ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ouo.io/4CvoJ0t
Effective URL:
https://ouo.press/4CvoJ0t
Submission: On April 13 via manual (April 13th 2024, 5:18:36 am UTC) from RU — Scanned from DE

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 38 domains to perform 91 HTTP transactions. The main IP is 2606:4700:10::6816:3afb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 286450.
TLS certificate: Issued by E1 on April 12th 2024. Valid for: 3 months.

This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:697	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:10:... 2606:4700:10::6816:3afb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	23.109.170.68 23.109.170.68	7979 (SERVERS-COM) (SERVERS-COM)
2	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
1	172.67.223.102 172.67.223.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 4	54.38.133.13 54.38.133.13	16276 (OVH) (OVH)
1	13.224.189.112 13.224.189.112	16509 (AMAZON-02) (AMAZON-02)
6	99.86.4.124 99.86.4.124	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.63.248.53 178.63.248.53	24940 (HETZNER-AS) (HETZNER-AS)
2	99.86.4.102 99.86.4.102	16509 (AMAZON-02) (AMAZON-02)
2 5	54.38.133.12 54.38.133.12	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
3	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
3	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	18.245.31.9 18.245.31.9	16509 (AMAZON-02) (AMAZON-02)
1	18.244.15.236 18.244.15.236	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1 1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
2	104.26.8.178 104.26.8.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
3	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
5	172.67.74.129 172.67.74.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.67.138.13 172.67.138.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
91	45

1 2606:4700:10::ac43:697 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ouo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:3afb (United States)

ASN13335 (CLOUDFLARENET, US)

ouo.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.170.68 (Netherlands)

ASN7979 (SERVERS-COM, US)

cuplikenominee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.223.102 (United States)

ASN13335 (CLOUDFLARENET, US)

hhklc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

attentionantecedentsuperb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.38.133.13 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip13.ip-54-38-133.eu

lv.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-112.fra2.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.4.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-124.fra6.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.248.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: psh6.1push.io

eu.can-get-some.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-102.fra6.r.cloudfront.net

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.38.133.12 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip12.ip-54-38-133.eu

adlv.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-9.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.15.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-15-236.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.8.178 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.138.13 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	adform.net adx.adform.net — Cisco Umbrella Rank: 5521 cm.adform.net — Cisco Umbrella Rank: 1223 track.adform.net — Cisco Umbrella Rank: 5725 s1.adform.net — Cisco Umbrella Rank: 10900	69 KB
8	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 31944 cdn.firstimpression.io — Cisco Umbrella Rank: 30262	227 KB
6	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 663 gum.criteo.com — Cisco Umbrella Rank: 465	743 B
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 311 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 636 aax.amazon-adsystem.com — Cisco Umbrella Rank: 417	79 KB
6	ouo.press ouo.press — Cisco Umbrella Rank: 286450	32 KB
5	ad4m.at ad4m.at — Cisco Umbrella Rank: 14752 as.ad4m.at — Cisco Umbrella Rank: 38223	11 KB
5	gemius.pl 2 redirects adlv.hit.gemius.pl — Cisco Umbrella Rank: 297412	22 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 263	3 KB
4	adocean.pl 2 redirects lv.adocean.pl — Cisco Umbrella Rank: 268915	22 KB
3	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 874	453 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 687	28 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 713	406 B
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 46788	2 KB
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1059 eus.rubiconproject.com — Cisco Umbrella Rank: 614	136 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2057	27 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 644	373 B
2	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 156 cm.g.doubleclick.net — Cisco Umbrella Rank: 265	539 B
2	gstatic.com www.gstatic.com fonts.gstatic.com	221 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	883 B
1	adxbid.info adxbid.info — Cisco Umbrella Rank: 18262
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2735	477 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 383	235 B
1	setupad.com node.setupad.com — Cisco Umbrella Rank: 57375	241 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 758	271 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7736	172 B
1	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 18371	2 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1533	239 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 511	441 B
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 46758	138 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 315	10 KB
1	can-get-some.in eu.can-get-some.in — Cisco Umbrella Rank: 237883	19 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2164	1 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 33814	2 KB
1	attentionantecedentsuperb.com attentionantecedentsuperb.com — Cisco Umbrella Rank: 312859
1	hhklc.com hhklc.com — Cisco Umbrella Rank: 367061	3 KB
1	cuplikenominee.com cuplikenominee.com — Cisco Umbrella Rank: 317384	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	855 B
1	ouo.io 1 redirects ouo.io — Cisco Umbrella Rank: 96458	2 KB
91	38

	Domain	Requested by
6	track.adform.net	stpd.cloud s1.adform.net
6	ecdn.firstimpression.io	ouo.press ecdn.firstimpression.io
6	ouo.press	ouo.press
5	adlv.hit.gemius.pl	2 redirects lv.adocean.pl ouo.press adlv.hit.gemius.pl
4	ad4m.at	s1.adform.net ad4m.at
4	ib.adnxs.com	2 redirects ecdn.firstimpression.io
4	c.amazon-adsystem.com	ecdn.firstimpression.io c.amazon-adsystem.com
4	lv.adocean.pl	2 redirects ouo.press
3	s1.adform.net	stpd.cloud track.adform.net s1.adform.net
3	cm.adform.net	ouo.press
3	adx.adform.net	stpd.cloud s1.adform.net
3	gum.criteo.com	stpd.cloud static.criteo.net
3	bidder.criteo.com	ecdn.firstimpression.io stpd.cloud
3	targeting.unrulymedia.com	ecdn.firstimpression.io
2	static.criteo.net	stpd.cloud static.criteo.net
2	onetag-sys.com	stpd.cloud
2	prebid-stag.setupad.net	stpd.cloud
2	script.4dex.io	stpd.cloud script.4dex.io
2	rtb.openx.net	ecdn.firstimpression.io
2	cdn.firstimpression.io	ecdn.firstimpression.io
2	www.google.com	ouo.press www.gstatic.com
1	adxbid.info	stpd.cloud
1	as.ad4m.at	ad4m.at
1	match.adsby.bidtheatre.com	1 redirects
1	cm.g.doubleclick.net	stpd.cloud
1	x.bidswitch.net	stpd.cloud
1	node.setupad.com	ouo.press
1	prebid.a-mo.net	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	rtb.adxpremium.services	stpd.cloud
1	cadmus.script.ac	script.4dex.io
1	eus.rubiconproject.com	ouo.press
1	secure-assets.rubiconproject.com	1 redirects
1	id5-sync.com	stpd.cloud
1	stpd.cloud	ouo.press
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.jsdelivr.net	ecdn.firstimpression.io
1	fonts.gstatic.com	fonts.googleapis.com
1	eu.can-get-some.in	hhklc.com
1	widgets.outbrain.com	ouo.press
1	ad.doubleclick.net	ouo.press
1	www.gstatic.com	www.google.com
1	ecdn.analysis.fi	ouo.press
1	attentionantecedentsuperb.com	ouo.press
1	hhklc.com	ouo.press
1	cuplikenominee.com	ouo.press
1	fonts.googleapis.com	ouo.press
1	ouo.io	1 redirects
91	49

This site contains no links.

Subject Issuer	Validity	Valid
ouo.press E1	`2024-04-12` - `2024-07-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cuplikenominee.com R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
hhklc.com E1	`2024-03-02` - `2024-05-31`	3 months	crt.sh
attentionantecedentsuperb.com R3	`2024-03-28` - `2024-06-26`	3 months	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2024-01-29` - `2025-02-06`	a year	crt.sh
analysis.fi Amazon RSA 2048 M01	`2023-10-04` - `2024-10-31`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2023-11-28` - `2024-12-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
eu.can-get-some.in R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2023-09-14` - `2024-09-25`	a year	crt.sh
stpd.cloud E1	`2024-03-09` - `2024-06-07`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-07` - `2025-04-03`	a year	crt.sh
script.ac E1	`2024-02-26` - `2024-05-26`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
setupad.net E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-05`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.a-mo.net R3	`2024-03-06` - `2024-06-04`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
node.setupad.com R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-14` - `2024-06-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
ad4m.at GTS CA 1P5	`2024-04-06` - `2024-07-05`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
adxbid.info E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://ouo.press/4CvoJ0t
Frame ID: 280FA0214E394E03BD72B32E881115EF
Requests: 28 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 5D6EF387DD000488E2BCA22F818325A0
Requests: 12 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: ECED1F6E3D99F37185457BFC213ACB83
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=a5tkj479a6e2
Frame ID: EA0E988B22333A676D95C946E8BA59BD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 86F5B6F560381FE1529D3FF08D7AA992
Requests: 1 HTTP requests in this frame

Frame: https://adlv.hit.gemius.pl/gdejs/xgde.html
Frame ID: 971ED6C41016C1A4986D4E6AC167D517
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52776760;rtbwp=ognhZMmsayILzo-qpkMBwZiICW2cTlnE0;rtbdata=YNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: B68A5E05F7C5F0F54E3B2F861AF2BF36
Requests: 16 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: A34DAFDBA8E0CD98DA3AC375E0E9BDA2
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 83C8FA05E0D62538645F4A6ED931BE75
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=27bb2f037f891f0ed0140bcf18c7ce0d%2F14654655028649140369&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1712985503832&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3DognhZMmsayILzo-qpkMBwZiICW2cTlnE0%3Bcrtbdata%3DYNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0%3Bccsid%3D60961%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl9kWY32ZTeuRw6aMNmY10yPYaV26_X9k4ljRVVQct1uWnlaYMmiKZiG0rmtBb5HYB9lTdQK9Mf4tX1V6Wu33am3eBFTPhDKzDYaFdXPWmZwWNy1UHcmhfmT6npVqahMRT_bhcvExESkyW5CEUMS77eYTG7M-Gt3Wg_GYS5Ex1g4pDAlicGO6Dn7oUaAN1pJd0eNrCdUcswRy6a1Bi6FUOW4eWJuNnfKfwi3zzo4GAmewUR5KvF209M1eisRo_nvfbhfDodlrAbFzf1Ky_xeZw7ft6ejc8864itPcE7GXY1qLkArBVVsR5ERlX_tFtHBAgdS7DqF-qmfY4IIVdx_ALDNR7orjMlfzPPTkpPat7l8I0-4MC48y3HM0%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f4CvoJ0t%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 5D0B0FE17F5E6869E33B201189CB1927
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: F3C1A78A27E0F9665E65BF2D9CED5BA8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1712985503233
Frame ID: 99C5ADE34E33E29D74A4D40467190C53
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C2FB2D113A249AFD055B9661E3065553
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

https://ouo.io/4CvoJ0t HTTP 302
https://ouo.press/4CvoJ0t Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdOcean (Advertising) Expand

Overall confidence: 80%
Detected patterns

adocean\.pl

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

91
Requests

96 %
HTTPS

21 %
IPv6

38
Domains

49
Subdomains

45
IPs

7
Countries

921 kB
Transfer

3913 kB
Size

39
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ouo.io/4CvoJ0t HTTP 302
https://ouo.press/4CvoJ0t Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200 HTTP 301
https://lv.adocean.pl/__/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200 HTTP 301
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712985502%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7%2Fx%3D1600%2Fy%3D1200 HTTP 301
https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712985502%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7%2Fx%3D1600%2Fy%3D1200 HTTP 301
https://lv.adocean.pl/___/_1712985502/ad.js?hclsdata=&hcudata=sB_6HSM4ZL2AC84dkDOL4SGm1w2tGGohiIsXN0SY6XH.E7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200

Request Chain 44

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 62

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
https://cm.adform.net/pixel?adform_pid=16&adform_pc=2255769871467275086

Request Chain 63

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
https://cm.adform.net/pixel?adform_pid=18&adform_pc=5e549cd6-b861-4916-87a4-f25c95644353

91 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 4CvoJ0t Show response
ouo.press/
Redirect Chain

https://ouo.io/4CvoJ0t
https://ouo.press/4CvoJ0t

9 KB
5 KB

229ms
189ms

Document
text/html

2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/4CvoJ0t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

950c3b06ffb164f7b6ed87d3fca44d726b1f595bf2ded347b9248dd390f390e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8738feba2a018fc8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 13 Apr 2024 05:18:21 GMT
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8738feb8a9cc6977-FRA
content-type: text/html; charset=UTF-8
date: Sat, 13 Apr 2024 05:18:21 GMT
location: https://ouo.press/4CvoJ0t
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 1 KB
855 B 124ms
44ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 04:20:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Apr 2024 05:18:22 GMT

GET
H2 200 bootstrap.css
ouo.press/css/ 107 KB
19 KB 39ms
37ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/bootstrap.css

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/4CvoJ0t
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33640
cf-polished: origSize=109522
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
server: cloudflare
etag: W/"54def1fc-1abd2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 8738febb5a898fc8-FRA
expires: Sat, 13 Apr 2024 07:57:42 GMT

GET
H2 200 link-safe.css
ouo.press/css/ 6 KB
2 KB 40ms
39ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/link-safe.css

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/4CvoJ0t
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21001
cf-polished: status=cannot_optimize
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
server: cloudflare
etag: W/"5d951ace-1830"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 8738febb5a8b8fc8-FRA
expires: Sat, 13 Apr 2024 11:28:21 GMT

GET
H/1.1 200
OK 48786 Show response
cuplikenominee.com/1clkn/ 6 B
1 KB 66ms
18ms Script
application/javascript 23.109.170.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cuplikenominee.com/1clkn/48786

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.68 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 05:18:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
883 B 123ms
46ms Script
text/javascript 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f4.1e100.net

Software

GSE /

Resource Hash

d2955f1dd2acef625bf6655a588fa3584a4c3a7e2f74830ad2d9a1e5a9acbee8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 13 Apr 2024 05:18:22 GMT

GET
H3 200 c.js Show response
hhklc.com/ 12 KB
3 KB 60ms
22ms Script
application/javascript 172.67.223.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hhklc.com/c.js
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.223.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec4a74682b74e577b647c390bc60fe3a7fa41efb622f58a8741112e5bfa3d4f5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 09:28:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1367
etag: W/"64d5ff4f-3165"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ieq%2Bsfwk2NMFFgTcsB19ili%2Brrr7MYBgCNSWYP%2FuldHc3MgADcY4dv8FM18fD%2FLnBU7SUUbZrwEZVKpKmQCxnfvyJo%2F%2BPzPsSR6h35yBaPWbgXtz7w5%2BkLqqsQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8738febc69e29b8f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 13 Apr 2024 05:40:35 GMT

GET
H/1.1 403
Forbidden ed36014633829dc70a42dccaefdf3f11.js
attentionantecedentsuperb.com/ed/36/01/ 0
0 291ms
93ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://attentionantecedentsuperb.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 05:18:22 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 aomini.js Show response
lv.adocean.pl/files/js/ 8 KB
4 KB 90ms
27ms Script
application/x-javascript 54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/js/aomini.js
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: GAD /
Resource Hash: 97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2024 13:26:09 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag: "00001FCFAF20B624"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, must-revalidate, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3211
expires: Sat, 13 Apr 2024 09:18:22 GMT

GET
H2 200 world.png
ouo.press/images/ 5 KB
6 KB 25ms
24ms Image
image/png 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ouo.press/images/world.png

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4db4bac474698c5d55f46092b8d727ad156a6a0fe52cbc8326a4003859f1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/4CvoJ0t
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1576461
cf-polished: origSize=5692
content-length: 5590
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 May 2015 05:02:52 GMT
server: cloudflare
etag: "5549a07c-163c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8738febb5a8c8fc8-FRA
expires: Wed, 24 Apr 2024 23:24:00 GMT

GET
H2 200 email-decode.min.js Show response
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
829 B 16ms
15ms Script
application/javascript 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/4CvoJ0t
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2024 17:26:04 GMT
server: cloudflare
etag: W/"6610342c-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8738febb5a8d8fc8-FRA
expires: Mon, 15 Apr 2024 05:18:21 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 35ms
8ms Script
application/javascript 13.224.189.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-112.fra2.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:02:48 GMT
content-encoding: br
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 17:46:30 GMT
server: Apache/2.4.54 (Debian)
x-amz-cf-pop: FRA2-C1
age: 934
etag: W/"1090-615c19e5c8980"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
x-amz-cf-id: OttVyYfamcbqJ9dfwXV_r9jdifGDoKRsn3NFatDeoEqvXxk_XKtkOQ==

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 353 KB
93 KB 43ms
8ms Script
application/javascript 99.86.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-124.fra6.r.cloudfront.net

Software

Apache/2.4.54 (Debian) / PHP/8.2.0

Resource Hash

1b1b92759bc7b9aedbe79bf24df4af0db7f253ab5cbae33012a109a36cfc54a3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 04:32:09 GMT
Content-Encoding: br
Via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 2773
X-Powered-By: PHP/8.2.0
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 0
Last-Modified: Sat,13 Apr 2024 04:32:09 UTC
Server: Apache/2.4.54 (Debian)
ETag: W/"8f7d0370a098aafd2dfe5aae18fa1b51"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Id: Mnuyt_S9iO2GolkWlKwT-QS2mD9t1twVaiu0vXwCGwpyYLI-WOo5ww==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 501 KB
201 KB 113ms
36ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 12:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205471
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Apr 2025 12:35:35 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 109ms
36ms Image
image/x-icon 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 17:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Apr 2024 17:31:55 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 43ms
9ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 13 May 2024 05:18:22 GMT
date: Sat, 13 Apr 2024 05:18:22 GMT
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 908325 Show response
eu.can-get-some.in/p/ 57 KB
19 KB 53ms
15ms Script
application/javascript 178.63.248.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.can-get-some.in/p/908325?c=zc_908325
Requested by: Host: hhklc.com
URL: https://hhklc.com/c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.248.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: psh6.1push.io
Software: Angie /
Resource Hash: 37313745479df92aabc071644fd1bed44564c09e50a0a0c945e493c7d92a8cd2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: gzip
server: Angie
content-length: 19048
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK spc_fi.php Show response
cdn.firstimpression.io/delivery/ 28 KB
7 KB 86ms
51ms XHR
application/json 99.86.4.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2F4CvoJ0t&charset=UTF-8&ch=7&ref=ouo.press&viewerId=null&referer=&_firid=98096435
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-102.fra6.r.cloudfront.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: c4bfd2960ad230225ea1714c2618ba9ec87faabd338f4d029874b63530cda1f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 05:18:22 GMT
Content-Encoding: gzip
Via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Length: 5944
Pragma: no-cache
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: JAQhCqmEem3Yvo0-W9WsKLeEYunSsZGqksncuHZ-ZYYPIlbtrsFgQA==
Expires: 0

GET
H2

200

ad.js Show response
lv.adocean.pl/___/_1712985502/
Redirect Chain

https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
https://lv.adocean.pl/__/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712985502%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7%2F...
https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712985502%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7...
https://lv.adocean.pl/___/_1712985502/ad.js?hclsdata=&hcudata=sB_6HSM4ZL2AC84dkDOL4SGm1w2tGGohiIsXN0SY6XH.E7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200

58 KB
18 KB

28ms
28ms

Script
application/x-javascript

54.38.133.13
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/___/_1712985502/ad.js?hclsdata=&hcudata=sB_6HSM4ZL2AC84dkDOL4SGm1w2tGGohiIsXN0SY6XH.E7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H2
Server: 54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ip13.ip-54-38-133.eu
Software: GAD /
Resource Hash: f2d1ba881f649315bbc529a5e5abd6ad834ec6e9579d50e9e919086017e26e60

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17759
expires: Fri, 12 Apr 2024 05:18:22 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:22 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://lv.adocean.pl/___/_1712985502/ad.js?hclsdata=&hcudata=sB_6HSM4ZL2AC84dkDOL4SGm1w2tGGohiIsXN0SY6XH.E7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 12 Apr 2024 05:18:22 GMT

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 19 KB
19 KB 114ms
36ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 05:46:40 GMT
x-content-type-options: nosniff
age: 257502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19292
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Apr 2025 05:46:40 GMT

GET
H/1.1 200
OK prebidamp.js Show response
ecdn.firstimpression.io/static/js/ 305 KB
91 KB 26ms
8ms Script
application/javascript 99.86.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-124.fra6.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: 7d16e340b05b82e0a1b5beceedb78141c23b527bcaff77915780fac517617eb5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 05:02:51 GMT
Content-Encoding: br
Via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 3365
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 10 Apr 2024 17:45:58 GMT
Server: Apache/2.4.54 (Debian)
ETag: W/"4c441-615c19c744180"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Id: vpNZWvp7xndfQTQKQcQwgTYZ0FY7-Yg0ksCWo18rYH1bCV8oowKqEA==

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 26 KB
10 KB 38ms
22ms Script
application/javascript 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2881
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220028-FRA, cache-lga21983-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljALMHaeCDKKCqwO3hiF9l7vFOD2tm2slsRT29awBLFF4Gmz4jN%2BG9a3V5oP2Z6Y8duInlAKJmaKlFdpaaIWxZvGjUR5F27Y7ssCnD8H4ODdUURNF58rG8K%2BJuuL8E4njzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8738febdd95c37c6-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 48ms
8ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 04:22:06 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified: Mon, 25 Mar 2024 17:06:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3377
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: SpwGgPHvK3LDiaXurRaZwuVHdNavrIv7UsaRfIvtXI1KdqwVTP3Q2A==

GET
H/1.1 200
OK fiamp.js Show response
ecdn.firstimpression.io/static/js/ Frame 5D6E 114 KB
37 KB 8ms
7ms Script
application/javascript 99.86.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-124.fra6.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: 563e77cfdca516b25f6d752bc3316de7932e4f8b111d8338f31b6160df052685

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 04:44:45 GMT
Content-Encoding: gzip
Via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 2017
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 37077
Last-Modified: Wed, 10 Apr 2024 17:45:58 GMT
Server: Apache/2.4.54 (Debian)
ETag: "1c721-615c19c744180-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Accept-Ranges: bytes
X-Amz-Cf-Id: CgYj0n2Dpovf_8wF1zoCFVK9X1-TX7Yn7a15qU_THIdVMpWkxN0MeQ==

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK prebidamp.js Show response
ecdn.firstimpression.io/static/js/ Frame 5D6E 305 KB
0 0ms
0ms Script
application/javascript 99.86.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-124.fra6.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: 7d16e340b05b82e0a1b5beceedb78141c23b527bcaff77915780fac517617eb5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 05:02:51 GMT
Content-Encoding: br
Via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 Apr 2024 17:45:58 GMT
Server: Apache/2.4.54 (Debian)
X-Amz-Cf-Pop: FRA6-C1
Age: 3365
ETag: W/"4c441-615c19c744180"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Id: vpNZWvp7xndfQTQKQcQwgTYZ0FY7-Yg0ksCWo18rYH1bCV8oowKqEA==

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 57ms
13ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ouo.press
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ouo.press
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sat, 13 Apr 2024 05:18:22 GMT

POST
H/1.1 200
OK lg.php
cdn.firstimpression.io/delivery/ Frame 5D6E 1 B
626 B 43ms
42ms Ping
text/html 99.86.4.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=65638%7C65639%7C83411%7C93863%7C106433&campaignid=15%7C9%7C44%7C43%7C11&zoneid=110459%7C110459%7C110459%7C110459%7C110459
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-102.fra6.r.cloudfront.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 13 Apr 2024 05:18:22 GMT
Content-Encoding: gzip
Via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Pragma: no-cache
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-cache, no-store, must-revalidate
X-Amz-Cf-Id: SZ_oQWpVkr4VqnlsogFsNv6Ilfx1hXvvnGFqqjW5R4MFQ0aJ_znsUA==
Expires: 0

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 5D6E 11 B
227 B 42ms
15ms XHR
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:22 GMT
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://ouo.press
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5D6E 0
188 B 142ms
92ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.46.0-pre&cb=92390612098&lsavail=1

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Sat, 13 Apr 2024 05:18:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 5D6E 19 B
579 B 49ms
15ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:22 GMT
an-x-request-uuid: a6100dd1-4f72-4d5e-b185-50299edad84c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.166; 185.213.155.166; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame 5D6E 53 B
244 B 54ms
19ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2cc98b30a708cc89569eae2d6dbb5f6ed0fafd4179d3ca8bff3092fd8a0c8006

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 5D6E 298 KB
0 48ms
8ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 04:22:06 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified: Mon, 25 Mar 2024 17:06:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3377
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: SpwGgPHvK3LDiaXurRaZwuVHdNavrIv7UsaRfIvtXI1KdqwVTP3Q2A==

GET
H2 200 4cd01fd0-0780-4b33-a4da-c39467660185 Show response
config.aps.amazon-adsystem.com/configs/ Frame 5D6E 563 B
830 B 32ms
7ms Script
application/javascript 18.245.31.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/4cd01fd0-0780-4b33-a4da-c39467660185
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-9.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 31efbc030a3594143942eb92abf8194102b4f793ed6d2a9a3fed31f45b6cabd8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:00:54 GMT
via: 1.1 af3799c72ed879abb7633a4c3e57502e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 1048
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: O8GIeb3QRPWvL-d919r7jyJhIhOzH05TDN40hdolAXM7oGxXTvGSiw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 5D6E 0
305 B 7ms
7ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:05:48 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 753
x-cache: Hit from cloudfront
access-control-allow-origin: https://ouo.press
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 2tfvjNk1XGdwprIlkQCrXTH5YVjVi0fXT-vd0e66t6C-RG5NpolYwg==

GET
H2 200 bid
aax.amazon-adsystem.com/e/dtb/ Frame 5D6E 23 B
0 187ms
48ms XHR
text/javascript 18.244.15.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F4CvoJ0t&pid=NMyiOB4c6t70X&cb=0&ws=728x90&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-15-236.fra56.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
via: 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Ny0o_sU7LLOLiXrkVT28cAyyUXanWt787Cn9FsPVQfUUTUMq7laTvw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5D6E 6 KB
3 KB 21ms
7ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 00:54:30 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 15833
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 4SWy2gU7RaOvun1SJzPByqIhmVqE9K2QgKGxfR7spE1CzDmQT7cItA==

GET
H2 200 xgde.js Show response
adlv.hit.gemius.pl/gdejs/ 57 KB
20 KB 50ms
50ms Script
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2024 10:41:22 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag: "66190FD20000E4B16AE93791"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20487
expires: Sat, 13 Apr 2024 09:18:22 GMT

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1712985502931/redot.js/id=B8Cbu6NpbNcuC50y1IAlgJeCfbuUe_8uTCBghdA2d6..O7/stparam=unjqkqfkog/fastid=avfaazwfeurhrrmqafxzbtsecfle/sarg=661A159E8013F967;/inner=%7Cao_uniq%3Deopmjkf... 2 B
441 B 50ms
49ms Ping
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1712985502931/redot.js/id=B8Cbu6NpbNcuC50y1IAlgJeCfbuUe_8uTCBghdA2d6..O7/stparam=unjqkqfkog/fastid=avfaazwfeurhrrmqafxzbtsecfle/sarg=661A159E8013F967;/inner=%7Cao_uniq%3Deopmjkfkxinjptlsdedgicfh%7C;/extra=;
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:22 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://ouo.press
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Fri, 12 Apr 2024 05:18:22 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame ECED 480 KB
138 KB 57ms
31ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stpd.cloud/assets/postbid/stpd220112.js

Requested by

Host: ouo.press
URL: https://ouo.press/4CvoJ0t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4783
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"779c38b2063034c2c2b61db7ee6d9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUwvR9WsYvCNROXdp4aT1200A2ZI4bWQKtVVjuojRS8SvoZdYZQ5JmU6d9nw5WbVbuCa0xZYoVlauPjYRhLrmi2WFShKd1ueK5MQnj%2FPOiNBERrJwtmVp8fNJVvC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 8738fec18aeb1cc1-FRA
expires: Sat, 13 Apr 2024 05:38:22 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame EA0E 0
0 133ms
63ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=a5tkj479a6e2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YvUt3Q3JLW_GbbcFL3PYpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YvUt3Q3JLW_GbbcFL3PYpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Apr 2024 05:18:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 50ms
15ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ouo.press
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 13 Apr 2024 05:18:22 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 242373
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame ECED 4 KB
2 KB 40ms
15ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 05:18:23 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 10 Apr 2024 15:26:39 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 222669
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSIj9TYG3WvxuJ37CQNTKG0dH%2BUIpU1feJWyTwJCRqRuxgik4H0UcaoIKuPFdCmuL7dhiy97fzxsYwVr%2FFBwrFwxz8sR%2BI8IWYboo3xkcxmTTW1D9B%2F7q%2BuAj5ERmxwXhW48H8054CW3mxIG"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8738fec21efb195e-FRA

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame ECED 2 B
368 B 43ms
15ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 265659
expires: 0

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ Frame ECED 251 B
441 B 95ms
28ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

9b8384c14afa13361b3e05b68b888fd73f29a305520a293a7852ceced54d3c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Sat, 13 Apr 2024 05:18:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 86F5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

0
0

145ms
15ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Apr 2024 05:18:23 GMT
ETag: "2052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 13 Apr 2024 05:18:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

GET
H2 200 xgde.html
adlv.hit.gemius.pl/gdejs/ Frame 971E 0
0 98ms
47ms Document
text/html 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges: none
cache-control: public, max-age=14400
content-encoding: gzip
content-length: 215
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Apr 2024 05:18:23 GMT
etag: "5996D7A50000012F9178E011"
expires: Sat, 13 Apr 2024 09:18:23 GMT
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
239 B 147ms
19ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
server: cloudflare
age: 0
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray: 8738fec2faa42c5f-FRA
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame ECED 78 KB
25 KB 49ms
22ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b179f2f4fff08c6382728ac50f9d4e779fdba7e1ab8dcceb49e6f3bf6caf4ee0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 05:18:23 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 222652
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 10 Apr 2024 15:26:39 GMT
Server: cloudflare
ETag: W/"57726b27a1ce0cfccbd69a41d6451507"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BgBzr4f2QwiQDDBO8%2BnjtfaDmlcipsOVFtuy9o55269CajY6VXhWkmEbXhZjxZBGdE%2Bq0PGxWcl2ZSqfIBL5yPNNtlZNnEqCwlagD3UjbL%2B9tMLd2jEoB3XpyMm%2B7ePxm4HF8iRWto9Eiw4"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8738fec25d5c18fd-FRA

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 141ms
25ms Preflight 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ouo.press
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ouo.press
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sat, 13 Apr 2024 05:18:23 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame ECED 297 B
716 B 138ms
19ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159a1c5a38b86c941b92007474ff01e949ae22f18e8496452888cf10a9507c52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=toxRtTrmLO%2B2IRMfhEd0fImc91JU5c32%2FNIK4bfPYlTYFWOrUsJxglI6zRXfu0rF6q%2BpcvEpm%2B7OyfXerP3IG9s5ISF2SmFbuYZFmw7ja%2BR%2Fm3Tpm0Hp9oeaNlZ3l38EhTgs9IbRNXK8"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8738fec30c4c9f48-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame ECED 3 KB
2 KB 239ms
120ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f8ea837a3f42b8e4ed4c13e2a8f2bd5caba338a71f8028bac58472c62df6d6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.259.0
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9juDR%2BfcsBwIBXrgAa2PjpLBfnR31INFg7NvgouA4YRZ4Q8FcIhkHUwCs8w4pjeXhyiEyYmwJ3ri%2FOnoxEWa6ulhWZbq7hkDF%2F1Duvj2rFDvuDK%2BEFXcOOkmDOTTUxJS%2F3ZtLMbeRBJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8738fec30c4b9f48-FRA
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame ECED 0
187 B 15ms
15ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=29945023404

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Sat, 13 Apr 2024 05:18:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame ECED 2 KB
2 KB 195ms
78ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: fe0c3582b3a8cf6c543d193faf1082018a261dabd7138036efe974a4dd1703f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 05:18:23 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1836
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame ECED 15 B
406 B 149ms
33ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://ouo.press
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame ECED 2 KB
2 KB 129ms
76ms XHR
application/json 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

59866f0719ccee5c5b1cd005461db099547ed70e0778f0aface7ed67fbfec049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://ouo.press
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame ECED 0
172 B 130ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Sat, 13 Apr 2024 05:18:23 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame ECED 0
271 B 130ms
17ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Sat, 13 Apr 2024 05:18:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 cookie
cm.adform.net/ Frame ECED 35 B
484 B 128ms
26ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame ECED 0
241 B 32ms
8ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame B68A 1 KB
2 KB 34ms
27ms Script
text/javascript 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52776760;rtbwp=ognhZMmsayILzo-qpkMBwZiICW2cTlnE0;rtbdata=YNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d82273a51a6c18047067b4463006d9a440f1ecd450af32b20c4b0784fea50035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1121
expires: -1

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B68A 43 B
235 B 67ms
20ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=adform
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 05:18:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B68A 170 B
409 B 226ms
46ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame B68A
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
https://cm.adform.net/pixel?adform_pid=16&adform_pc=2255769871467275086

43 B
162 B

26ms
25ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=16&adform_pc=2255769871467275086
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H2
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
an-x-request-uuid: 1fb5b310-5db1-441c-85de-3e89b5dbe6af
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.adform.net/pixel?adform_pid=16&adform_pc=2255769871467275086
x-proxy-origin: 185.213.155.166; 185.213.155.166; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame B68A
Redirect Chain

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
https://cm.adform.net/pixel?adform_pid=18&adform_pc=5e549cd6-b861-4916-87a4-f25c95644353

43 B
162 B

25ms
25ms

Image
image/gif

37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=18&adform_pc=5e549cd6-b861-4916-87a4-f25c95644353
Requested by: Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol: H2
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

Redirect headers

Location: https://cm.adform.net/pixel?adform_pid=18&adform_pc=5e549cd6-b861-4916-87a4-f25c95644353
Date: Sat, 13 Apr 2024 05:18:23 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame B68A 61 KB
26 KB 99ms
25ms Script
application/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d854204ecb4a25e674c839da7e4cf1cf9919eee0e2ea757204c8507b9951fd2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 07:50:31 GMT
server: nginx
x-amz-request-id: tx000003e62c2f2124f34e3-0065d5ad46-32974d55-default
etag: W/"c76783d3ccb9fea77db45d3144fba1cc"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H/1.1 200
OK fiamp.js Show response
ecdn.firstimpression.io/static/js/ Frame A34D 114 KB
0 8ms
7ms Script
application/javascript 99.86.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-124.fra6.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: 563e77cfdca516b25f6d752bc3316de7932e4f8b111d8338f31b6160df052685

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 04:44:45 GMT
Content-Encoding: gzip
Via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 2017
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 37077
Last-Modified: Wed, 10 Apr 2024 17:45:58 GMT
Server: Apache/2.4.54 (Debian)
ETag: "1c721-615c19c744180-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Accept-Ranges: bytes
X-Amz-Cf-Id: CgYj0n2Dpovf_8wF1zoCFVK9X1-TX7Yn7a15qU_THIdVMpWkxN0MeQ==

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/631/s1.adform.net/ Frame B68A 37 KB
17 KB 105ms
66ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52776760;rtbwp=ognhZMmsayILzo-qpkMBwZiICW2cTlnE0;rtbdata=YNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 66bb5d9eb10b511a59eb3abc4f10f0519b983f27013e4df5c40c1dc4162a9a44

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 06:27:01 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 05 Mar 2024 13:18:58 GMT

GET
H/1.1 200
OK prebidamp.js Show response
ecdn.firstimpression.io/static/js/ Frame A34D 305 KB
0 0ms
0ms Script
application/javascript 99.86.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-124.fra6.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: 7d16e340b05b82e0a1b5beceedb78141c23b527bcaff77915780fac517617eb5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 05:02:51 GMT
Content-Encoding: br
Via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 Apr 2024 17:45:58 GMT
Server: Apache/2.4.54 (Debian)
X-Amz-Cf-Pop: FRA6-C1
Age: 3365
ETag: W/"4c441-615c19c744180"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
X-Amz-Cf-Id: vpNZWvp7xndfQTQKQcQwgTYZ0FY7-Yg0ksCWo18rYH1bCV8oowKqEA==

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame B68A 7 KB
4 KB 29ms
28ms Script
text/javascript 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=52776760;rtbwp=ognhZMmsayILzo-qpkMBwZiICW2cTlnE0;rtbdata=YNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;2180;set=de-DE|de-DE|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fouo.press%2F4CvoJ0t

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4352435ca8c8e11fc0691c1384271b43e4290fb5d44660bcdab95360821f58ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3197
expires: -1

GET
H2 200 favicon.ico
ouo.press/ 0
173 B 23ms
23ms Other
image/x-icon 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/4CvoJ0t
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
server: cloudflare
age: 1562
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8738fec52e808fc8-FRA
content-length: 0
x-xss-protection: 1; mode=block

POST lg.php
cdn.firstimpression.io/delivery/ Frame A34D 0
0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame A34D 53 B
129 B 19ms
19ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 1bad50569cb91d078aea516920f21c406250a39f5d789574cc38ffbc986e6255

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ Frame A34D 11 B
226 B 15ms
15ms XHR
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://ouo.press
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11

POST
H2 204 cdb
bidder.criteo.com/ Frame A34D 0
0 28ms
27ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.46.0-pre&cb=7601995650&lsavail=1

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Sat, 13 Apr 2024 05:18:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame A34D 19 B
578 B 15ms
15ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
an-x-request-uuid: a2adbf0a-6b2f-4cee-8850-e871c5ee7bd8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.166; 185.213.155.166; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame B68A 24 KB
10 KB 129ms
24ms Script
application/javascript 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 10:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 388604
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFMO797%2F3GVQB%2FBFwA13EYCBu0dMM%2FbhEDNw4jExNwhtqPmhenMjwRB3BCAWlN2KujBxrOtmup2NYFn%2FSg55rdym66PNsD8l5wShyAEHNoF49Gn8wVCFRBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8738fec5ef0365cc-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 03 Apr 2024 19:22:56 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame B68A 35 B
587 B 26ms
26ms Ping
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52776760&csi=cMlADkWZzWiC7pfNRj2lRvdFoP_cW0fdLPBQa8oKLK4JDwKV3Zer3EoOdsE76SxaTtKbvtibZdhdNfpiJkIeyGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ouo.press
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.240/e/.gSBgiDQ/i/vCAX-BAAAAACgAA/r:types/ Frame B68A 35 KB
15 KB 34ms
34ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.240/e/.gSBgiDQ/i/vCAX-BAAAAACgAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4cf3db598f3f8963b434ef6dcd24294572cc4fae10240891d267d0e183e08a29

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 06:27:01 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 05 Mar 2024 13:18:58 GMT

GET
H3 200 cookie-frame.html
ad4m.at/ Frame 83C8 0
0 42ms
26ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 1707136
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8738fec63c8f3804-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sat, 13 Apr 2024 05:18:23 GMT
expires: Fri, 01 Mar 2024 10:21:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzRQ7ZT7xQrISLasr0xds58ttGqEYipdcqn8rTuxnhYyW%2FqygUyy1QF%2FUZt0cakI6XVqvJal8cEwtumhXy07Xw7mD1p4uHeaG8chKu4UXgTLUL4Vxv2IecQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 65ms
37ms Preflight
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ouo.press
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://ouo.press
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8738fec69f804d93-FRA
content-length: 24
content-type: text/plain
date: Sat, 13 Apr 2024 05:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ib1Ztk%2F2uwojpdT%2By7NLB57bMHKAN1puN5fU0TG1dNPNau70CGjXNslEs5gG2%2FZ4I%2FbTUfQU2oqCXo1fLX0PIKY7HdXkR1RI118mAl0BLwr4sHonaUpnqU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n817

POST
H3 200 rs Show response
ad4m.at/ Frame B68A 1 KB
1 KB 41ms
41ms XHR
text/plain 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93160838f51933d21eab80f8a9ece74b9e4243688000e1458be25238bc1e2cc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Apr 2024 05:18:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zqz%2BMMV5jFagSvxpVpnrGe7KPUD%2BIun6iSAN242arW45oi11C7DIE9zKhRLufdvrV2RX2HvSV0K%2BcUTKWhfpwpX3XrF%2BY9eprUUtJRHv%2FyoIgrulrkXXqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cf-ray: 8738fec6dfb44d93-FRA
x-backend-server: aa-reachservice-group-europe-west1-d2bc
alt-svc: h3=":443"; ma=86400

GET
H3 200 rar
as.ad4m.at/ad/ Frame 5D0B 0
0 42ms
34ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=27bb2f037f891f0ed0140bcf18c7ce0d%2F14654655028649140369&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1712985503832&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3DognhZMmsayILzo-qpkMBwZiICW2cTlnE0%3Bcrtbdata%3DYNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0%3Bccsid%3D60961%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl9kWY32ZTeuRw6aMNmY10yPYaV26_X9k4ljRVVQct1uWnlaYMmiKZiG0rmtBb5HYB9lTdQK9Mf4tX1V6Wu33am3eBFTPhDKzDYaFdXPWmZwWNy1UHcmhfmT6npVqahMRT_bhcvExESkyW5CEUMS77eYTG7M-Gt3Wg_GYS5Ex1g4pDAlicGO6Dn7oUaAN1pJd0eNrCdUcswRy6a1Bi6FUOW4eWJuNnfKfwi3zzo4GAmewUR5KvF209M1eisRo_nvfbhfDodlrAbFzf1Ky_xeZw7ft6ejc8864itPcE7GXY1qLkArBVVsR5ERlX_tFtHBAgdS7DqF-qmfY4IIVdx_ALDNR7orjMlfzPPTkpPat7l8I0-4MC48y3HM0%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f4CvoJ0t%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8738fec72d553804-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 13 Apr 2024 05:18:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H2 200 /
adx.adform.net/adx/unload/ Frame B68A 35 B
484 B 27ms
26ms Ping
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1712985505089

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame B68A 35 B
587 B 28ms
27ms Ping
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=7nFBBAPMu5zeLWaeNyhcXSLZcCNxxW-raktIxhF7_eDDz1WMNGKcmXXYTih2M3xK8AHlafo7zem9-UA35eneJx8WPvbocKxYrqxKu-G9cL8ghw6px2G3_8mfOt1vJpxalnWxFCjLr2hoaplhEPIX_loAec0OSlsLwe7q2Iny9FE1&unload=4108453111484137725@@52776760,1993967129176021891,100|1200|0|0|0|0|0|0|0||47|0|||||1|0|0|hPFD6sAiWga48M5tcwHHbUrU9rTvOEMFGKdCp1VMh2dqPrA5ChlQIFWo61R5c2b0A7z_uuw_WOM1|5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0||11|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ouo.press
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame B68A 35 B
587 B 27ms
26ms Ping
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4108453111484137725@@52776760,1993967129176021891,100|1201|0|0|0|0|0|0|0||47|0|||||1|0|0|hPFD6sAiWga48M5tcwHHbUrU9rTvOEMFGKdCp1VMh2dqPrA5ChlQIFWo61R5c2b0A7z_uuw_WOM1|5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0||01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ouo.press
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame ECED 87 KB
28 KB 63ms
28ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Apr 2024 05:18:26 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame F3C1 0
0 44ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Apr 2024 05:18:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 513755
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame ECED 87 KB
0 0ms
0ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 05:18:26 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 14 Apr 2024 05:18:26 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 99C5 0
0 19ms
7ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1712985503233

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3 200 sync-all.html
adxbid.info/ Frame C2FB 0
0 54ms
29ms Document
text/html 172.67.138.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8738fed70e072a5e-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 13 Apr 2024 05:18:26 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=agLZ1CNsZaApJNXuKXxp%2BfT7sSkEhQmjQ0JSaU%2F0VtLB16CwFF8NlfCv2ykvWSOYFfaA51vpbK%2BENDpjS%2F5DRuhxmtB8Irnpfx3oh3Zv6dNq%2B5pHKw%2Fp5NTxMxSy9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 /
track.adform.net/serving/unload/ Frame B68A 35 B
578 B 27ms
27ms Ping
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4108453111484137725@@52776760,1993967129176021891,100|4500|0|0|0|0|0|0|0||176|0|||||1|0|0|hPFD6sAiWga48M5tcwHHbUrU9rTvOEMFGKdCp1VMh2dqPrA5ChlQIFWo61R5c2b0A7z_uuw_WOM1|5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0||01|0|0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 05:18:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ouo.press
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.firstimpression.io
URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=65246%7C65247%7C106436%7C106437&campaignid=15%7C9%7C11%7C44&zoneid=110428%7C110428%7C110428%7C110428

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 20:32:57	Name: userId Value: Wo8Q6ml58HqP0G7Ms4MAFbXtT2i56On9
www.google.com/recaptcha	1970-01-21 00:08:57	Name: _GRECAPTCHA Value: 09AIfKQV8KSeq1ex5lt5dvVPfx6yCfFh4XfHcHrOK4n_-o_XXCE3oN-FsKs3GGNFZ-oO68Ttm1_k-9fum6yyVaiGA
ouo.io/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6IlNBM3Z1Y0VlZEpuT0RIa3R1UE5JWVdNUzdXMCtxNWViV3dOZjBoZGJhaVU9IiwidmFsdWUiOiI5UEw0U2ZcL0lWVFJuNjdiVldwUW03ZzZEdkl0TXJ0d0JsUTRhZ2h1XC9BM2dwVTcwMFUyOXo1bk95SldIK2d2SXdcL2pjdFRUY0N1N0VrenJOVzNtQ1BEQT09IiwibWFjIjoiNjNlMzRlNThhMjdhYTA2MTMxNjUzODkzYmY3MDZkODAzZmVhNTM3ZDEyNWEwZmNjYjlkMTIzOTUxN2U2MGU3NCJ9
ouo.io/	1970-01-21 05:25:45	Name: language Value: eyJpdiI6InlLWlF0UVMxZVFRQ3k3Z2JVR3huYzlvNDFtcGFWZFlcL2xZK2FmUVd5ZEx3PSIsInZhbHVlIjoiNHNlXC91bjBrVlVGYzBiZ0lXTmhTZE9wSHVGdGxBOGIzdDJuV05KbWZwRzQ9IiwibWFjIjoiZDYwYmNjNDEzZDNhZGJjZDMwNWQzY2U3NjFkM2JmZmIwNTgzMDY0Y2JjNTg3MjJmZmIwYmNjZGZlZThkZjdhOSJ9
ouo.io/	1970-01-20 19:49:52	Name: 751b6b2101b33970ce89f1cebb66ff71275b7f77 Value: eyJpdiI6IktrQ2g0dE5teGJqdksxdXBWbjJxVkVQYyttTXBTdSszbkdha0IwS3hIek09IiwidmFsdWUiOiIwNWo0M0VuN2pQK3liZVM5UGJVdDFwXC9VQnBjTmdzbWdsbmxJQm5yQ2grdmhNZmliXC9DRG5DV0tkNkEyXC84SHlnWExRMm5WSTdwRGxoNUt2a0xpUVRcLzhjMm1ra1RFcnVZTnNXS1FtREIrNlB3VXVkQkk5bk1cLzgxVStYMkR1a3BWTFlnU3M4Vk5wUU5DUGR6Tk9HUE9IQ0xXbURQMnVWbW9jVXQzSG9FUURHclM2dndUcWhFNTZCTHBOaFdYS0FVOFdoeVdNZE51bTJtdlJcL2xBWHJ6ZzAxRmdlckFObUZYeFg1OEhTaHJ2ZFwvdTdhTkVQUjFGKzBYNWg1b3BhK3FudXhFMm5NK0xRemYrdUY5N21EVktpWXhWbWEzRUJUUVJValNlczZFcWpYM2hnd3BOWXI2aHh3TWJWZUxqSGU3ZHNYaGNXdzJFcmVsNm9pMnFraElRYkRRPT0iLCJtYWMiOiJiYmE0NzhlYjBhZGEyMDg0NGJjN2YyMTVkMTRmNWQwZjg4ZDg3NDBiOTM2NjkxODcwNDAxZWI5NjY1NzE5ZDdhIn0%3D
.ouo.io/	1970-01-20 19:49:47	Name: __cf_bm Value: QyGVqMMaWWXRzHB8rUlgGrZDJUB7O0bBdFAvU4pqe1Q-1712985501-1.0.1.1-M1uZyo_QXefj8b8zvLKgRbgZkwZv.DsPdAXx.vnH9GcZYG.wO3OpOT0F6EY5OJ_JqROz.nUMulYwqj88KRZrgA
ouo.press/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6InpBWHVpc0FWTUFPUmt6SHVIWlY0ZjNhZVV1K00xYlpkaU9DdlF2aG5zeFE9IiwidmFsdWUiOiJLeVhud1BvN0VkZXNwRWMxM2JOclgrUXpDSWN2MktpNTNRNGg0NzhZaVU2aSt1czI0M3NvWWtwNlhcL29KZHlkeDZqa2xJdjFWT1Y4SDN0VEQ2OUY2XC9BPT0iLCJtYWMiOiI4YzE0YzQ4ZmZhZDQwM2QyMmU3NDI2OWVkZTkzODAyMmUwMmFkMzk5ZGVkYWE5OGRmOWY5YmQ1MmM0MmQxNzRlIn0%3D
ouo.press/	1970-01-21 05:25:45	Name: language Value: eyJpdiI6Ik1udFUwcEZObjc3S1dsNFAzMVI1T2RveVZRZEEzN3hFR2lNVHVqbWpSaFk9IiwidmFsdWUiOiJmR2hMN3JOaDhIUjNrdStFb3kwcmNBSmRuYlNpOXJKTFZTZVdpeW5obUZJPSIsIm1hYyI6IjQ3NWMyM2JiYTc4NDBmMDI4MWY1Nzc0NGFiZDdmNmY2ZjI4ZDJkNzQ4MjY1NjgyMDVjZDJkYjI1MjQyMGZmZGYifQ%3D%3D
ouo.press/	1970-01-20 19:49:52	Name: 37554d08a23af157017d26a8eae3a588be4ec067 Value: eyJpdiI6IkN0Y1lDaFR2ampHUEZHQVpVWVwvbVZIelQzdnY2QnpDbEY2MmhBZWJnTFg4PSIsInZhbHVlIjoieGR6ejU1XC9LNTZQbTQ4V2dSeVRkVkdnbDBUaFNabUp5R0xLVlpkVW9GQmh2NnQxcFp6UWVXOFZvUTJ0VitqUkhLVktEN3BwWWRrb3U1cllOUkNXSkQzUGFQTCtDVE81ajdkcUJhSHVMUWVYcVwvNDFpVzY0XC9RSVA4K0FoVnlRemcybEkzQ3g0SXUyUWMzRnVjMnBCSzBLK3krdmhuVUdXZmFQV0ZZMUV1VjE3VDlVbkJaSWJSQTR0bXBwaDdOamVFNjBJaGZBWWNxSXlJVVRIODNqSVdwOFQ5aUFTY3hwUXdXaWprR2s0Rkx5bVFcL1c4VVF2OFBhVFY2aGZsK21vS0UrdEJtSE9sQTN3YTRia3FmNzNyT2hEQ1BPdWtHZTBkUzRhN3Z0aExBdEJwU1wvQmxnbGVBTVcwK1A5T09CM3k4bHVWeTJmVlNucldhRjZSQnZwUU1cL1FaUXRLU2JBOFFYXC9QQytNRmxlT2k4Sm1qdDRjQVVjM3ZEVlFEaUZLMUMyVyIsIm1hYyI6IjE2ZTg1MTEzZTNhMGQwMTAxMzA5Zjc0ZTdkMTQ1M2M4NWRkMjM3ZTk1NGE2NzczMjk2OTdmNzc0NjFiODQ1YmMifQ%3D%3D
.ouo.press/	1970-01-20 19:49:47	Name: __cf_bm Value: rGo3PXs5u199AXuQrp8gv1XSOiSoj08mSfysDD1yrMg-1712985501-1.0.1.1-SrxU_3l6N1tYnOjFznvp6vlhHN00LoXpSCxO0tD6_bvTN3hfHoMIUWORqYwCHscyHKgKo6alKcqgcMocgH5Skw
cuplikenominee.com/	1970-01-20 19:51:11	Name: GL_UI4 Value: eJw9jd1Og0AUhKH8tVrQSXgAHwFogPbS%2BBBekgN7pGtht1lWiG%2FvxkSv5svkm4znebv8Cf4aHxB8UY2XmtuirqqGBtHSpSVqmC819eX53Jwq0eAgl85SP7ENsV9mMraza4jjyIqNHLpBC07x7Ky%2F5qb0pkJEvSElUkSzM6YUSW%2F0trDJA4SKZkb8djXaZTTTpzYIyurkWCrHfoGdXvIge0DyLpVww%2ByIXVlkWezh8T6R%2FdBm7qSIfUSjIcHwX7EfyPKozTcSwcvN6jugJ9H9%2B7%2B%2FwVYWiAWvcnDn2l7Z%2FABDrk5k
cuplikenominee.com/	1970-01-20 19:51:11	Name: GL_GI10 Value: eJwNy0sKwjAUBdDkgRVBkItdQFZQSEurU%2F%2BdOHIFIUYJ0jS8xIK7t9MDRwhB5RrkIzZ631a1birdtpXuOsg36HwB2YDlzfFgwg%2BSQf1sHLDoXUoO0gJXNuHz%2BnJWZlB34wOkBxqtd416OJ68dUkdjqCQsDqNHEc2ea6xkKA8FgRKz1JATsX2DyEMIZE%3D
cdn.firstimpression.io/	1970-01-21 04:35:21	Name: OAID Value: GDPR
.hit.gemius.pl/	1970-01-21 05:18:33	Name: receive-cookie-deprecation Value: 1
.lv.adocean.pl/	1970-01-21 05:18:33	Name: GAD Value: KlG-7RGGQMQGXzFAGCHR8iXUssGMXP8cfRySssX6xssGvaGpI7EPoHCtL18GGL_DGIsUa1Bpmsas1VmRlD6RmmsSaesiMG..
ouo.press/	1970-01-20 19:49:47	Name: stpdOrigin Value: {"origin":"direct"}
ouo.press/	1970-01-20 20:32:57	Name: _pbjs_userid_consent_data Value: 3524755945110770
.prebid.a-mo.net/	1970-01-21 04:35:21	Name: __amc Value: 1_1712985503_1712985503
.adform.net/	1970-01-20 21:16:09	Name: uid Value: 4108453111484137725
.adnxs.com/	1970-01-20 21:59:21	Name: XANDR_PANID Value: MIbGilSXxDuz6jVRkw6ntk1fZEbWQXHcBNTRUxsItin8eQroQNIatk-Iy4xeP3r8XhGZBFW1TnAhNmGluTNdQwrEiBrNBAVexomW4Ux2Hio.
.adnxs.com/	1970-01-21 05:25:45	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:59:21	Name: uuid2 Value: 2255769871467275086
.adform.net/	1970-01-20 20:32:57	Name: C Value: 1
.adform.net/	1970-01-20 21:16:09	Name: receive-cookie-deprecation Value: 1
.adsby.bidtheatre.com/	1970-01-20 19:59:50	Name: __kuid Value: 5e549cd6-b861-4916-87a4-f25c95644353.482199503
.adform.net/	1970-01-20 19:59:50	Name: TPC Value: 1712985503530
.hit.gemius.pl/	1970-01-21 05:18:33	Name: Gdyn Value: KlGkRMaGQMQGtyA97-nR8iXUssGM-1goL6nxGsRP5x7tGKGGqPevLGyGEiG2GQsxqSy8kAjGsG..
.hit.gemius.pl/	1970-01-21 05:18:33	Name: Gdynp Value: .KqFhrINGaEXd4Hr7HNV1xE46S7rxHuesldKQVMHAC3.s7
.onaudience.com/	1970-01-21 04:35:21	Name: cookie Value: cbd27d4e1e48319b
.onaudience.com/	1970-01-20 19:51:11	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-21 04:35:21	Name: zc Value: fe7fd715-eabe-4f37-50f0-591ce7902c27
.zeotap.com/	1970-01-20 19:51:11	Name: zsc Value: %1C%02%0E%0F%5E%B2%7C%93%E3%A0%ED%93%B2d%E8M%E1%C1%8D%85%0A%09%BD%E9%7D%E47%E5%04%1A6gQ_%EA%3CQ%BAI2%B4O%26%F3%7B8w%90%80%BDI%DC%E0%5E3%EA%98%22%EA%3CHC%D9%1B5%C9%C3%9A%7F%CA%C3%EEgh%C1%9E%D59CF~%8B%E9
.hit.gemius.pl/	1970-01-20 19:59:50	Name: grtb_hc_data_redir_xnjrkiktyj Value: 1
.o2online.de/	1970-01-20 19:59:50	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTA2MDAwMDAwMDA2MTcxMjk4NTUwNHZsZWExZGUyMDI0MDQxMzA3MTgyNDk0NDk4NTg0ODAzWDExNzY5M1YxMjI2MTMyNzAyTVNvbmVpZDEzMWhiZktmaldydDlIR3RCdUF0MjJyaDJTS1RtbVNqWDNvbmVpZF9fYWRmUHJvc19NYXhWaWV3MTE3Njkz
.o2online.de/	1970-01-20 19:59:50	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 19:59:50	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117693_-HTLP&utm_term=AFF_la_117693_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2024041307182494498584803X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&wfid=117693&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTA2MDAwMDAwMDA2MTcxMjk4NTUwNHZsZWExZGUyMDI0MDQxMzA3MTgyNDk0NDk4NTg0ODAzWDExNzY5M1YxMjI2MTMyNzAyT
.criteo.com/	1970-01-21 05:11:21	Name: uid Value: f354cb95-054d-4b32-ae71-711f02943d91
.criteo.com/	1970-01-21 05:11:21	Name: receive-cookie-deprecation Value: 1
.ouo.press/	1970-01-21 05:11:21	Name: cto_bundle Value: t3ql6l9pVTE4VDgycXlmVzV3OGY3U1JqUUF5M243dzB2Q2pSdkc3SGMzOUFYaElkcUdobDlEZzk2ZFhNR09DamUzaWxsamlVZzE3TWl2OFZvNCUyQlNJUXhFa2gxaFNRQ1Exb241VlBhWVE3aVcwN2RObHFoSGF4QmM0RmsyT3poU2R3S01BYzR6bXBRYXVNakVoJTJCM2dHZiUyQjNrS0ElM0QlM0Q

142 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://attentionantecedentsuperb.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/4CvoJ0t Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://ouo.press/4CvoJ0t Message: The resource https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ouo.press/4CvoJ0t Message: The resource https://ecdn.firstimpression.io/static/js/prebidamp.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ouo.press/4CvoJ0t Message: The resource https://c.amazon-adsystem.com/aax2/apstag.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
adlv.hit.gemius.pl
adx.adform.net
adxbid.info
as.ad4m.at
attentionantecedentsuperb.com
bidder.criteo.com
c.amazon-adsystem.com
cadmus.script.ac
cdn.firstimpression.io
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
cuplikenominee.com
ecdn.analysis.fi
ecdn.firstimpression.io
eu.can-get-some.in
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hhklc.com
ib.adnxs.com
id5-sync.com
lv.adocean.pl
match.adsby.bidtheatre.com
node.setupad.com
onetag-sys.com
ouo.io
ouo.press
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
rtb.adxpremium.services
rtb.openx.net
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
static.criteo.net
stpd.cloud
targeting.unrulymedia.com
track.adform.net
widgets.outbrain.com
www.google.com
www.gstatic.com
x.bidswitch.net
cdn.firstimpression.io
104.16.85.20
104.26.8.178
108.138.6.136
13.224.189.112
145.40.97.66
159.89.25.223
162.19.138.118
172.217.16.198
172.67.138.13
172.67.223.102
172.67.74.129
178.250.1.8
178.63.248.53
18.244.15.236
18.245.31.9
184.30.17.67
185.106.140.18
185.184.8.90
185.89.210.90
188.166.17.21
192.243.61.225
216.58.206.34
216.58.206.36
23.109.170.68
23.56.202.187
2606:4700:10::6816:3afb
2606:4700:10::ac43:697
2606:4700:20::ac43:4bf1
2606:4700::6812:1691
2606:4700::6812:1f31
2a00:1450:4001:802::2003
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2003
2a02:2638:3::3
2a02:2638:3::c
35.186.253.211
35.214.149.91
37.157.3.20
37.157.3.26
37.157.5.73
46.228.174.115
51.89.9.253
54.38.133.12
54.38.133.13
95.101.149.233
99.86.4.102
99.86.4.124
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
159a1c5a38b86c941b92007474ff01e949ae22f18e8496452888cf10a9507c52
1b1b92759bc7b9aedbe79bf24df4af0db7f253ab5cbae33012a109a36cfc54a3
1bad50569cb91d078aea516920f21c406250a39f5d789574cc38ffbc986e6255
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2cc98b30a708cc89569eae2d6dbb5f6ed0fafd4179d3ca8bff3092fd8a0c8006
31efbc030a3594143942eb92abf8194102b4f793ed6d2a9a3fed31f45b6cabd8
37313745479df92aabc071644fd1bed44564c09e50a0a0c945e493c7d92a8cd2
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
4352435ca8c8e11fc0691c1384271b43e4290fb5d44660bcdab95360821f58ff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cf3db598f3f8963b434ef6dcd24294572cc4fae10240891d267d0e183e08a29
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563e77cfdca516b25f6d752bc3316de7932e4f8b111d8338f31b6160df052685
59866f0719ccee5c5b1cd005461db099547ed70e0778f0aface7ed67fbfec049
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66bb5d9eb10b511a59eb3abc4f10f0519b983f27013e4df5c40c1dc4162a9a44
68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7d16e340b05b82e0a1b5beceedb78141c23b527bcaff77915780fac517617eb5
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8d854204ecb4a25e674c839da7e4cf1cf9919eee0e2ea757204c8507b9951fd2
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
950c3b06ffb164f7b6ed87d3fca44d726b1f595bf2ded347b9248dd390f390e2
97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215
98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d
9b8384c14afa13361b3e05b68b888fd73f29a305520a293a7852ceced54d3c9a
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
a93160838f51933d21eab80f8a9ece74b9e4243688000e1458be25238bc1e2cc
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b179f2f4fff08c6382728ac50f9d4e779fdba7e1ab8dcceb49e6f3bf6caf4ee0
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
c4bfd2960ad230225ea1714c2618ba9ec87faabd338f4d029874b63530cda1f8
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
d2955f1dd2acef625bf6655a588fa3584a4c3a7e2f74830ad2d9a1e5a9acbee8
d82273a51a6c18047067b4463006d9a440f1ecd450af32b20c4b0784fea50035
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f8ea837a3f42b8e4ed4c13e2a8f2bd5caba338a71f8028bac58472c62df6d6
ec4a74682b74e577b647c390bc60fe3a7fa41efb622f58a8741112e5bfa3d4f5
f2d1ba881f649315bbc529a5e5abd6ad834ec6e9579d50e9e919086017e26e60
f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
fe0c3582b3a8cf6c543d193faf1082018a261dabd7138036efe974a4dd1703f8
ff4db4bac474698c5d55f46092b8d727ad156a6a0fe52cbc8326a4003859f1a6

ouo.press Open in urlscan Pro 2606:4700:10::6816:3afb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

96 %HTTPS

21 %IPv6

38 Domains

49 Subdomains

45 IPs

7 Countries

921 kBTransfer

3913 kBSize

39 Cookies

0 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

96 %
HTTPS

21 %
IPv6

38
Domains

49
Subdomains

45
IPs

7
Countries

921 kB
Transfer

3913 kB
Size

39
Cookies

91 HTTP transactions
1 data transactions