Op9innGB0Y5crxfQMDG8AAnY7HxfHAX9Jp8x--q5OWRc1wo91Oz4r2jzsd2_3tXfc-A2prxNZRfB-h_SqXTJqzTJ7btM9nx9Pwu_mPY80F-hRsx48uya3aCmIJpuss7YO5ha7U96CMQHN-cmvF0U74sFke3pIultUtsqzmPgfIjyEym1F7A8xY5JCL8OmyKRRO63KxnnfZoyR4gNp4-8CfZlXJBfNgJvRIdYa1eRQi5LTu0qltsNesoE7lQgOiVA2yTgiUrFy4i3aIsZWMjgBa7YcFXOiPI5PAYh5sp85RzUYEcZxe06S9lk8bhizRJFrP2tr9xi0mKrG4gxNHLuurLIxMVKnoREI7B-NwZb2fdpeFvhm_4qTqs_IbfbzB-TjMAU71AktuZ7krWHXT1zJ5eRMhOHnJKcYgfa1O86sxlCS3Lf0kmv_9xAUF5FQ0XmNZ1tGfj_tFnhlsKspcPS-9RCRg82n3MD94WpqZlNIGcHXfIBn4litPBX0NMgthmxwnAB48XriahDJd9gylssWt0rm-hIv_-eqdKWPIPxX021BQqQyZ63fB7DmUiho4y46Di-DX3pRc4An6x_ddOvC5ALuSH1t0ct1WMXMFuhnaydu-n77USF6Kx0McwkxLJ0Rd2ID2FkUkATWShWnYcwRI4Cn5vGCH8pZtU1wFpN6C9BD_EIkCvIrmPaiNWQFK64iU17FhKFRjn6aGHtOzDO7JTJbU6oQJueNOMIKVInSmVQW7O-_aTe2ZAh5b2-eGNKGH3eoRzMVKWbDuaOBkpqxLtrHl37Ql7fSrimWebWdZg04yu_WnG_5OBthuJROegTIMUg9EQgwpOXZD1-tx2khlompJNXykhtL7Ip8UWSbU_szFxT8B8FDQqXFqJbCY1TMO-sm3BMyHuT6b6XbJfX4_73Q_tg6V4XPyWoV4PI93ytMUPEEbTGkZkAGkeJ7XLBRQBlVPARHPG9v5VZ_klq04WG22KSStv8do5iOTw-IKqtlXd369ufVRX-8OELWeTZUpqWgQxi-McYFoxcWgNNx43E7bgu1KGqvMxXDjIJOPZVdyXmDlxRYT3hBq0F2-0fehq8x5XEzCxR5DSt0PRtWKZubHKC5j8L44_o0b_s_gmSsMngx8md34bvsLmgkbt0k3pFuHwn1lI_Bx2W-bhnprpzOjIeQMOvECGtU6LgszKjyoP-6F_P_gl9cfBa7PmJAYPa80gq2u-C83AiYNNmSAbrQcgNalZPl98e34oc2JDVKcvwlO4gSF2MPotv7zVd_Qbd2w7yGRa4EIKwJZeuzLlQXTo5mgZagOFBwE7zRw4cdRVElR48lXF7jjXQHRubY9MhyOlMEMIC1oZppA_F9NCZ-2yusd57xRggrMIZlVYmJpzNRC22ToyCYEucrcvaEyyBx8pRnrPRgihrA9uy6B2IlwM_bRuroDBHLO2LNernBbkAQmOaj9AjJBUuZSeSjxWxBH897Lg6CjaZ3n9MVuqoW4INXCsC1cEjJqP8Wgep5PkcQLjE-v8Pgz8KTdljMnIBW0xWvJjryvD1Jcsk2FAjpXdlnwVFN2fmo7mEWTZAt5rFrIG_0beQ7iZQ4sNK-Y_3VmkbhCASHRzZL94DNS8Q_hJkO3Uuuqzf60Pr5i8ms_dzQPurmd_K3FYoceA&pr=8:9F464A194B16EA9D&cid=CAASBORoiQI&rfl=2%2Chttps%253A%252F%252Fouo.press%252FlYuVAs%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 28 Nov 2021 21:12:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1ED3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axt7_octnBA5gv9m4BzvC2zsMGeMytr6s_SxPoC8DDtIvVMK3vI9Eou4jx8rBqs0UXYA-XWurBESkWBX7aNJ89ouQRQql2-el5MX92uh8DBi1GDITY0WFwd0OpyB3gMGmIhiLn506wsdCz9WUQ3U3zU8UjHg&cry=1&dbm_d=AKAmf-DLvByEZItXGrOmcyX37OyzcpQ0RdHLUr4egBvoSQutkeZNVEepeAc2HgWTcAfpBIOaeWcjY9TCR6x7bX19P5dPwGDW7Y7lTvscDbcfGg9KBhL4K03o8Pp3EcoPR9dsoYwqexf4zom5lZ44RXAkUOa_y_4-1RAYCY9ozyQKLONQzHY3nvRrGzbda6VIXyWnSo-ElhEgOGDNpJZnTiYHiKo8bIdEP4seKq7YIV-58VsLzbiSzMU5vpjH8nN7W7z9PJFLkDv1C-mFWuHOVFWH7EOWYaDjHLbPuHkO9atRhpj_-0BY5Eq-xDa3bQ0hXKCBvQfWrA44IZ3Gi69RvP9B7RPoZ-g7yfm7_qhA_k0HIblSuMc5SNgZ_HI0v75JCsptbEsq7tvLECO0Gna6NXC6qZIEamcnPJty5CxPSkg2YWpGynOwAWowSB-CbgLAgzRuo06Kd1ZqLkABImZNksPPdVTxzu3eqzezSkEFZCn-9sRjr5wnAiqtzCY-Hu2j1J5g1r6koGzpl9JvqdsixoHZyEc-KHn2fxGFRf_4tqFfzAlshCSjwAulJYRQwO7rvFJrPLu7AVwZbxibdntLXvBJ3sJr50v7vUKX7jdaaU1U8UFRhFtR_JYjVa_mOV34Ot4h4Y0FA-SD_A6FM1wVD4AYuY28GZmkYMwbw009RPLx4Iwomn95VfY92kPc-mGZiMn_UTnPqylw2SY0UnbslwEyueiD1krCv_daI3b-POSjXcPvEnbJVCORKjJjrXPDRgSCIBQVH7hF9tRZ2kL-VSY8bFnliBhByaL00bXJnkDxnRJTMN0SIcT-FgnEzmIY1AALOLn0O0HghzULdt000YzwJ4tdHrPnhpZK2PLdUCFC8bFYsailHLAeOwT4g37VsCtXmYmq6ED8Z9Dd54ow159G0LsIeC8uj9JyI9w57ZFrjRJwD9Yz-GKexQRWC4_5rj_f_ywXB5eEOWqBtEr3XBZukmJ0PdUfLVJ3r_vqBahlECWZ2yYBlKXpcLoCvIayHUIQ4E3G4Hf23zBJBL5_ECkh-JWFe6NFKCZTlxgoa3VJ5EfFQgBoElP2MD9wxG0s4nx4zgDi5caSeRCc379iDet82s7rIQsjERRthcWNiBBETRci1b36lrW_uazXJ1VBsBaXsFn0Tbf46pJg3FMsSxaDiY7o66gzZAFbT9HjYLJir5a42YIN4-dB5qmGLtNFdpKyYHU7orZwIeuYOgXtKzadraeA7KiKPrdDPZIMXoW-cg6wmacxEbbx_KkYO4SPPfvtb6-FXKZdddo_eKNpc1MLrqF6vMLNVAG7T2r_p0Q0LZfqecHenh7DXiJKwFufqypHbijq0qxuKt8ZW3HepvrJW5eu5nDZD-DWhzhhVTi3Fd-yrs80y4go_RotJpFWpvvFXsu65IlcaHJd3ZPS0PEiBqsczaGgi99Op9innGB0Y5crxfQMDG8AAnY7HxfHAX9Jp8x--q5OWRc1wo91Oz4r2jzsd2_3tXfc-A2prxNZRfB-h_SqXTJqzTJ7btM9nx9Pwu_mPY80F-hRsx48uya3aCmIJpuss7YO5ha7U96CMQHN-cmvF0U74sFke3pIultUtsqzmPgfIjyEym1F7A8xY5JCL8OmyKRRO63KxnnfZoyR4gNp4-8CfZlXJBfNgJvRIdYa1eRQi5LTu0qltsNesoE7lQgOiVA2yTgiUrFy4i3aIsZWMjgBa7YcFXOiPI5PAYh5sp85RzUYEcZxe06S9lk8bhizRJFrP2tr9xi0mKrG4gxNHLuurLIxMVKnoREI7B-NwZb2fdpeFvhm_4qTqs_IbfbzB-TjMAU71AktuZ7krWHXT1zJ5eRMhOHnJKcYgfa1O86sxlCS3Lf0kmv_9xAUF5FQ0XmNZ1tGfj_tFnhlsKspcPS-9RCRg82n3MD94WpqZlNIGcHXfIBn4litPBX0NMgthmxwnAB48XriahDJd9gylssWt0rm-hIv_-eqdKWPIPxX021BQqQyZ63fB7DmUiho4y46Di-DX3pRc4An6x_ddOvC5ALuSH1t0ct1WMXMFuhnaydu-n77USF6Kx0McwkxLJ0Rd2ID2FkUkATWShWnYcwRI4Cn5vGCH8pZtU1wFpN6C9BD_EIkCvIrmPaiNWQFK64iU17FhKFRjn6aGHtOzDO7JTJbU6oQJueNOMIKVInSmVQW7O-_aTe2ZAh5b2-eGNKGH3eoRzMVKWbDuaOBkpqxLtrHl37Ql7fSrimWebWdZg04yu_WnG_5OBthuJROegTIMUg9EQgwpOXZD1-tx2khlompJNXykhtL7Ip8UWSbU_szFxT8B8FDQqXFqJbCY1TMO-sm3BMyHuT6b6XbJfX4_73Q_tg6V4XPyWoV4PI93ytMUPEEbTGkZkAGkeJ7XLBRQBlVPARHPG9v5VZ_klq04WG22KSStv8do5iOTw-IKqtlXd369ufVRX-8OELWeTZUpqWgQxi-McYFoxcWgNNx43E7bgu1KGqvMxXDjIJOPZVdyXmDlxRYT3hBq0F2-0fehq8x5XEzCxR5DSt0PRtWKZubHKC5j8L44_o0b_s_gmSsMngx8md34bvsLmgkbt0k3pFuHwn1lI_Bx2W-bhnprpzOjIeQMOvECGtU6LgszKjyoP-6F_P_gl9cfBa7PmJAYPa80gq2u-C83AiYNNmSAbrQcgNalZPl98e34oc2JDVKcvwlO4gSF2MPotv7zVd_Qbd2w7yGRa4EIKwJZeuzLlQXTo5mgZagOFBwE7zRw4cdRVElR48lXF7jjXQHRubY9MhyOlMEMIC1oZppA_F9NCZ-2yusd57xRggrMIZlVYmJpzNRC22ToyCYEucrcvaEyyBx8pRnrPRgihrA9uy6B2IlwM_bRuroDBHLO2LNernBbkAQmOaj9AjJBUuZSeSjxWxBH897Lg6CjaZ3n9MVuqoW4INXCsC1cEjJqP8Wgep5PkcQLjE-v8Pgz8KTdljMnIBW0xWvJjryvD1Jcsk2FAjpXdlnwVFN2fmo7mEWTZAt5rFrIG_0beQ7iZQ4sNK-Y_3VmkbhCASHRzZL94DNS8Q_hJkO3Uuuqzf60Pr5i8ms_dzQPurmd_K3FYoceA&pr=8:9F464A194B16EA9D&cid=CAASBORoiQI&rfl=2%2Chttps%253A%252F%252Fouo.press%252FlYuVAs%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 12:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 26 Nov 2022 12:48:05 GMT
9126658988287299042
s0.2mdn.net/simgad/ Frame 1ED3 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9126658988287299042
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6914594679eac5b7740de3d2f7362c40383b16437a3488d34c6ce48898fd7bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 08:01:44 GMT
x-content-type-options
nosniff
age
47445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73607
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 10:40:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Nov 2022 08:01:44 GMT
analytics.js
s.update.rubiconproject.com/2/873648/ Frame 1ED3 		0
64 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/873648/analytics.js?si=202928&di=ouo.press&ap=&dm=2&pi=1317174&ti=7fa2ec49-63fc-4337-a1b4-b5c2fa13c5bf&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 21:12:29 GMT
usync.html
eus.rubiconproject.com/ Frame 4C3D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=uk
Requested by
Host: ouo.press
URL: https://ouo.press/lYuVAs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Nov 2021 21:12:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6047 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 26 Nov 2021 12:48:06 GMT
expires
Sat, 26 Nov 2022 12:48:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
203064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 1ED3 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6BXs16iSPk6-7QZGY-yqOBe8tGlMsNpNtfUaW5SU67tUuEgOrUGzSLXJ0fnt3kejAANu5i-9ttSWfQM4TNG7BXufyN59QhOwIHiiOSGK6Tn0G3jg9UDB5Neh1074ygrGtRbZBKof8wwaXu4dssXLNiCpoHUTy8Qglwkpzym9U581XSA5drRweiC5zU8KFgJJ2gp8ws31Yi8AxnT8sIQlsyPAhoFPDBB8y3spW-fK4wKK9xNpGIZPK8WEdJ4fMElHb5i4Nax9qSOqEWnyrDk-COEFAO4KQnxBWeFvmZSXWX87ir-GNtlJWk3jtHZ5klhsgzPrbzOLV_cuS7KQy4V86YS9_O_19xel3TEHyJRnnz2DxUOqeUo8rA15j3l1lK3Gqn2vA-bCox5NbvZqasK7bnN0LyJ7cBYjns5dNa77KEPIJAfdh1FVIo0S_7WiLFZqngBPW-1f4Q0cbvVyVoFm0ONzMmyC0BZ_1H2sVQmvheXhXqADyY9-Mj5U7FOLn8e5SxG7kYizjnD37dyyPG4cvaYJqCl07VQpy6LodvVjEhC3xVYxVL1YeLNMhwFjairv8ICrVDBlabi1iXvKimZM2zIwKzA55ryeuuZxQVelwBiHNc8RHY_JXuwbLDL-39B7O9spYWrJzl6TkMDWD4jCfdGwDaj1Z4DvDA_aFFO_Yz1y1FSVHTreQvGgZRZ3TEPYTows8oEcjpeU_Eqow20-In0wzQ4nYFAo_84-loyqUVIXOqu6Xd7U5bfCZVo7U7IwsYeL3TrjPVD2NBaDbYfGGRsyNO93IBKeYdcpkCr6x_yk_X3Mevy3_pr9NPsRRv_qdFsM0yrj5yy9HLzTh9kG4_epkR8CvVaeJEtxgF7VNvBUstjuyt3Ynlod9KOVbfMwW3d34gNiwbxd13c9EHaPmIjQkbvL18tuz1zPM5xExIc9eHIRLZQQGwCm3Za4v-fcQrx0jgIuF_lKB8P16c59tPH0enlxXJiQrgby6zrhHwniT2IRZ&sai=AMfl-YS2zkZqqNVNkJW9GZ84d-ojb_2jlbCimpD_OtaI2p1A8xoTPILTXC7T1cGWCtX5pZmli7Jfil9tjl5yJ6RAzgQpMvDSV1FDe8UGWpjm2DUUE5Zj7w&sig=Cg0ArKJSzE6cUDiNnppCEAE&uach_m=[UACH]&pr=8:9F464A194B16EA9D&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=228&vt=11&dtpt=225&dett=2&cstd=0&cisv=r20211111.26193&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axt7_octnBA5gv9m4BzvC2zsMGeMytr6s_SxPoC8DDtIvVMK3vI9Eou4jx8rBqs0UXYA-XWurBESkWBX7aNJ89ouQRQql2-el5MX92uh8DBi1GDITY0WFwd0OpyB3gMGmIhiLn506wsdCz9WUQ3U3zU8UjHg&cry=1&dbm_d=AKAmf-DLvByEZItXGrOmcyX37OyzcpQ0RdHLUr4egBvoSQutkeZNVEepeAc2HgWTcAfpBIOaeWcjY9TCR6x7bX19P5dPwGDW7Y7lTvscDbcfGg9KBhL4K03o8Pp3EcoPR9dsoYwqexf4zom5lZ44RXAkUOa_y_4-1RAYCY9ozyQKLONQzHY3nvRrGzbda6VIXyWnSo-ElhEgOGDNpJZnTiYHiKo8bIdEP4seKq7YIV-58VsLzbiSzMU5vpjH8nN7W7z9PJFLkDv1C-mFWuHOVFWH7EOWYaDjHLbPuHkO9atRhpj_-0BY5Eq-xDa3bQ0hXKCBvQfWrA44IZ3Gi69RvP9B7RPoZ-g7yfm7_qhA_k0HIblSuMc5SNgZ_HI0v75JCsptbEsq7tvLECO0Gna6NXC6qZIEamcnPJty5CxPSkg2YWpGynOwAWowSB-CbgLAgzRuo06Kd1ZqLkABImZNksPPdVTxzu3eqzezSkEFZCn-9sRjr5wnAiqtzCY-Hu2j1J5g1r6koGzpl9JvqdsixoHZyEc-KHn2fxGFRf_4tqFfzAlshCSjwAulJYRQwO7rvFJrPLu7AVwZbxibdntLXvBJ3sJr50v7vUKX7jdaaU1U8UFRhFtR_JYjVa_mOV34Ot4h4Y0FA-SD_A6FM1wVD4AYuY28GZmkYMwbw009RPLx4Iwomn95VfY92kPc-mGZiMn_UTnPqylw2SY0UnbslwEyueiD1krCv_daI3b-POSjXcPvEnbJVCORKjJjrXPDRgSCIBQVH7hF9tRZ2kL-VSY8bFnliBhByaL00bXJnkDxnRJTMN0SIcT-FgnEzmIY1AALOLn0O0HghzULdt000YzwJ4tdHrPnhpZK2PLdUCFC8bFYsailHLAeOwT4g37VsCtXmYmq6ED8Z9Dd54ow159G0LsIeC8uj9JyI9w57ZFrjRJwD9Yz-GKexQRWC4_5rj_f_ywXB5eEOWqBtEr3XBZukmJ0PdUfLVJ3r_vqBahlECWZ2yYBlKXpcLoCvIayHUIQ4E3G4Hf23zBJBL5_ECkh-JWFe6NFKCZTlxgoa3VJ5EfFQgBoElP2MD9wxG0s4nx4zgDi5caSeRCc379iDet82s7rIQsjERRthcWNiBBETRci1b36lrW_uazXJ1VBsBaXsFn0Tbf46pJg3FMsSxaDiY7o66gzZAFbT9HjYLJir5a42YIN4-dB5qmGLtNFdpKyYHU7orZwIeuYOgXtKzadraeA7KiKPrdDPZIMXoW-cg6wmacxEbbx_KkYO4SPPfvtb6-FXKZdddo_eKNpc1MLrqF6vMLNVAG7T2r_p0Q0LZfqecHenh7DXiJKwFufqypHbijq0qxuKt8ZW3HepvrJW5eu5nDZD-DWhzhhVTi3Fd-yrs80y4go_RotJpFWpvvFXsu65IlcaHJd3ZPS0PEiBqsczaGgi99Op9innGB0Y5crxfQMDG8AAnY7HxfHAX9Jp8x--q5OWRc1wo91Oz4r2jzsd2_3tXfc-A2prxNZRfB-h_SqXTJqzTJ7btM9nx9Pwu_mPY80F-hRsx48uya3aCmIJpuss7YO5ha7U96CMQHN-cmvF0U74sFke3pIultUtsqzmPgfIjyEym1F7A8xY5JCL8OmyKRRO63KxnnfZoyR4gNp4-8CfZlXJBfNgJvRIdYa1eRQi5LTu0qltsNesoE7lQgOiVA2yTgiUrFy4i3aIsZWMjgBa7YcFXOiPI5PAYh5sp85RzUYEcZxe06S9lk8bhizRJFrP2tr9xi0mKrG4gxNHLuurLIxMVKnoREI7B-NwZb2fdpeFvhm_4qTqs_IbfbzB-TjMAU71AktuZ7krWHXT1zJ5eRMhOHnJKcYgfa1O86sxlCS3Lf0kmv_9xAUF5FQ0XmNZ1tGfj_tFnhlsKspcPS-9RCRg82n3MD94WpqZlNIGcHXfIBn4litPBX0NMgthmxwnAB48XriahDJd9gylssWt0rm-hIv_-eqdKWPIPxX021BQqQyZ63fB7DmUiho4y46Di-DX3pRc4An6x_ddOvC5ALuSH1t0ct1WMXMFuhnaydu-n77USF6Kx0McwkxLJ0Rd2ID2FkUkATWShWnYcwRI4Cn5vGCH8pZtU1wFpN6C9BD_EIkCvIrmPaiNWQFK64iU17FhKFRjn6aGHtOzDO7JTJbU6oQJueNOMIKVInSmVQW7O-_aTe2ZAh5b2-eGNKGH3eoRzMVKWbDuaOBkpqxLtrHl37Ql7fSrimWebWdZg04yu_WnG_5OBthuJROegTIMUg9EQgwpOXZD1-tx2khlompJNXykhtL7Ip8UWSbU_szFxT8B8FDQqXFqJbCY1TMO-sm3BMyHuT6b6XbJfX4_73Q_tg6V4XPyWoV4PI93ytMUPEEbTGkZkAGkeJ7XLBRQBlVPARHPG9v5VZ_klq04WG22KSStv8do5iOTw-IKqtlXd369ufVRX-8OELWeTZUpqWgQxi-McYFoxcWgNNx43E7bgu1KGqvMxXDjIJOPZVdyXmDlxRYT3hBq0F2-0fehq8x5XEzCxR5DSt0PRtWKZubHKC5j8L44_o0b_s_gmSsMngx8md34bvsLmgkbt0k3pFuHwn1lI_Bx2W-bhnprpzOjIeQMOvECGtU6LgszKjyoP-6F_P_gl9cfBa7PmJAYPa80gq2u-C83AiYNNmSAbrQcgNalZPl98e34oc2JDVKcvwlO4gSF2MPotv7zVd_Qbd2w7yGRa4EIKwJZeuzLlQXTo5mgZagOFBwE7zRw4cdRVElR48lXF7jjXQHRubY9MhyOlMEMIC1oZppA_F9NCZ-2yusd57xRggrMIZlVYmJpzNRC22ToyCYEucrcvaEyyBx8pRnrPRgihrA9uy6B2IlwM_bRuroDBHLO2LNernBbkAQmOaj9AjJBUuZSeSjxWxBH897Lg6CjaZ3n9MVuqoW4INXCsC1cEjJqP8Wgep5PkcQLjE-v8Pgz8KTdljMnIBW0xWvJjryvD1Jcsk2FAjpXdlnwVFN2fmo7mEWTZAt5rFrIG_0beQ7iZQ4sNK-Y_3VmkbhCASHRzZL94DNS8Q_hJkO3Uuuqzf60Pr5i8ms_dzQPurmd_K3FYoceA&pr=8:9F464A194B16EA9D&cid=CAASBORoiQI&rfl=2%2Chttps%253A%252F%252Fouo.press%252FlYuVAs%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 28 Nov 2021 21:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
102001
vids.viaplays.com/dsp/vast/ Frame 587C 		71 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vids.viaplays.com/dsp/vast/102001?&randoms=2182958667720
Requested by
Host: cdn.viaplays.com
URL: https://cdn.viaplays.com/static/PLAYER-200128-pack.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.61.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:30 GMT
x-content-type-options
nosniff
server
nginx
age
0
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept
content-length
71
usync.js
eus.rubiconproject.com/ Frame 4C3D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=uk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6232c92c305efd539e80b2f606dad8b1cee76bc58d5addf2eefcf38a0dd5ef45

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 21:12:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39448
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9513
Expires
Mon, 29 Nov 2021 08:09:58 GMT
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 6047 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 16:21:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
103857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 16:21:33 GMT
tap.php
pixel.rubiconproject.com/ Frame 4C3D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5fdb61a3-f0bd-4400-bd25-369c9f6448d0
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5fdb61a3-f0bd-4400-bd25-369c9f6448d0
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

Date
Sun, 28 Nov 2021 21:12:30 GMT
Server
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5fdb61a3-f0bd-4400-bd25-369c9f6448d0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 28 Nov 2021 21:12:29 GMT
pixel
cm.g.doubleclick.net/ Frame 4C3D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dKUU5PV1AtMUwtNFZFQw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dKUU5PV1AtMUwtNFZFQw==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dKUU5PV1AtMUwtNFZFQw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4C3D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YYCippuDvIqP9JXFbfUe2cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6752027671166635117
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6752027671166635117
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Sun, 28 Nov 2021 21:12:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6752027671166635117
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 4C3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECyeIRkX0QnsNtOGI7FGLJ4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECyeIRkX0QnsNtOGI7FGLJ4&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECyeIRkX0QnsNtOGI7FGLJ4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4C3D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YaPwvgAIG408rABG
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaPwvgAIG408rABG&_test=YaPwvgAIG408rABG
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaPwvgAIG408rABG&_test=YaPwvgAIG408rABG
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1638133951.577384,VS0,VE0
x-served-by
cache-lcy19246-LCY
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YaPwvgAIG408rABG&_test=YaPwvgAIG408rABG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame 4C3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 4C3D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmJmYzY4NDAxMDExMjFmYWQ2MmFhZWI3Y2QxNDU2OThlNTk0Y2IyYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmJmYzY4NDAxMDExMjFmYWQ2MmFhZWI3Y2QxNDU2OThlNTk0Y2IyYg
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmJmYzY4NDAxMDExMjFmYWQ2MmFhZWI3Y2QxNDU2OThlNTk0Y2IyYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 4C3D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6047 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFuESvfCjYeD2LJ_d7_UPmsCr6A8AAAAAOAHgBAI&bg=!l5SllNDNAAZQLpa_UC47ACkAdvg8WljdQz3ZQLNa1_JM75bKCog8RfT0ad_babwJ56ihaCtGSCW60gIAAACDUgAAAAdoAQeZApqZr2KoBlMZ19KbkwKk6OWS0Vdilu0G3dIHcxtejhuXUSWPLc7rWWtonk8EZTtnVHttUp349MStkD6-LcQiuvpARtWksif5b1nLCp5jw7hJkeq223i5seN0dqkenKlhT2XiKlwufZkJhRn4bm6K6bxuqEqZm4cviUwQetOVp6ygnLmbog6utkky-m4hqBgxgKs0F26EsgZy5gGu5Tt-Js24lAdi-3CtfnPFIkLsdattQ7d80dwZNaHy_kRRBZWIqhgMEZ4hiRLsifYQ0ljum7Tdr-WMkTh9fgMdOxWj-rga3dnsdQW_zMD1pVwOl-v6P4WCdcsEETygD2NYjqSOV8E4muekSVXYrEGJmkvJb1gM3WKpAhY8yLPa45yU_MgmkBWyuS-XThOc0O_zuKxay-NAgjrunVEZeHzWkPu9NDbrXOqCFvnILbDq2cjGj6K1eovfrqIMjlkfNzr2BtfWpIG6nBuqJQlUllEN6MF5C1J4dqTZod0Dazt07O-brCdcgRWv7NO8RLMXDpGRzpiQv2DmphR2AOX_nerZrYK84lFyHZCQEEiRSCVeIu8L9yxG8H7h4eyVzIAkyNAywc1zcojpBmjxhvfcyGAekn1hWahj6tbe5USht76CqvYEvnLPdBEoda1MkXQwqBfkma32LIKtsNZeZTCpLcWNjj_GQ1MzTq17BiqXtSYcCq8Q9VGlnBUg7erUwnFUGDrbp0k5Kh9YU_cFihrdd1rzpjzkWbDEbXD8jUQF7U1u1TYDemiE8JQqbcrU0yhpsDOuMG-miuqd_xe7GGbeF6tIdD1GuLLJZ2fvQJd6HEXHaVA0_MAS4dDKN-93IpbpwCWjRDpQEz3nOeqRd0fUc5rxgasLrZavRAkfyv4fDc5g19Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
blank.mp4
cdn.viaplays.com/video/ Frame 587C 		0
0
c
c.adskeeper.co.uk/ 		43 B
442 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.co.uk/c?f=1&pv=3&v=484|342|8|A7MDnU8lNlPDu5DUNQxUKTK4zeZ5JcIWBMmnYq6zg0idod3_DazCljd48ojlPCpM&fw=1&extjs=66044&cid=911109&h2=qfhc2xK2KoQKzoip0ATWKs9O8TFW0ufQTl77umemRow*&rid=e4e7fc79-508f-11ec-b19b-d094662c1c35&tt=Direct&iv=11&pageImp=1&pvid=17d686460a8a8d96c04&cbuster=1638133950178166701679&tpl=0
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/o/u/ouo.press.911109.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ouo.press/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:30 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
f97fda6f-f12c-48d9-a024-a94976da85d4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b5698480f1d7789-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
publishertag.prebid.113.js
static.criteo.net/js/ld/ Frame 04AF 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:31 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Nov 2021 21:12:31 GMT
syncframe
gum.criteo.com/ Frame FB54 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2402
date
Sun, 28 Nov 2021 21:12:30 GMT
content-length
4685
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 04AF 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 21:12:31 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Nov 2021 21:12:31 GMT
sid
mug.criteo.com/ Frame FB54
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=0&topUrl=ouo.press&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=wh8JcHx4dDZlQ1p4dGVhUyt1U3B6RXdob1JJT29ySkRUWnFNcWc3ejBWWWwrb3FqV1h0WU1jNXlvSVZwdnZMTVJkS2IrblpFZkxWbWIvNHJtV2ozV2xrWFkxb0pieXN2SWRNdlZmN3R1WVVPV2t4M0d4d25PdTFkb1RadH...
419 B
618 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=wh8JcHx4dDZlQ1p4dGVhUyt1U3B6RXdob1JJT29ySkRUWnFNcWc3ejBWWWwrb3FqV1h0WU1jNXlvSVZwdnZMTVJkS2IrblpFZkxWbWIvNHJtV2ozV2xrWFkxb0pieXN2SWRNdlZmN3R1WVVPV2t4M0d4d25PdTFkb1RadHN6bEx0TVRaRmNNQ2luajJrWUZiOG5FR2hkclBQZlljU1hsdUd3L3JCR1RXTStMQUJaSStIclYralJ5UTEzZWhab3h2ZnR3RyswNE83S2tERkJObmtJeFRhUTNWbXc3MlQ2SDl0TWQzd3h2WWNIalNJWWxqU2lTaDBWaHVPRm9sM1k0aVg1VVl6ODN1ZnZwZEFpR0UyREgxYUdKWEFlUT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2f699aa81a5803b89f40e0c9344aeee1c8926fa414971cb8a672da3173a55fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 28 Nov 2021 21:12:30 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4648
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 28 Nov 2021 21:12:30 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=wh8JcHx4dDZlQ1p4dGVhUyt1U3B6RXdob1JJT29ySkRUWnFNcWc3ejBWWWwrb3FqV1h0WU1jNXlvSVZwdnZMTVJkS2IrblpFZkxWbWIvNHJtV2ozV2xrWFkxb0pieXN2SWRNdlZmN3R1WVVPV2t4M0d4d25PdTFkb1RadHN6bEx0TVRaRmNNQ2luajJrWUZiOG5FR2hkclBQZlljU1hsdUd3L3JCR1RXTStMQUJaSStIclYralJ5UTEzZWhab3h2ZnR3RyswNE83S2tERkJObmtJeFRhUTNWbXc3MlQ2SDl0TWQzd3h2WWNIalNJWWxqU2lTaDBWaHVPRm9sM1k0aVg1VVl6ODN1ZnZwZEFpR0UyREgxYUdKWEFlUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1886
content-length
541
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1ED3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJI8fKEymG4c5dahVxV18bBchWo1YO4Lg3yaAbhLbXp9BI5P8JaTGGa4kti0leKmfJcEG4z71bFKtUtxFMZ9TNGbmUSuRDK28&sig=Cg0ArKJSzIv57aos3fy0EAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=937,986,1002,1018,1035&tos=937,49,16,16,17&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638133949073&rpt=543&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Nov 2021 21:12:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 66A9 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Nov 2021 21:12:32 GMT
Connection
keep-alive
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 8D27 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/

Response headers

Date
Sun, 28 Nov 2021 21:12:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
GxiHK5l/EuT6bODQVaJB/YwRSmhFLUSLRx+ap6EXsHOGoQSZel++0whkOZoRoGKBGOYM6OIIcwA=
x-amz-request-id
29MRDBPWGB3DWFXN
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
7047
Expires
Sun, 28 Nov 2021 21:13:32 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b5698544e3654b1-MAN
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0A68 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ouo.press/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 28 Nov 2021 05:36:04 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 28 Nov 2021 21:12:32 GMT
Age
56188
X-Served-By
cache-lga21972-LGA, cache-lcy19270-LCY
X-Cache
HIT, HIT
X-Cache-Hits
4, 427567
X-Timer
S1638133953.686845,VS0,VE0
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 66A9 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6232c92c305efd539e80b2f606dad8b1cee76bc58d5addf2eefcf38a0dd5ef45

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 28 Nov 2021 21:12:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=39446
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9513
Expires
Mon, 29 Nov 2021 08:09:58 GMT
bounce
ib.adnxs.com/ Frame 0A68
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Nov 2021 21:12:32 GMT
X-Proxy-Origin
89.238.142.216; 89.238.142.216; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5ee412f3-6686-4957-a036-303ce749eb46
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Nov 2021 21:12:32 GMT
X-Proxy-Origin
89.238.142.216; 89.238.142.216; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cba78ee2-a82c-4193-a559-7259cc1a14e2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0A68 		0
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Nov 2021 21:12:33 GMT
X-Proxy-Origin
89.238.142.216; 89.238.142.216; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
85687dcf-4f21-4d5f-a2ff-778dafedf79a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.viaplays.com
URL
https://cdn.viaplays.com/video/blank.mp4

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| s function| e1GG function| K1GG function| x5dd string| r6II object| apd_options object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _0x2a00 function| _0x205b object| a function| b boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| recaptcha string| country string| agent number| time_cap string| viadscoId string| fallback undefined| viadscoVPAID string| creativeData object| viadscovpaidFrame function| vi2_setCookie function| vi2_getCookie function| vi2_eraseCookie function| dynamicallyLoadScripter244 function| viadscovpaidFrameLoaded object| viadscovpaidLoader object| closure_lm_246958 object| _mgIntExchangeNews object| AdskeeperInfC911109 function| AdskeeperCContextBlock911109 function| AdskeeperCMainBlock911109 function| AdskeeperCInternalExchangeBlock911109 function| AdskeeperCRejectBlock911109 function| AdskeeperCInternalExchangeLoggerBlock911109 function| AdskeeperCObserverBlock911109 function| AdskeeperCSendDimensionsBlock911109 function| AdskeeperCRtbBlock911109 function| AdskeeperCIframeSizeChangerBlock911109 function| AdskeeperCContentPreviewBlock911109 function| AdskeeperCResponsiveBlock911109 boolean| mg_loaded_272839_911109 object| fiUtils function| E6ff function| f2AA function| H1ww function| B1ww function| i2oo object| onClickExcludes function| mgReject911109 function| mgLoadAds911109_0f688 function| AdskeeperCReject911109 function| AdskeeperLoadGoods911109_0f688 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint272839 string| _mgPvid boolean| _mgPageView272839 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping boolean| _mgPageImp272839

22 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcNg56r_9N4WMx8RVsMbEfJ42IpBzW-W04GoNCP5vUyAivODSQIzPajy-TPfl-M_tXrRaU5Ch7x2DS4c2Vc
ouo.io/ Name: ouoio_session
Value: eyJpdiI6InlVXC9yWFFtSVJpQkFaZkxucVBkRUEyempuR3NOVlVQb0xxa0dQdGtIOG00PSIsInZhbHVlIjoieFwvS2c1Rjg2NG1GTm9rR0o1cGphWXowTWtWeXpwTkY2dU43eGVkazJPeEVHRHpFQXlPWFVZN2VYbmRcL3B6K0JJTlwvNm91aWIzWWJYcTc4N3ZhWVRaZ1E9PSIsIm1hYyI6IjlhODAwYjY5OGU0YTNhNjFmMWNlOGY2NzhkYjUwYjQ1YzdjMTBhOThiZDQzMWYwZDkyYmQxNWRkNDVkMWVjZWYifQ%3D%3D
ouo.io/ Name: language
Value: eyJpdiI6IkQ5TkErSU5wMExSWHE3dEtNR1VFa0c4c0JKRUhUeENudVFqbjE0WGFET2s9IiwidmFsdWUiOiJiNHhGVkFscHNRMU9YSmdKekFQKzFzem5OdVZjM3FodEYwQjFCeFBwWFNNPSIsIm1hYyI6IjdmYjU4M2Y4NTM1MWNjZTFiN2JhMWM5ZTY2ODIzZmM0N2RjZTViYTY5YzI2OWYwZTU1NGI1ZjcyNWE2ZjgwN2EifQ%3D%3D
ouo.io/ Name: 3b38a2fcb3fcc0cb96d4a84221437e678a70187f
Value: eyJpdiI6Im96bHRUeEEzUVIzb1ZYcUN0U2I2dE52ZkRoT0U2c2MwK3M2RlJcL01rc01NPSIsInZhbHVlIjoieHRcL1BoUjMxRTcrTWdvNktLdW1abWdEMlBUV2RabFlqVW1TMjl1VCsrck05cUJxXC9CNlRVSlVjdXFIYUpIXC9rYThjV0lSMDY3TzljYWc1N1o4Qmt6NUdvbVREZURhQU4yUnR6TXE0MjZyaHk2dmN0UXFyWlhWXC9taGhMQVJBY2ltbkhuNDF5Q1RGNThaK2Q5b3hURVFsUDFZTkxvTURsWWY1bG14a3pDa2pJVUZzVE93SmxYVUdmZW1EUGYzRVNVXC8yejhuRW9MVzMzeGcyZ2t2c2lEQ2NXYnRLMWoxVjlCK0FtNTVRMCt2QW9XOHFVYXVrXC9QbTNcLzNkY1ZCbURRSjdWT1RVd254KzQxU3RRekhqTWJtVkRRXC9kYWoxWlRXQUw2QWk2SVJjZWdKdmRIb0o4VUw2Wm1yaDhJdzNmS3ZuNlBjN3o2ZitWS2F0a3AxSUNzcUV2SWc9PSIsIm1hYyI6ImMxNWU3N2U1Zjc5MzcyMjlmZDhjMDVhZjc3MDVmODU2ODlhMmNlNjVhMWVjNjhjNTdmMzk2MmE2ZjVmYmZmY2UifQ%3D%3D
ouo.press/ Name: ouoio_session
Value: eyJpdiI6Im9ER2NuVE1aUGVGVis5NFBhM2RtUW9pZEJkTEFtSjA0dElMM1A3clh1U2M9IiwidmFsdWUiOiIyRnZIeWV6NmhUeGN2QzJ6TGNBUHpUOE9sVGtyRkpXUkF0M2NtbjBnOXdrS29JNFA1OG91czl3bUJKdlZEd0V4RFB5bmwrYzdVK2w0aUF5M0s4K2h6dz09IiwibWFjIjoiZWE5YzlmOWY0YjkzNjAyZDY5NDI1NTU5MDYyNzc5MTI2NzdiYjk5MDkzMTUzNzBmODllNzBhNTUyOGYyMGI1NCJ9
ouo.press/ Name: language
Value: eyJpdiI6Imk5NXlsMllLZ1A2R2V5UUZpNlcwdzdEekp3MnZYaGZVVWNtSFozWEVXRWM9IiwidmFsdWUiOiJiNzUyKzJjRUlaak1hcVNld3h1VndkUVFUMTZUV1RsXC9XUVVzc3BnWWE0MD0iLCJtYWMiOiI3Y2Q0MmRiNzBhMDYwZTIyN2Y0YmJlNzgyOTRmNDJmNTNhZWY4YTNmZWYzYThjYmMyMTk3OTA0MzQ3ZjIwMTEwIn0%3D
ouo.press/ Name: db572952dbc2aa3267442833775aa8863d06d883
Value: eyJpdiI6ImtROXdmbGZsT3VDYmFrNlJqSjJNWXBsT3NJb3JTdk5kcjZTemxvcUNsbFE9IiwidmFsdWUiOiJyWW1QTHBqdGdBemRHdG40TFRyXC9xc1FiMUtlK1lMZmFQdkJWUTc3UjZNcXRNelhhTFwvc0NCaEJzWnJpekptMTN3RXd3bGw0OUlcL2JtNmV3b3JVUE5HSCtoSElacGVFbEpYQXRMMjdVeVB5MWRxQ3hkbFZXU1IrdUtSaG1qYzJhcHdobDFsSnRPR1IwRHkySU1OYjlwVWFObXBQeGVBckY0Vk9LQzdBS0R4UndJclVyMWc5YXZ1MlY1UXk0QkV1TCt3V1ZyMGVYQmlqT1wvMm5kV21oSGxzUjY3UEpYKzlac0JvQ2dOY2lqUktKR1RhZkNMMEJGWHB6bVZFT0VyUlJCTklJVDRFYmpZaFpvMTRIeVA5Q2pna25XdzdmeEltT0RoTGhndEVPZlo2MnRYbFVZeHJwbUZwdHNoQkRlNmwxQmNPXC8xbnAwSWxpRlwvTHR4XC9hU1FsZWJ3NGFlTW93eUFkcnA3RW14RzdodmdhMkEyOFJcL3RlNVZZN1lqZmp5K0ZcL08iLCJtYWMiOiI5MWVlNjJkMjhlYWUwNDVmYTNhOTk0NDc4ZjUxYjQ0ZDI0YThhZTk4NTI2MWFkMjNmY2QwNDE1MTJiMmJjMGFjIn0%3D
cdn.firstimpression.io/ Name: OAID
Value: GDPR
servicer.adskeeper.co.uk/ Name: __mglb
Value: cbeb893f26be92ee4d57b414fbc5f82c
.adskeeper.co.uk/ Name: muidn
Value: last9TqZsNcd
ouo.press/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C911109%22%3A%7B%22page%22%3A1%2C%22time%22%3A1638133948788%7D%7D
.rubiconproject.com/ Name: khaos
Value: KWJQNOWP-1L-4VEC
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvYpOSLvtIJhcvfF0nA/IpXwOAx8wdmULGiwCKqTCqCL5+nLKRys2mj2YQuneRSLAnarFwv0pGxR1B1frC9mOYGNEHIhzDz6TM9fU6s=
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGVxFdvwcLZ9VqbBgMWySGKoH1GQZR6kuhciWGKGc5rSKNN7zy6I0dd9Krtx9xPUSfgcRgjl6EitXD+ImxgwUvr3OlDu/ORdD8=
.mathtag.com/ Name: uuid
Value: 5fdb61a3-f0bd-4400-bd25-369c9f6448d0
.doubleclick.net/ Name: IDE
Value: AHWqTUkRn5HWpMvC15cre2NDhAYMOr_fZedmrttZTftPs1bWcC6n_bJWO3pwbyQB89E
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YaPwvgAIG408rABG
.viaplays.com/ Name: vplays_uid
Value: f45d4c32-1b4c-4ef0-a697-6ea074104a1b
.yahoo.com/ Name: A3
Value: d=AQABBL7wo2ECEFvdZLIOOxx2P94x1XhgQwgFEgEBAQFCpWGtYQAAAAAA_SMAAA&S=AQAAAhLh9hI6WALZUVssvq9zNxk
.criteo.com/ Name: uid
Value: 4f8914a7-3a91-4db0-8d2e-9bb23f50fa74
.ouo.press/ Name: cto_bundle
Value: 5CIC7l9uNmlUTDV6Y0tTdkwwRndmRnpmdUZJZnV5VzRLaXlHcWE0djRUMm1IRERTWk1DcVpHUG5NNGFvcFBCWDhWTE4zRDBMQzVYTVFPVFNKN3g2Wm9yZDlNOWk5eGVObjJ2T09zQjljeEtXTyUyQiUyRkhGOFR0ZWpQUnMxdDVreWVvb1BESkI4SmFJT3FMdTNicXRlaTdsVTBUWWNnJTNEJTNE
.adnxs.com/ Name: uuid2
Value: 336163596821881493

4 Console Messages

Source Level URL
Text
network error URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://ouo.press/lYuVAs
Message:
The resource https://ecdn.firstimpression.io/static/js/prebidamp.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://ouo.press/lYuVAs
Message:
The resource https://c.amazon-adsystem.com/aax2/apstag.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.doubleclick.net
aphycolourses.info
athyouglas.xyz
beacon-iad2.rubiconproject.com
bidder.criteo.com
biddr.brealtime.com
c.adskeeper.co.uk
c.amazon-adsystem.com
cdn.adskeeper.co.uk
cdn.firstimpression.io
cdn.viaplays.com
cm.adskeeper.co.uk
cm.g.doubleclick.net
cm.steepto.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
ib.adnxs.com
id.rlcdn.com
itineraryupper.com
jsc.adskeeper.co.uk
lasticalsdeb.xyz
match.adsrvr.org
mug.criteo.com
ouo.io
ouo.press
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
s-img.adskeeper.co.uk
s.update.rubiconproject.com
s0.2mdn.net
servicer.adskeeper.co.uk
static.criteo.net
sync-tm.everesttech.net
sync.mathtag.com
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
tracking1.firstimpression.io
video.your-notice.com
vids.viaplays.com
widgets.outbrain.com
www.google.com
www.googletagservices.com
www.gstatic.com
cdn.viaplays.com
104.17.119.107
104.19.131.80
104.19.132.80
104.19.138.80
13.32.99.117
142.250.186.130
142.250.186.66
142.91.9.135
151.101.194.49
151.101.65.108
173.237.61.68
178.250.0.165
178.250.2.146
18.66.109.174
18.66.122.74
18.66.97.73
185.29.132.245
185.33.221.13
192.243.59.20
2.18.234.190
213.19.147.42
216.58.212.166
23.37.42.132
2602:803:c002:200::32
2602:803:c002:200::44
2606:4700:10::6816:16a2
2606:4700:10::6816:3afb
2a00:1450:4001:803::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a02:2638:1::3
2a02:2638::1c
2a05:d018:d29:3605:14b1:76c0:1806:81d9
3.33.220.150
34.251.154.165
35.158.25.241
35.244.174.68
44.195.137.121
63.34.228.134
69.173.144.138
69.173.144.165
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
09d3acef1da23f7add4af1011a6ba2a252dedbc4674845da969464fb0cc43c04
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa9b1629f8060bbddfae32fbd6dfd8b9b18c0d39ef5041b4ea12469712fff8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f91afb2ddf53f0744c1a5a8c94773cee45e7f2197b81806c26aa420950f1ce1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15f13473df0f6891c25abdac47dfbd82f994e8d1c0037bf47d74b54fcdd059e8
1726e1aae1da6f5b16c581f5c249ba0ff7c79d2d985875408f75facf4a0d0739
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2f699aa81a5803b89f40e0c9344aeee1c8926fa414971cb8a672da3173a55fec
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d70de144aa6da2d15fe3984f8fa36c19e05c310ff197779493924279f1e54fc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
45284cf5f66bf13b5df3efb6673d4968619259f53d317c6dd7c5853a1e68a471
4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
50cc853b333d0ddce8553fd8084d7cbca908e19ca1eb85a5bef254ff7699e1de
52d6d47a3c3542354e48c8cfd3d1ca9e02a57edd4c1dfca35c2abbbe7a10cd3f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6232c92c305efd539e80b2f606dad8b1cee76bc58d5addf2eefcf38a0dd5ef45
62a17bc7232cf7af5c41ff98ec5a59d300d586773b5850e460aea5387f60c8b2
659cd2a5012e929a12042a0fec33cb2d0d2dc1cfe25088cf6594b5d103b6b514
662457688e5e95884cd6e8f3e2145f35e7c04a3237407eac6e57cef11c65ec14
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
689e94d9fb8718f3f8761bf8408fbbf7d4eb5ec5b3894e846469d45d3417be69
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
763ce08de6deff3abf1458fb32a757404d58f781b8a950435c5b5b78f9c7ba6c
7748820d0cfdbc69f5055faf8912715b8c8454dec2831703870c2a82a57c51e4
786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
911e3c686b479a09d9d41a501e53ad7f52cd1d1a1f83a723598d313ed9b681e3
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
935dce9553032fcf99a5dd32430786c187b47f8f4d99042ac9f3d3a52c51f5df
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
951ef58110da257af184d070debdb8c9a82eb8810d44158524c4c31a59dc9b61
95a6fe12eda0292d2087434b27aae12b65306806ed7929228ac8c657cf4c6b31
9777430d5d6bfa55792658951fe20f2bb7e239736d7f98c1ccb535a2bb2a1fd3
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
af4e627064bcaf89fa352a90d71f8ad6294ed8e5625290b2f4cdc173fa15ee1c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b86de1f94e460206292c4a8e29891e04e684c12d431dda6e0e10570f253a81ef
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6914594679eac5b7740de3d2f7362c40383b16437a3488d34c6ce48898fd7bb
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ef138a8e7708885f1e02cb5d4548d55ea4a48cee7aa115e3f438ca89af0240
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a