Submitted URL: https://ouo.io/4CvoJ0t
Effective URL: https://ouo.press/4CvoJ0t
Submission: On April 13 via manual from RU — Scanned from DE

Summary

This website contacted 45 IPs in 7 countries across 38 domains to perform 91 HTTP transactions. The main IP is 2606:4700:10::6816:3afb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 286450.
TLS certificate: Issued by E1 on April 12th 2024. Valid for: 3 months.
This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.109.170.68 7979 (SERVERS-COM)
2 216.58.206.36 15169 (GOOGLE)
1 172.67.223.102 13335 (CLOUDFLAR...)
1 192.243.61.225 39572 (ADVANCEDH...)
2 4 54.38.133.13 16276 (OVH)
1 13.224.189.112 16509 (AMAZON-02)
6 99.86.4.124 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.198 15169 (GOOGLE)
1 184.30.17.67 16625 (AKAMAI-AS)
1 178.63.248.53 24940 (HETZNER-AS)
2 99.86.4.102 16509 (AMAZON-02)
2 5 54.38.133.12 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.16.85.20 13335 (CLOUDFLAR...)
4 108.138.6.136 16509 (AMAZON-02)
3 46.228.174.115 56396 (AMOBEE)
3 178.250.1.8 44788 (ASN-CRITE...)
2 4 185.89.210.90 29990 (ASN-APPNEX)
2 35.186.253.211 15169 (GOOGLE)
1 18.245.31.9 16509 (AMAZON-02)
1 18.244.15.236 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 162.19.138.118 16276 (OVH)
1 1 23.56.202.187 16625 (AKAMAI-AS)
1 95.101.149.233 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 37.157.3.26 198622 (ADFORM)
2 104.26.8.178 13335 (CLOUDFLAR...)
1 185.106.140.18 7979 (SERVERS-COM)
2 51.89.9.253 16276 (OVH)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 145.40.97.66 54825 (PACKET)
3 37.157.3.20 198622 (ADFORM)
1 159.89.25.223 14061 (DIGITALOC...)
1 35.214.149.91 15169 (GOOGLE)
1 216.58.206.34 15169 (GOOGLE)
1 1 188.166.17.21 14061 (DIGITALOC...)
3 37.157.5.73 198622 (ADFORM)
5 172.67.74.129 13335 (CLOUDFLAR...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 172.67.138.13 13335 (CLOUDFLAR...)
91 45
Apex Domain
Subdomains
Transfer
15 adform.net
adx.adform.net — Cisco Umbrella Rank: 5521
cm.adform.net — Cisco Umbrella Rank: 1223
track.adform.net — Cisco Umbrella Rank: 5725
s1.adform.net — Cisco Umbrella Rank: 10900
69 KB
8 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 31944
cdn.firstimpression.io — Cisco Umbrella Rank: 30262
227 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 663
gum.criteo.com — Cisco Umbrella Rank: 465
743 B
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 311
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 636
aax.amazon-adsystem.com — Cisco Umbrella Rank: 417
79 KB
6 ouo.press
ouo.press — Cisco Umbrella Rank: 286450
32 KB
5 ad4m.at
ad4m.at — Cisco Umbrella Rank: 14752
as.ad4m.at — Cisco Umbrella Rank: 38223
11 KB
5 gemius.pl
adlv.hit.gemius.pl — Cisco Umbrella Rank: 297412
22 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 263
3 KB
4 adocean.pl
lv.adocean.pl — Cisco Umbrella Rank: 268915
22 KB
3 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 874
453 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 687
28 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 713
406 B
2 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 46788
2 KB
2 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1059
eus.rubiconproject.com — Cisco Umbrella Rank: 614
136 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2057
27 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 644
373 B
2 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 156
cm.g.doubleclick.net — Cisco Umbrella Rank: 265
539 B
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
221 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
883 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 18262
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2735
477 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 383
235 B
1 setupad.com
node.setupad.com — Cisco Umbrella Rank: 57375
241 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 758
271 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7736
172 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 18371
2 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1533
239 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 511
441 B
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 46758
138 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 315
10 KB
1 can-get-some.in
eu.can-get-some.in — Cisco Umbrella Rank: 237883
19 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2164
1 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 33814
2 KB
1 attentionantecedentsuperb.com
attentionantecedentsuperb.com — Cisco Umbrella Rank: 312859
1 hhklc.com
hhklc.com — Cisco Umbrella Rank: 367061
3 KB
1 cuplikenominee.com
cuplikenominee.com — Cisco Umbrella Rank: 317384
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
855 B
1 ouo.io
ouo.io — Cisco Umbrella Rank: 96458
2 KB
91 38
Domain Requested by
6 track.adform.net stpd.cloud
s1.adform.net
6 ecdn.firstimpression.io ouo.press
ecdn.firstimpression.io
6 ouo.press ouo.press
5 adlv.hit.gemius.pl 2 redirects lv.adocean.pl
ouo.press
adlv.hit.gemius.pl
4 ad4m.at s1.adform.net
ad4m.at
4 ib.adnxs.com 2 redirects ecdn.firstimpression.io
4 c.amazon-adsystem.com ecdn.firstimpression.io
c.amazon-adsystem.com
4 lv.adocean.pl 2 redirects ouo.press
3 s1.adform.net stpd.cloud
track.adform.net
s1.adform.net
3 cm.adform.net ouo.press
3 adx.adform.net stpd.cloud
s1.adform.net
3 gum.criteo.com stpd.cloud
static.criteo.net
3 bidder.criteo.com ecdn.firstimpression.io
stpd.cloud
3 targeting.unrulymedia.com ecdn.firstimpression.io
2 static.criteo.net stpd.cloud
static.criteo.net
2 onetag-sys.com stpd.cloud
2 prebid-stag.setupad.net stpd.cloud
2 script.4dex.io stpd.cloud
script.4dex.io
2 rtb.openx.net ecdn.firstimpression.io
2 cdn.firstimpression.io ecdn.firstimpression.io
2 www.google.com ouo.press
www.gstatic.com
1 adxbid.info stpd.cloud
1 as.ad4m.at ad4m.at
1 match.adsby.bidtheatre.com 1 redirects
1 cm.g.doubleclick.net stpd.cloud
1 x.bidswitch.net stpd.cloud
1 node.setupad.com ouo.press
1 prebid.a-mo.net stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 rtb.adxpremium.services stpd.cloud
1 cadmus.script.ac script.4dex.io
1 eus.rubiconproject.com ouo.press
1 secure-assets.rubiconproject.com 1 redirects
1 id5-sync.com stpd.cloud
1 stpd.cloud ouo.press
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.jsdelivr.net ecdn.firstimpression.io
1 fonts.gstatic.com fonts.googleapis.com
1 eu.can-get-some.in hhklc.com
1 widgets.outbrain.com ouo.press
1 ad.doubleclick.net ouo.press
1 www.gstatic.com www.google.com
1 ecdn.analysis.fi ouo.press
1 attentionantecedentsuperb.com ouo.press
1 hhklc.com ouo.press
1 cuplikenominee.com ouo.press
1 fonts.googleapis.com ouo.press
1 ouo.io 1 redirects
91 49

This site contains no links.

Subject Issuer Validity Valid
ouo.press
E1
2024-04-12 -
2024-07-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
cuplikenominee.com
R3
2024-02-22 -
2024-05-22
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
hhklc.com
E1
2024-03-02 -
2024-05-31
3 months crt.sh
attentionantecedentsuperb.com
R3
2024-03-28 -
2024-06-26
3 months crt.sh
*.adocean.pl
Sectigo ECC Domain Validation Secure Server CA
2024-01-29 -
2025-02-06
a year crt.sh
analysis.fi
Amazon RSA 2048 M01
2023-10-04 -
2024-10-31
a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA
2023-11-28 -
2024-12-05
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-14 -
2024-12-14
a year crt.sh
eu.can-get-some.in
R3
2024-02-25 -
2024-05-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-10 -
2024-05-10
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-08 -
2024-05-07
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2023-09-14 -
2024-09-25
a year crt.sh
stpd.cloud
E1
2024-03-09 -
2024-06-07
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2023-10-23 -
2024-10-22
a year crt.sh
*.id5-sync.com
R3
2024-03-01 -
2024-05-30
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-03-07 -
2025-04-03
a year crt.sh
script.ac
E1
2024-02-26 -
2024-05-26
3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
setupad.net
E1
2024-03-10 -
2024-06-08
3 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-08-05
a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2024-04-05 -
2025-04-30
a year crt.sh
*.a-mo.net
R3
2024-03-06 -
2024-06-04
3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-25 -
2024-06-18
a year crt.sh
node.setupad.com
R3
2024-02-22 -
2024-05-22
3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-14 -
2024-06-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
ad4m.at
GTS CA 1P5
2024-04-06 -
2024-07-05
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-17 -
2024-05-17
3 months crt.sh
adxbid.info
E1
2024-04-01 -
2024-06-30
3 months crt.sh

This page contains 13 frames:

Primary Page: https://ouo.press/4CvoJ0t
Frame ID: 280FA0214E394E03BD72B32E881115EF
Requests: 28 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 5D6EF387DD000488E2BCA22F818325A0
Requests: 12 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: ECED1F6E3D99F37185457BFC213ACB83
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=a5tkj479a6e2
Frame ID: EA0E988B22333A676D95C946E8BA59BD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 86F5B6F560381FE1529D3FF08D7AA992
Requests: 1 HTTP requests in this frame

Frame: https://adlv.hit.gemius.pl/gdejs/xgde.html
Frame ID: 971ED6C41016C1A4986D4E6AC167D517
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52776760;rtbwp=ognhZMmsayILzo-qpkMBwZiICW2cTlnE0;rtbdata=YNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: B68A5E05F7C5F0F54E3B2F861AF2BF36
Requests: 16 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: A34DAFDBA8E0CD98DA3AC375E0E9BDA2
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 83C8FA05E0D62538645F4A6ED931BE75
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=27bb2f037f891f0ed0140bcf18c7ce0d%2F14654655028649140369&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1712985503832&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3DognhZMmsayILzo-qpkMBwZiICW2cTlnE0%3Bcrtbdata%3DYNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0%3Bccsid%3D60961%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl9kWY32ZTeuRw6aMNmY10yPYaV26_X9k4ljRVVQct1uWnlaYMmiKZiG0rmtBb5HYB9lTdQK9Mf4tX1V6Wu33am3eBFTPhDKzDYaFdXPWmZwWNy1UHcmhfmT6npVqahMRT_bhcvExESkyW5CEUMS77eYTG7M-Gt3Wg_GYS5Ex1g4pDAlicGO6Dn7oUaAN1pJd0eNrCdUcswRy6a1Bi6FUOW4eWJuNnfKfwi3zzo4GAmewUR5KvF209M1eisRo_nvfbhfDodlrAbFzf1Ky_xeZw7ft6ejc8864itPcE7GXY1qLkArBVVsR5ERlX_tFtHBAgdS7DqF-qmfY4IIVdx_ALDNR7orjMlfzPPTkpPat7l8I0-4MC48y3HM0%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f4CvoJ0t%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 5D0B0FE17F5E6869E33B201189CB1927
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: F3C1A78A27E0F9665E65BF2D9CED5BA8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1712985503233
Frame ID: 99C5ADE34E33E29D74A4D40467190C53
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C2FB2D113A249AFD055B9661E3065553
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

  1. https://ouo.io/4CvoJ0t HTTP 302
    https://ouo.press/4CvoJ0t Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 80%
Detected patterns
  • adocean\.pl

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 80%
Detected patterns
  • hit\.gemius\.pl

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

91
Requests

96 %
HTTPS

21 %
IPv6

38
Domains

49
Subdomains

45
IPs

7
Countries

921 kB
Transfer

3913 kB
Size

39
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ouo.io/4CvoJ0t HTTP 302
    https://ouo.press/4CvoJ0t Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200 HTTP 301
  • https://lv.adocean.pl/__/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200 HTTP 301
  • https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712985502%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7%2Fx%3D1600%2Fy%3D1200 HTTP 301
  • https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712985502%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7%2Fx%3D1600%2Fy%3D1200 HTTP 301
  • https://lv.adocean.pl/___/_1712985502/ad.js?hclsdata=&hcudata=sB_6HSM4ZL2AC84dkDOL4SGm1w2tGGohiIsXN0SY6XH.E7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
Request Chain 44
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 62
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=2255769871467275086
Request Chain 63
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=5e549cd6-b861-4916-87a4-f25c95644353

91 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 4CvoJ0t
ouo.press/
Redirect Chain
  • https://ouo.io/4CvoJ0t
  • https://ouo.press/4CvoJ0t
9 KB
5 KB
Document
General
Full URL
https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
950c3b06ffb164f7b6ed87d3fca44d726b1f595bf2ded347b9248dd390f390e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8738feba2a018fc8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 13 Apr 2024 05:18:21 GMT
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8738feb8a9cc6977-FRA
content-type
text/html; charset=UTF-8
date
Sat, 13 Apr 2024 05:18:21 GMT
location
https://ouo.press/4CvoJ0t
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
1 KB
855 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Apr 2024 04:20:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Apr 2024 05:18:22 GMT
bootstrap.css
ouo.press/css/
107 KB
19 KB
Stylesheet
General
Full URL
https://ouo.press/css/bootstrap.css
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/4CvoJ0t
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
33640
cf-polished
origSize=109522
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 14 Feb 2015 06:58:04 GMT
server
cloudflare
etag
W/"54def1fc-1abd2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
8738febb5a898fc8-FRA
expires
Sat, 13 Apr 2024 07:57:42 GMT
link-safe.css
ouo.press/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://ouo.press/css/link-safe.css
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/4CvoJ0t
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
21001
cf-polished
status=cannot_optimize
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Wed, 02 Oct 2019 21:46:54 GMT
server
cloudflare
etag
W/"5d951ace-1830"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
8738febb5a8b8fc8-FRA
expires
Sat, 13 Apr 2024 11:28:21 GMT
48786
cuplikenominee.com/1clkn/
6 B
1 KB
Script
General
Full URL
https://cuplikenominee.com/1clkn/48786
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.68 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 05:18:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=20
api.js
www.google.com/recaptcha/
1 KB
883 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f4.1e100.net
Software
GSE /
Resource Hash
d2955f1dd2acef625bf6655a588fa3584a4c3a7e2f74830ad2d9a1e5a9acbee8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 13 Apr 2024 05:18:22 GMT
c.js
hhklc.com/
12 KB
3 KB
Script
General
Full URL
https://hhklc.com/c.js
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec4a74682b74e577b647c390bc60fe3a7fa41efb622f58a8741112e5bfa3d4f5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Aug 2023 09:28:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1367
etag
W/"64d5ff4f-3165"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ieq%2Bsfwk2NMFFgTcsB19ili%2Brrr7MYBgCNSWYP%2FuldHc3MgADcY4dv8FM18fD%2FLnBU7SUUbZrwEZVKpKmQCxnfvyJo%2F%2BPzPsSR6h35yBaPWbgXtz7w5%2BkLqqsQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
8738febc69e29b8f-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Apr 2024 05:40:35 GMT
ed36014633829dc70a42dccaefdf3f11.js
attentionantecedentsuperb.com/ed/36/01/
0
0
Script
General
Full URL
https://attentionantecedentsuperb.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 05:18:22 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
aomini.js
lv.adocean.pl/files/js/
8 KB
4 KB
Script
General
Full URL
https://lv.adocean.pl/files/js/aomini.js
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-54-38-133.eu
Software
GAD /
Resource Hash
97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 13:26:09 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
"00001FCFAF20B624"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
public, must-revalidate, max-age=14400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
3211
expires
Sat, 13 Apr 2024 09:18:22 GMT
world.png
ouo.press/images/
5 KB
6 KB
Image
General
Full URL
https://ouo.press/images/world.png
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4db4bac474698c5d55f46092b8d727ad156a6a0fe52cbc8326a4003859f1a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/4CvoJ0t
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1576461
cf-polished
origSize=5692
content-length
5590
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 May 2015 05:02:52 GMT
server
cloudflare
etag
"5549a07c-163c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8738febb5a8c8fc8-FRA
expires
Wed, 24 Apr 2024 23:24:00 GMT
email-decode.min.js
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
829 B
Script
General
Full URL
https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/4CvoJ0t
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 17:26:04 GMT
server
cloudflare
etag
W/"6610342c-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8738febb5a8d8fc8-FRA
expires
Mon, 15 Apr 2024 05:18:21 GMT
fab.js
ecdn.analysis.fi/static/js/
4 KB
2 KB
Script
General
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-112.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:02:48 GMT
content-encoding
br
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 17:46:30 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
FRA2-C1
age
934
etag
W/"1090-615c19e5c8980"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
x-amz-cf-id
OttVyYfamcbqJ9dfwXV_r9jdifGDoKRsn3NFatDeoEqvXxk_XKtkOQ==
fi_client.js
ecdn.firstimpression.io/
353 KB
93 KB
Script
General
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
1b1b92759bc7b9aedbe79bf24df4af0db7f253ab5cbae33012a109a36cfc54a3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 04:32:09 GMT
Content-Encoding
br
Via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2773
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Sat,13 Apr 2024 04:32:09 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"8f7d0370a098aafd2dfe5aae18fa1b51"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
Mnuyt_S9iO2GolkWlKwT-QS2mD9t1twVaiu0vXwCGwpyYLI-WOo5ww==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/
501 KB
201 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 12:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205471
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Apr 2025 12:35:35 GMT
favicon.ico
ad.doubleclick.net/
1 KB
130 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 17:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Apr 2024 17:31:55 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/
990 B
1 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 13 May 2024 05:18:22 GMT
date
Sat, 13 Apr 2024 05:18:22 GMT
last-modified
Sun, 25 Feb 2024 08:33:18 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
908325
eu.can-get-some.in/p/
57 KB
19 KB
Script
General
Full URL
https://eu.can-get-some.in/p/908325?c=zc_908325
Requested by
Host: hhklc.com
URL: https://hhklc.com/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
psh6.1push.io
Software
Angie /
Resource Hash
37313745479df92aabc071644fd1bed44564c09e50a0a0c945e493c7d92a8cd2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
gzip
server
Angie
content-length
19048
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
spc_fi.php
cdn.firstimpression.io/delivery/
28 KB
7 KB
XHR
General
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2F4CvoJ0t&charset=UTF-8&ch=7&ref=ouo.press&viewerId=null&referer=&_firid=98096435
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
c4bfd2960ad230225ea1714c2618ba9ec87faabd338f4d029874b63530cda1f8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 05:18:22 GMT
Content-Encoding
gzip
Via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
5944
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
JAQhCqmEem3Yvo0-W9WsKLeEYunSsZGqksncuHZ-ZYYPIlbtrsFgQA==
Expires
0
ad.js
lv.adocean.pl/___/_1712985502/
Redirect Chain
  • https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
  • https://lv.adocean.pl/__/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
  • https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712985502%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7%2F...
  • https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712985502%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7...
  • https://lv.adocean.pl/___/_1712985502/ad.js?hclsdata=&hcudata=sB_6HSM4ZL2AC84dkDOL4SGm1w2tGGohiIsXN0SY6XH.E7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
58 KB
18 KB
Script
General
Full URL
https://lv.adocean.pl/___/_1712985502/ad.js?hclsdata=&hcudata=sB_6HSM4ZL2AC84dkDOL4SGm1w2tGGohiIsXN0SY6XH.E7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Server
54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-54-38-133.eu
Software
GAD /
Resource Hash
f2d1ba881f649315bbc529a5e5abd6ad834ec6e9579d50e9e919086017e26e60

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
gzip
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
17759
expires
Fri, 12 Apr 2024 05:18:22 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:22 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://lv.adocean.pl/___/_1712985502/ad.js?hclsdata=&hcudata=sB_6HSM4ZL2AC84dkDOL4SGm1w2tGGohiIsXN0SY6XH.E7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 12 Apr 2024 05:18:22 GMT
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 05:46:40 GMT
x-content-type-options
nosniff
age
257502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19292
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:12:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Apr 2025 05:46:40 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/
305 KB
91 KB
Script
General
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
7d16e340b05b82e0a1b5beceedb78141c23b527bcaff77915780fac517617eb5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 05:02:51 GMT
Content-Encoding
br
Via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
3365
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 10 Apr 2024 17:45:58 GMT
Server
Apache/2.4.54 (Debian)
ETag
W/"4c441-615c19c744180"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
X-Amz-Cf-Id
vpNZWvp7xndfQTQKQcQwgTYZ0FY7-Yg0ksCWo18rYH1bCV8oowKqEA==
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2881
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220028-FRA, cache-lga21983-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljALMHaeCDKKCqwO3hiF9l7vFOD2tm2slsRT29awBLFF4Gmz4jN%2BG9a3V5oP2Z6Y8duInlAKJmaKlFdpaaIWxZvGjUR5F27Y7ssCnD8H4ODdUURNF58rG8K%2BJuuL8E4njzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8738febdd95c37c6-FRA
apstag.js
c.amazon-adsystem.com/aax2/
298 KB
74 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 04:22:06 GMT
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2024 17:06:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3377
etag
W/"4f9091ca1740c69dd8d2e945b57ade3e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
SpwGgPHvK3LDiaXurRaZwuVHdNavrIv7UsaRfIvtXI1KdqwVTP3Q2A==
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 5D6E
114 KB
37 KB
Script
General
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
563e77cfdca516b25f6d752bc3316de7932e4f8b111d8338f31b6160df052685

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 04:44:45 GMT
Content-Encoding
gzip
Via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2017
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
37077
Last-Modified
Wed, 10 Apr 2024 17:45:58 GMT
Server
Apache/2.4.54 (Debian)
ETag
"1c721-615c19c744180-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
CgYj0n2Dpovf_8wF1zoCFVK9X1-TX7Yn7a15qU_THIdVMpWkxN0MeQ==
truncated
/
592 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 5D6E
305 KB
0
Script
General
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
7d16e340b05b82e0a1b5beceedb78141c23b527bcaff77915780fac517617eb5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 05:02:51 GMT
Content-Encoding
br
Via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
Last-Modified
Wed, 10 Apr 2024 17:45:58 GMT
Server
Apache/2.4.54 (Debian)
X-Amz-Cf-Pop
FRA6-C1
Age
3365
ETag
W/"4c441-615c19c744180"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
X-Amz-Cf-Id
vpNZWvp7xndfQTQKQcQwgTYZ0FY7-Yg0ksCWo18rYH1bCV8oowKqEA==
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ouo.press
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ouo.press
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sat, 13 Apr 2024 05:18:22 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame 5D6E
1 B
626 B
Ping
General
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=65638%7C65639%7C83411%7C93863%7C106433&campaignid=15%7C9%7C44%7C43%7C11&zoneid=110459%7C110459%7C110459%7C110459%7C110459
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 13 Apr 2024 05:18:22 GMT
Content-Encoding
gzip
Via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-cache, no-store, must-revalidate
X-Amz-Cf-Id
SZ_oQWpVkr4VqnlsogFsNv6Ilfx1hXvvnGFqqjW5R4MFQ0aJ_znsUA==
Expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 5D6E
11 B
227 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:22 GMT
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://ouo.press
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
cdb
bidder.criteo.com/ Frame 5D6E
0
188 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.46.0-pre&cb=92390612098&lsavail=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sat, 13 Apr 2024 05:18:21 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 5D6E
19 B
579 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:22 GMT
an-x-request-uuid
a6100dd1-4f72-4d5e-b185-50299edad84c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.166; 185.213.155.166; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ Frame 5D6E
53 B
244 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2cc98b30a708cc89569eae2d6dbb5f6ed0fafd4179d3ca8bff3092fd8a0c8006

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5D6E
298 KB
0
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 04:22:06 GMT
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2024 17:06:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3377
etag
W/"4f9091ca1740c69dd8d2e945b57ade3e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
SpwGgPHvK3LDiaXurRaZwuVHdNavrIv7UsaRfIvtXI1KdqwVTP3Q2A==
4cd01fd0-0780-4b33-a4da-c39467660185
config.aps.amazon-adsystem.com/configs/ Frame 5D6E
563 B
830 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-9.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
31efbc030a3594143942eb92abf8194102b4f793ed6d2a9a3fed31f45b6cabd8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:00:54 GMT
via
1.1 af3799c72ed879abb7633a4c3e57502e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
age
1048
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
O8GIeb3QRPWvL-d919r7jyJhIhOzH05TDN40hdolAXM7oGxXTvGSiw==
config
c.amazon-adsystem.com/cdn/prod/ Frame 5D6E
0
305 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:05:48 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
753
x-cache
Hit from cloudfront
access-control-allow-origin
https://ouo.press
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
2tfvjNk1XGdwprIlkQCrXTH5YVjVi0fXT-vd0e66t6C-RG5NpolYwg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 5D6E
23 B
0
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F4CvoJ0t&pid=NMyiOB4c6t70X&cb=0&ws=728x90&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-15-236.fra56.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
via
1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Ny0o_sU7LLOLiXrkVT28cAyyUXanWt787Cn9FsPVQfUUTUMq7laTvw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5D6E
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 00:54:30 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
15833
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
4SWy2gU7RaOvun1SJzPByqIhmVqE9K2QgKGxfR7spE1CzDmQT7cItA==
xgde.js
adlv.hit.gemius.pl/gdejs/
57 KB
20 KB
Script
General
Full URL
https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/_1712985502267/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=1600/y=1200
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 10:41:22 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
"66190FD20000E4B16AE93791"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
public, max-age=14400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
20487
expires
Sat, 13 Apr 2024 09:18:22 GMT
extra=;
adlv.hit.gemius.pl/_1712985502931/redot.js/id=B8Cbu6NpbNcuC50y1IAlgJeCfbuUe_8uTCBghdA2d6..O7/stparam=unjqkqfkog/fastid=avfaazwfeurhrrmqafxzbtsecfle/sarg=661A159E8013F967;/inner=%7Cao_uniq%3Deopmjkf...
2 B
441 B
Ping
General
Full URL
https://adlv.hit.gemius.pl/_1712985502931/redot.js/id=B8Cbu6NpbNcuC50y1IAlgJeCfbuUe_8uTCBghdA2d6..O7/stparam=unjqkqfkog/fastid=avfaazwfeurhrrmqafxzbtsecfle/sarg=661A159E8013F967;/inner=%7Cao_uniq%3Deopmjkfkxinjptlsdedgicfh%7C;/extra=;
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:22 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin
https://ouo.press
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
2
expires
Fri, 12 Apr 2024 05:18:22 GMT
stpd220112.js
stpd.cloud/assets/postbid/ Frame ECED
480 KB
138 KB
Script
General
Full URL
https://stpd.cloud/assets/postbid/stpd220112.js
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4783
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"779c38b2063034c2c2b61db7ee6d9b95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUwvR9WsYvCNROXdp4aT1200A2ZI4bWQKtVVjuojRS8SvoZdYZQ5JmU6d9nw5WbVbuCa0xZYoVlauPjYRhLrmi2WFShKd1ueK5MQnj%2FPOiNBERrJwtmVp8fNJVvC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
8738fec18aeb1cc1-FRA
expires
Sat, 13 Apr 2024 05:38:22 GMT
anchor
www.google.com/recaptcha/api2/ Frame EA0E
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=a5tkj479a6e2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YvUt3Q3JLW_GbbcFL3PYpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YvUt3Q3JLW_GbbcFL3PYpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Apr 2024 05:18:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ouo.press
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 13 Apr 2024 05:18:22 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
242373
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame ECED
4 KB
2 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 05:18:23 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 10 Apr 2024 15:26:39 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
222669
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSIj9TYG3WvxuJ37CQNTKG0dH%2BUIpU1feJWyTwJCRqRuxgik4H0UcaoIKuPFdCmuL7dhiy97fzxsYwVr%2FFBwrFwxz8sR%2BI8IWYboo3xkcxmTTW1D9B%2F7q%2BuAj5ERmxwXhW48H8054CW3mxIG"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8738fec21efb195e-FRA
json
gum.criteo.com/sid/ Frame ECED
2 B
368 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
265659
expires
0
481.json
id5-sync.com/g/v2/ Frame ECED
251 B
441 B
XHR
General
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
9b8384c14afa13361b3e05b68b888fd73f29a305520a293a7852ceced54d3c9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sat, 13 Apr 2024 05:18:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin
content-type
application/json
usync.html
eus.rubiconproject.com/ Frame 86F5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Apr 2024 05:18:23 GMT
ETag
"2052a-10d-6142d69a886c0"
Last-Modified
Thu, 21 Mar 2024 15:32:19 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 13 Apr 2024 05:18:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
xgde.html
adlv.hit.gemius.pl/gdejs/ Frame 971E
0
0
Document
General
Full URL
https://adlv.hit.gemius.pl/gdejs/xgde.html
Requested by
Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges
none
cache-control
public, max-age=14400
content-encoding
gzip
content-length
215
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Apr 2024 05:18:23 GMT
etag
"5996D7A50000012F9178E011"
expires
Sat, 13 Apr 2024 09:18:23 GMT
last-modified
Fri, 18 Aug 2017 12:03:49 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin
script.js
cadmus.script.ac/dahhc4ozyvjm6/
3 B
239 B
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:23 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
8738fec2faa42c5f-FRA
content-length
3
adagio.js
script.4dex.io/ Frame ECED
78 KB
25 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b179f2f4fff08c6382728ac50f9d4e779fdba7e1ab8dcceb49e6f3bf6caf4ee0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 05:18:23 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
222652
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 10 Apr 2024 15:26:39 GMT
Server
cloudflare
ETag
W/"57726b27a1ce0cfccbd69a41d6451507"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BgBzr4f2QwiQDDBO8%2BnjtfaDmlcipsOVFtuy9o55269CajY6VXhWkmEbXhZjxZBGdE%2Bq0PGxWcl2ZSqfIBL5yPNNtlZNnEqCwlagD3UjbL%2B9tMLd2jEoB3XpyMm%2B7ePxm4HF8iRWto9Eiw4"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8738fec25d5c18fd-FRA
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ouo.press
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ouo.press
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sat, 13 Apr 2024 05:18:23 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cookie_sync
prebid-stag.setupad.net/ Frame ECED
297 B
716 B
XHR
General
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159a1c5a38b86c941b92007474ff01e949ae22f18e8496452888cf10a9507c52

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=toxRtTrmLO%2B2IRMfhEd0fImc91JU5c32%2FNIK4bfPYlTYFWOrUsJxglI6zRXfu0rF6q%2BpcvEpm%2B7OyfXerP3IG9s5ISF2SmFbuYZFmw7ja%2BR%2Fm3Tpm0Hp9oeaNlZ3l38EhTgs9IbRNXK8"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8738fec30c4c9f48-FRA
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame ECED
3 KB
2 KB
XHR
General
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9f8ea837a3f42b8e4ed4c13e2a8f2bd5caba338a71f8028bac58472c62df6d6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.259.0
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9juDR%2BfcsBwIBXrgAa2PjpLBfnR31INFg7NvgouA4YRZ4Q8FcIhkHUwCs8w4pjeXhyiEyYmwJ3ri%2FOnoxEWa6ulhWZbq7hkDF%2F1Duvj2rFDvuDK%2BEFXcOOkmDOTTUxJS%2F3ZtLMbeRBJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8738fec30c4b9f48-FRA
expires
0
cdb
bidder.criteo.com/ Frame ECED
0
187 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=29945023404
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sat, 13 Apr 2024 05:18:22 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
rtb.adxpremium.services/openrtb2/ Frame ECED
2 KB
2 KB
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
fe0c3582b3a8cf6c543d193faf1082018a261dabd7138036efe974a4dd1703f8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 13 Apr 2024 05:18:23 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
prebid-request
onetag-sys.com/ Frame ECED
15 B
406 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://ouo.press
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
openrtb
adx.adform.net/adx/ Frame ECED
2 KB
2 KB
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
59866f0719ccee5c5b1cd005461db099547ed70e0778f0aface7ed67fbfec049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Apr 2024 05:18:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ouo.press
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame ECED
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sat, 13 Apr 2024 05:18:23 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ Frame ECED
0
271 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sat, 13 Apr 2024 05:18:22 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
cookie
cm.adform.net/ Frame ECED
35 B
484 B
Image
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:23 GMT
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
node.php
node.setupad.com/node/ Frame ECED
0
241 B
XHR
General
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:23 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
/
track.adform.net/adfscript/ Frame B68A
1 KB
2 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=52776760;rtbwp=ognhZMmsayILzo-qpkMBwZiICW2cTlnE0;rtbdata=YNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d82273a51a6c18047067b4463006d9a440f1ecd450af32b20c4b0784fea50035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1121
expires
-1
sync
x.bidswitch.net/ Frame B68A
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=adform
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 05:18:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame B68A
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame B68A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=2255769871467275086
43 B
162 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=2255769871467275086
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 05:18:23 GMT
last-modified
Fri, 18 Nov 2022 14:41:46 GMT
server
nginx
accept-ranges
bytes
etag
"637799aa-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:23 GMT
an-x-request-uuid
1fb5b310-5db1-441c-85de-3e89b5dbe6af
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=2255769871467275086
x-proxy-origin
185.213.155.166; 185.213.155.166; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame B68A
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=5e549cd6-b861-4916-87a4-f25c95644353
43 B
162 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=5e549cd6-b861-4916-87a4-f25c95644353
Requested by
Host: ouo.press
URL: https://ouo.press/4CvoJ0t
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Apr 2024 05:18:23 GMT
last-modified
Fri, 18 Nov 2022 14:41:46 GMT
server
nginx
accept-ranges
bytes
etag
"637799aa-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=5e549cd6-b861-4916-87a4-f25c95644353
Date
Sat, 13 Apr 2024 05:18:23 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
adx.js
s1.adform.net/banners/scripts/ Frame B68A
61 KB
26 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d854204ecb4a25e674c839da7e4cf1cf9919eee0e2ea757204c8507b9951fd2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:23 GMT
content-encoding
gzip
last-modified
Wed, 21 Feb 2024 07:50:31 GMT
server
nginx
x-amz-request-id
tx000003e62c2f2124f34e3-0065d5ad46-32974d55-default
etag
W/"c76783d3ccb9fea77db45d3144fba1cc"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
fiamp.js
ecdn.firstimpression.io/static/js/ Frame A34D
114 KB
0
Script
General
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
563e77cfdca516b25f6d752bc3316de7932e4f8b111d8338f31b6160df052685

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 04:44:45 GMT
Content-Encoding
gzip
Via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2017
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
37077
Last-Modified
Wed, 10 Apr 2024 17:45:58 GMT
Server
Apache/2.4.54 (Debian)
ETag
"1c721-615c19c744180-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
CgYj0n2Dpovf_8wF1zoCFVK9X1-TX7Yn7a15qU_THIdVMpWkxN0MeQ==
bootstrap.js
s1.adform.net/stoat/631/s1.adform.net/ Frame B68A
37 KB
17 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52776760;rtbwp=ognhZMmsayILzo-qpkMBwZiICW2cTlnE0;rtbdata=YNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
66bb5d9eb10b511a59eb3abc4f10f0519b983f27013e4df5c40c1dc4162a9a44

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:23 GMT
content-encoding
gzip
last-modified
Mon, 04 Mar 2024 06:27:01 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 05 Mar 2024 13:18:58 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame A34D
305 KB
0
Script
General
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
7d16e340b05b82e0a1b5beceedb78141c23b527bcaff77915780fac517617eb5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 05:02:51 GMT
Content-Encoding
br
Via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
Last-Modified
Wed, 10 Apr 2024 17:45:58 GMT
Server
Apache/2.4.54 (Debian)
X-Amz-Cf-Pop
FRA6-C1
Age
3365
ETag
W/"4c441-615c19c744180"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
X-Amz-Cf-Id
vpNZWvp7xndfQTQKQcQwgTYZ0FY7-Yg0ksCWo18rYH1bCV8oowKqEA==
/
track.adform.net/adfserve/ Frame B68A
7 KB
4 KB
Script
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=52776760;rtbwp=ognhZMmsayILzo-qpkMBwZiICW2cTlnE0;rtbdata=YNualoWoAZSPdeBLvGb_oHhyg1yrWZOjef9HiStYDO2hw0xfMWilSkhbSG7tzHq_YIQcawcvcNxTUa-0hbUlSdIkT3Vd778MDIwgW-gQ-2AgXUhfucjMCblZ-JAQ7Pkfy6XJfFo-uqjkbQfdiiDWJLdjcQluxJ4KtAjPLwACscRkTDWVT4x547RVwyhG7GXaiorgKC1Hv8d731ybjmYviYUijrq1zwd3YTQocEx_nqNzhukzWZyVY9N5avUY3xrh0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=5pYQuzqaxpYqHMLsI0XOHah2kPzoKIXU__On96DV3HeJzkEUPQ0tf-B87rUVMTESmBTpu8w37gH_DnFgAq811BDjvIRpOxWZX-yYzm_eUY9NAL6wKpnc9p3-Srbb13KAYIQcawcvcNxTUa-0hbUlSdIkT3Vd778M74xVRsjSKRzDkRMQC1Z5W-Gs6kcE86nZ_gu1P19QTUXCMd_-UCGGR7AcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;2180;set=de-DE|de-DE|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fouo.press%2F4CvoJ0t
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4352435ca8c8e11fc0691c1384271b43e4290fb5d44660bcdab95360821f58ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 05:18:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3197
expires
-1
favicon.ico
ouo.press/
0
173 B
Other
General
Full URL
https://ouo.press/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ouo.press/4CvoJ0t
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 05:18:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sat, 14 Feb 2015 06:41:24 GMT
server
cloudflare
age
1562
etag
"54deee14-0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8738fec52e808fc8-FRA
content-length
0
x-xss-protection
1; mode=block
lg.php
cdn.firstimpression.io/delivery/ Frame A34D
0
0

prebidjs
rtb.openx.net/openrtbb/ Frame A34D
53 B
129 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1bad50569cb91d078aea516920f21c406250a39f5d789574cc38ffbc986e6255