ouo.press Open in urlscan Pro
2606:4700:10::6816:3bfb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ouo.io/2l2t9v
Effective URL:
https://ouo.press/2l2t9v
Submission: On March 07 via manual (March 7th 2022, 6:09:10 pm UTC) from US — Scanned from DE

Summary HTTP 121 Redirects Behaviour Indicators

Summary

This website contacted 56 IPs in 10 countries across 40 domains to perform 121 HTTP transactions. The main IP is 2606:4700:10::6816:3bfb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 198323.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.

This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:697	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6816:3bfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	23.109.87.138 23.109.87.138	7979 (SERVERS-COM) (SERVERS-COM)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	142.91.9.135 142.91.9.135	7979 (SERVERS-COM) (SERVERS-COM)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2606:4700:303... 2606:4700:3035::6815:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.73 18.66.97.73	16509 (AMAZON-02) (AMAZON-02)
4	65.9.78.25 65.9.78.25	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	92.122.145.25 92.122.145.25	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.66.248.82 18.66.248.82	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	65.9.79.193 65.9.79.193	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 6	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.196.230.57 18.196.230.57	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
2	35.163.34.104 35.163.34.104	16509 (AMAZON-02) (AMAZON-02)
1 1	52.29.45.114 52.29.45.114	16509 (AMAZON-02) (AMAZON-02)
4	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2 2	3.122.58.191 3.122.58.191	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1 1	18.185.222.19 18.185.222.19	16509 (AMAZON-02) (AMAZON-02)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	52.29.141.195 52.29.141.195	16509 (AMAZON-02) (AMAZON-02)
3	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	92.122.146.218 92.122.146.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.85.4.200 104.85.4.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3038::6815:ead7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	204.237.133.116 204.237.133.116	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3 6	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	104.18.17.65 104.18.17.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.230.115.234 34.230.115.234	14618 (AMAZON-AES) (AMAZON-AES)
2	104.19.132.80 104.19.132.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.16.65 104.18.16.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.89.7.198 51.89.7.198	16276 (OVH) (OVH)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 3	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
2 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2 3	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
121	56

1 2606:4700:10::ac43:697 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ouo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:3bfb (United States)

ASN13335 (CLOUDFLARENET, US)

ouo.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.87.138 (Netherlands)

ASN7979 (SERVERS-COM, US)

phallicuncut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.91.9.135 (Netherlands)

ASN7979 (SERVERS-COM, US)

video.your-notice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

itineraryupper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-73.fra56.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.78.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-25.ams1.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.145.25 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-145-25.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.248.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-82.dus51.r.cloudfront.net

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.79.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-79-193.ams1.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.100 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.163.34.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-34-104.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.45.114 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-45-114.eu-central-1.compute.amazonaws.com

aws-fr.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.58.191 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-58-191.eu-central-1.compute.amazonaws.com

aws-fr-sync.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.222.19 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-222-19.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.141.195 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-141-195.eu-central-1.compute.amazonaws.com

imp-euro.emxdgt.com.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 92.122.146.218 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-146-218.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.4.200 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-4-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ead7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:811::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.115.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-115-234.compute-1.amazonaws.com

imp.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.132.80 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.16.65 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.7.198 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p20.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.177.54 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 689 gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185	15 KB
11	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 275 s.amazon-adsystem.com — Cisco Umbrella Rank: 260 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352	81 KB
10	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 412 eus.rubiconproject.com — Cisco Umbrella Rank: 503 token.rubiconproject.com — Cisco Umbrella Rank: 595 pixel.rubiconproject.com — Cisco Umbrella Rank: 289	14 KB
9	adskeeper.com jsc.adskeeper.com — Cisco Umbrella Rank: 35458 c.adskeeper.com — Cisco Umbrella Rank: 15984 servicer.adskeeper.com — Cisco Umbrella Rank: 33381 s-img.adskeeper.com — Cisco Umbrella Rank: 17514 cm.adskeeper.com — Cisco Umbrella Rank: 38489	103 KB
8	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3334 c1.adform.net — Cisco Umbrella Rank: 524 s1.adform.net — Cisco Umbrella Rank: 8028	37 KB
8	doubleclick.net 4 redirects ad.doubleclick.net — Cisco Umbrella Rank: 181 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	2 KB
7	ad4m.at ad4m.at — Cisco Umbrella Rank: 1742 as.ad4m.at — Cisco Umbrella Rank: 2174 assets.ad4m.at — Cisco Umbrella Rank: 32740	41 KB
7	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 205 acdn.adnxs.com — Cisco Umbrella Rank: 523	22 KB
7	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 17735 cdn.firstimpression.io — Cisco Umbrella Rank: 17947	370 KB
6	moatads.com z.moatads.com — Cisco Umbrella Rank: 329 px.moatads.com — Cisco Umbrella Rank: 392	102 KB
5	adtrue.com cdn.adtrue.com — Cisco Umbrella Rank: 47151 exchange.adtrue.com — Cisco Umbrella Rank: 30410	87 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 785	41 KB
5	ouo.press ouo.press — Cisco Umbrella Rank: 198323	32 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	121 KB
4	bidswitch.net 4 redirects aws-fr.bidswitch.net — Cisco Umbrella Rank: 11116 aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 30609 x.bidswitch.net — Cisco Umbrella Rank: 257	2 KB
4	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 1565 e1.emxdgt.com — Cisco Umbrella Rank: 1076 imp.emxdgt.com — Cisco Umbrella Rank: 4679	8 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	327 KB
3	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 2428 js.brealtime.com — Cisco Umbrella Rank: 4469	9 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 293	802 B
2	adskeeper.co.uk cdn.adskeeper.co.uk — Cisco Umbrella Rank: 27896	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	101 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 419 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417	79 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 434	708 B
1	yahoo.com ads.yahoo.com — Cisco Umbrella Rank: 816	194 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1648	332 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 713	323 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 488	526 B
1	google.de www.google.de — Cisco Umbrella Rank: 6433	501 B
1	cdn-adtrue.com cdn-adtrue.com — Cisco Umbrella Rank: 52405	905 B
1	com. 1 redirects imp-euro.emxdgt.com.	192 B
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 1169	165 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	9 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1147	3 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 21599	2 KB
1	itineraryupper.com itineraryupper.com — Cisco Umbrella Rank: 288573
1	your-notice.com video.your-notice.com — Cisco Umbrella Rank: 69862	525 B
1	phallicuncut.com phallicuncut.com — Cisco Umbrella Rank: 322160	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	918 B
1	ouo.io 1 redirects ouo.io — Cisco Umbrella Rank: 125604	1 KB
121	40

	Domain	Requested by
6	cm.g.doubleclick.net	4 redirects
6	gum.criteo.com	3 redirects static.criteo.net
6	ib.adnxs.com	1 redirects ecdn.firstimpression.io cdn.adtrue.com acdn.adnxs.com
5	px.moatads.com
5	c.amazon-adsystem.com	ecdn.firstimpression.io c.amazon-adsystem.com
5	ouo.press	ouo.press
4	token.rubiconproject.com	4 redirects
4	static.criteo.net	ecdn.firstimpression.io cdn.adtrue.com static.criteo.net
4	ad4m.at	s1.adform.net ad4m.at
4	mug.criteo.com	ouo.press
4	track.adform.net	ouo.press s1.adform.net
4	ecdn.firstimpression.io	ouo.press ecdn.firstimpression.io
4	www.google.com	ouo.press www.gstatic.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	pixel.rubiconproject.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	c.adskeeper.com	jsc.adskeeper.com
3	cdn.firstimpression.io	ecdn.firstimpression.io
3	www.gstatic.com	www.google.com
3	cdn.adtrue.com	ouo.press exchange.adtrue.com
2	eus.rubiconproject.com	ecdn.firstimpression.io eus.rubiconproject.com
2	match.adsrvr.org	ads.pubmatic.com
2	cm.adskeeper.com	jsc.adskeeper.com
2	cdn.adskeeper.co.uk	jsc.adskeeper.com
2	jsc.adskeeper.com	exchange.adtrue.com jsc.adskeeper.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	cdn-adtrue.com www.googletagmanager.com
2	s1.adform.net	aws-fr.bidswitch.net s1.adform.net
2	biddr.brealtime.com	ouo.press ecdn.firstimpression.io
2	e1.emxdgt.com	ouo.press imp-euro.emxdgt.com.
2	c1.adform.net	2 redirects
2	aws-fr-sync.bidswitch.net	2 redirects
2	exchange.adtrue.com	ouo.press cdn.adtrue.com
2	bidder.criteo.com	ecdn.firstimpression.io cdn.adtrue.com
1	px.ads.linkedin.com
1	ads.yahoo.com
1	acdn.adnxs.com	ecdn.firstimpression.io
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	s-img.adskeeper.com
1	servicer.adskeeper.com	jsc.adskeeper.com
1	imp.emxdgt.com
1	assets.ad4m.at	as.ad4m.at
1	www.google.de	ouo.press
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	hbopenbid.pubmatic.com	cdn.adtrue.com
1	cdn-adtrue.com	exchange.adtrue.com
1	ads.pubmatic.com	ouo.press
1	js.brealtime.com	ecdn.firstimpression.io
1	z.moatads.com	ecdn.firstimpression.io
1	imp-euro.emxdgt.com.	1 redirects
1	x.bidswitch.net	1 redirects
1	aws-fr.bidswitch.net	1 redirects
1	tag.1rx.io	ecdn.firstimpression.io
1	hb.emxdgt.com	ecdn.firstimpression.io
1	fastlane.rubiconproject.com	ecdn.firstimpression.io
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	ecdn.firstimpression.io
1	widgets.outbrain.com	ouo.press
1	ad.doubleclick.net	ouo.press
1	ecdn.analysis.fi	ouo.press
1	itineraryupper.com	ouo.press
1	video.your-notice.com	ouo.press
1	phallicuncut.com	ouo.press
1	fonts.googleapis.com	ouo.press
1	ouo.io	1 redirects
121	69

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
phallicuncut.com R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
your-notice.com R3	`2022-01-05` - `2022-04-05`	3 months	crt.sh
itineraryupper.com R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
*.adtrue.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-08-14`	2 years	crt.sh
analysis.fi Amazon	`2021-12-04` - `2023-01-01`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2021-11-21` - `2022-12-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://ouo.press/2l2t9v
Frame ID: 8F8A72AF726C724482691FF22719220A
Requests: 27 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 057C7FCD01FD4E761577156A7DB09ABE
Requests: 16 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F2l2t9v&cb=2876510374&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/2l2t9v
Frame ID: 69AE42476DC0FB37410307B290AA5BF1
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=gjfbiitrz2g9
Frame ID: 894C7F2496B41606276596CA78394C69
Requests: 5 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=38516439;rtbwp=0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0;rtbdata=M9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Frame ID: 352EAF2BE499BEC1A8DDEF39D95CB70D
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BED60F1EC61F6A8BD1E287527BE7165B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=OGcOFJyqGYcju8j7rI5paKB8cokkjDC2&g=ee037900754e55608ec107e747c300cc%2F7563766144627536384&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1646676547366&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3D0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0%3Bcrtbdata%3DM9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2%3Badfibeg%3D0%3Bcdata%3DbOtQMMiWTw8Sc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2Ty86Jz6kRvSt9oeHwCI_8fUXx6LxiWNZRbb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0Gen5bwGRbCSH30gLtdl7v46tybq2xB-7EpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f2l2t9v%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: EFE7E9DD2064766379DAAB85151381AF
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 6B3DF506E7B03F31E343CD62B32B01C8
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: D06456BC8658E8E5DB10AD72C503C402
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: 22816E66CA802B39E99949B9E17E0D3A
Requests: 2 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1646676548572849473176
Frame ID: AD32D93333AE77F061F8FA229856999A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B4D3D5101CAB956772C5D59520226A14
Requests: 10 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: A49BFF09C04B15842F0B39D763B68E0F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DF4AB15C2C27FDA25D4AA2D45D20B1BC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

https://ouo.io/2l2t9v HTTP 302
https://ouo.press/2l2t9v Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

121
Requests

88 %
HTTPS

32 %
IPv6

40
Domains

69
Subdomains

56
IPs

10
Countries

1628 kB
Transfer

4544 kB
Size

47
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ouo.io/2l2t9v HTTP 302
https://ouo.press/2l2t9v Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://aws-fr.bidswitch.net/imp/0.02210/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R38516439_Qrtbwp_R_I_WAUCTION__PRICE_X-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0_Qrtbdata_RM9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh__f__EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss__d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX__YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3__1r__7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/Uqo5YL0bPrHMtbU7KST8k5D0kn_wxNZYwnO7CbpLArNwBCtXOijbEMwT_fwxy8pMS6hQI0V6LCKEWmJ3ers0teFAJlAuDZqMk0t75h6WieKAS6DaWg2Q-kuJa4zbw8lL-RxLbsrA084EXsxpskeRGSwW6c5WmmdsbmNRLyHzHUe4wPMGwXFWzpLA7yBQIl2IFa6tkwiFkjYY-kz7JjN0dZNga2rt0jLDEN7FRiKzdgCGlEsz9RnUvMcKgSlBRi8uNC7-z_c4oYjFZpyo4IMcRU7S6GqHD-_OZb_jSIVHaAq4oXMbMr2unofONbMMTx-aabADAbkatz5aJQeiQX4o4Rw8C3gHbXzs_AFbwmKRdYPN6jWqMylw9UYgdBL6SOuDYizdah6EqZ8LGe7KnACWyirdYe2xRBxuaSzcdo3I37_f7E1K9-fLl5flUJPy9F4er_eqR3YBV_vcJMpN1g1r-dB-WayBTefV1CS3nDuA4rAlY13SzfvgLnU64ZzISFRXDmFkKUtXw5pNlRsITr7wqYh0LcUccvL2tdL_OibA6IuziYAnbYvNPJkplyPIwEU0HulcH3RUagl9aM9enpT9ZMX7ZUNpy9RlGpIizPQkvuzh_qlPh-Ybjulyl-MzD4_Eopiw_IPeLKqxidq5WtAsFKoxarAo-n9s-8dd4Yx7TjlNgVwYNhHI6WCjj_hfYcoRJ4U3Uc_RKvJyNY3tSb2MJu84ZlJkGf3EjteHHYXc6IogQBB7GkJuwGJvNRBzIE2V3vOCByfSSjoNzs6SOxl9lRc81lsjVGrhCqh3NCAsxZCV/$%7BCLICK_URL_ENC%7D HTTP 302
https://track.adform.net/adfscript/?bn=38516439;rtbwp=0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0;rtbdata=M9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Request Chain 40

https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=2015447608807446942&ssp=emxdigital HTTP 302
https://e1.emxdgt.com/put?d=d21&uid=35b5d350-2f23-4f80-a869-453deec19c28&gdpr=&gdpr_consent=

Request Chain 41

https://imp-euro.emxdgt.com./imp/?cp=0.02210&ts=1646676546&adom=acer.com&seat=70&w=728&h=90&pb=0.01768&sid=9316&tid=122081&pid=1312&uid=74781646676545689998f1&wid=21&dom=ouo.press&tp=0.02210&mt=1&dt=2&st=1&os=&ip=217.64.151.31&sz=&country=SE&region=AB&city=Stockholm&zip=&dma=&agency_id=0&cluster=hb&browser=chrome&rf=ouo.press&data_fee_type=&data_fee=0&cat=19&crid=70_38516439&burl=https://ghent-aws-fr.bidswitch.net/win_notice/emxdigital_bid?rid=Uqo5YL0bPrHMtbU7KST8k5D0kn_wxNZYwnO7CbpLArNwBCtXOijbEMwT_fwxy8pMS6hQI0V6LCKEWmJ3ers0teFAJlAuDZqMk0t75h6WieKAS6DaWg2Q-kuJa4zbw8lL-RxLbsrA084EXsxpskeRGSwW6c5WmmdsbmNRLyHzHUe4wPMGwXFWzpLA7yBQIl2IFa6tkwiFkjYY-kz7JjN0dZNga2rt0jLDEN7FRiKzdgCGlEsz9RnUvMcKgSlBRi8uNC7-z_c4oYjFZpyo4IMcRU7S6GqHD-_OZb_jSIVHaAq4oXMbMr2unofONbMMTx-aabADAbkatz5aJQeiQX4o4Rw8C3gHbXzs_AFbwmKRdYPN6jWqMylw9UYgdBL6SOuDYizdah6EqZ8LGe7KnACWyirdYe2xRBxuaSzcdo3I37_f7E1K9-fLl5flUJPy9F4er_eqR3YBV_vcJMpN1g1r-dB-WayBTefV1CS3nDuA4rAlY13SzfvgLnU64ZzISFRXDmFkKUtXw5pNlRsITr7wqYh0LcUccvL2tdL_OibA6IuziYAnbYvNPJkplyPIwEU0HulcH3RUagl9aM9enpT9ZMX7ZUNpy9RlGpIizPQkvuzh_qlPh-Ybjulyl-MzD4_Eopiw_IPeLKqxidq5WtAsFKoxarAo-n9s-8dd4Yx7TjlNgVwYNhHI6WCjj_hfYcoRJ4U3Uc_RKvJyNY3tSb2MJu84ZlJkGf3EjteHHYXc6IogQBB7GkJuwGJvNRBzIE2V3vOCByfSSjoNzs6SOxl9lRc81lsjVGrhCqh3NCAsxZCV&p=${EMX_BURL}&aid=&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzRFVxbzVZTDBiUHJITXRiVTdLU1Q4azVEMGtuX3d4TlpZd25PN0NicExBck53QkN0WE9pamJFTXdUX2Z3eHk4cE1TNmhRSTBWNkxDS0VXbUozZXJzMHRlRkFKbEF1RFpxTWswdDc1aDZXaWVLQVM2RGFXZzJRLWt1SmE0emJ3OGxMLVJ4TGJzckEwODRFWHN4cHNrZVJHU3dXNmM1V21tZHNibU5STHlIekhVZTR3UE1Hd1hGV3pwTEE3eUJRSWwySUZhNnRrd2lGa2pZWS1rejdKak4wZFpOZ2EycnQwakxERU43RlJpS3pkZ0NHbEVzejlSblV2TWNLZ1NsQlJpOHVOQzctel9jNG9ZakZacHlvNElNY1JVN1M2R3FIRC1fT1piX2pTSVZIYUFxNG9YTWJNcjJ1bm9mT05iTU1UeC1hYWJBREFia2F0ejVhSlFlaVFYNG80Unc4QzNnSGJYenNfQUZid21LUmRZUE42aldxTXlsdzlVWWdkQkw2U091RFlpemRhaDZFcVo4TEdlN0tuQUNXeWlyZFllMnhSQnh1YVN6Y2RvM0kzN19mN0UxSzktZkxsNWZsVUpQeTlGNGVyX2VxUjNZQlZfdmNKTXBOMWcxci1kQi1XYXlCVGVmVjFDUzNuRHVBNHJBbFkxM1N6ZnZnTG5VNjRaeklTRlJYRG1Ga0tVdFh3NXBObFJzSVRyN3dxWWgwTGNVY2N2TDJ0ZExfT2liQTZJdXppWUFuYll2TlBKa3BseVBJd0VVMEh1bGNIM1JVYWdsOWFNOWVucFQ5Wk1YN1pVTnB5OVJsR3BJaXpQUWt2dXpoX3FsUGgtWWJqdWx5bC1NekQ0X0VvcGl3X0lQZUxLcXhpZHE1V3RBc0ZLb3hhckFvLW45cy04ZGQ0WXg3VGpsTmdWd1lOaEhJNldDampfaGZZY29SSjRVM1VjX1JLdkp5TlkzdFNiMk1KdTg0WmxKa0dmM0VqdGVISFlYYzZJb2dRQkI3R2tKdXdHSnZOUkJ6SUUyVjN2T0NCeWZTU2pvTnpzNlNPeGw5bFJjODFsc2pWR3JoQ3FoM05DQXN4WkNWJTI2cCUzRCUyNCU3QkVNWF9CVVJMJTdEJTI2YWlkJTNE HTTP 302
https://biddr.brealtime.com/check_gdpr.js

Request Chain 58

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=lY-hyXwwQlRzSE12aW5JMGk5d3IzQnBnT216WHVTTG0vVUg3TUdBaGJneWhKS0xPd3dkMzkrZjZiWjNyb3ZzejU0VGc4aStBWlVUTFgzNmJlS3pMYUNKU1Y5LzN6QWNWRmpOSmQ4L2RrNDA5WExJbXRNczAzM2RjSk56QmcvN09iaVpwYVhRRmxmZmxMUjVSenYrNmpaS2luS2dSY3RFRzIyQ2U0SDZWbFRvYlRNWW8xMXdKWHYyQ1RBUmNuLzgxQWQ0NnJucmdxTmF0OVR5VWFiMTJBenVoYUpnMjJ4MGNLMWljdEFMY293a3lHaWJjPXw&cppv=2

Request Chain 84

https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=WVb2Hl9tTzNzajFWZ1lYRGZ1aXVxMmxyM1VkSXJFZU1SS2tDNHpSS2FJWiUyRiUyRmxJSEl5Uk1BMW1xektua2liWVdWMHBtVGlpanhFazFkRjBDdkczNHNxbDFFVk1EViUyRktkR01LdUxQeWJhJTJGeG5xRmVXOWtseXhUb1FDUGdha2ZKUXRFTFI2&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=uOW0s3xDM3Y3OEdSRklYM2xLdmw3dUh2anFaVllsOFc1ZlNxS1BZSEd0cjhtSnU0SW50TE1IMFhLUTdpdTk3cjNzR2s2eVBIdmtLNlRnTWJwdGRzRVpBdnVYUENGNzZtcmNMdlA0d2ZFSHJYUlpHVGlzZXRHOFlvQ3UrSWFrdGFrZ2JiWGtDc1pCU2hRNFpGSGhXS3V4bWxjT1YzalY3bGUwTkFsRkplaHVtRzZKMElnakRhUWU2anUzUUNMREdza0orSzd0c1diR2RIbVUyd3VzUW03WHRoUmcxWmNjUkw2cUFRMWpBTFNNWkYyWkVFc2g4dmk5Z2QwejdsMUlNZWxYZHpNbTgrZVlBNlpXWnc0Y1pxcDRFd291SFZ3QTdZdlAxSkluRDh0clhXZTQ3az18&cppv=2

Request Chain 85

https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=WVb2Hl9tTzNzajFWZ1lYRGZ1aXVxMmxyM1VkSXJFZU1SS2tDNHpSS2FJWiUyRiUyRmxJSEl5Uk1BMW1xektua2liWVdWMHBtVGlpanhFazFkRjBDdkczNHNxbDFFVk1EViUyRktkR01LdUxQeWJhJTJGeG5xRmVXOWtseXhUb1FDUGdha2ZKUXRFTFI2&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=o2-6DXw0b05qM2hQV2p0Vk9mZjZkRGZxV0RrTDZOTS8zMHVzL0taMEdFR3h0eldVKzFmRmMxTHBFZHlYUmxQOWh0YmtIeVhoMy9VUVJ2OEJ0N3FyTmhIRzBOKzBzNzRKUG54dVBvc3N0QkI0ZmNkTUNHVDFEN3RHT0Q3dE40VkZvRUE2dzFmcWxWSlBQRHJTZGNDa0tQL3JUb0NQakJPc2V2QVJBVDV5cGtWVzVxTUY3eERZRXRPNlFBTVljL2QydVJnbk5rdWRjYjNSU1UxYlJkSEpJTW9TcUlqK3NPVVpyRXZrc1I3eEFVNFg2SWVGQzlyUE51eXFiV2YzWmJwT1RNV0lBMkZLcG4wYzh2cHR5ZVFSamdjdEVhQVN4L0JvNEFmdTcyQ25GYVFmenQ2Zz18&cppv=2

Request Chain 109

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 111

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBIMFA2RTgtMjgtOThMQw== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBIMFA2RTgtMjgtOThMQw==&google_tc=

Request Chain 113

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M3hTyFZbQfqVf4esH4t0pQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M3hTyFZbQfqVf4esH4t0pQ

Request Chain 114

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0H0P6E8-28-98LC&sigv=1&esig=2~49a661bc71eab0b6978a5b495ce83e11d73145d9

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECKmmBHUdRszg-kMD3ejbwY&google_cver=1

Request Chain 116

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V2u-golITMWaMt7agEKkhQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=V2u-golITMWaMt7agEKkhQ

Request Chain 117

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0H0P6E8-28-98LC

Request Chain 118

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDQ4Y2U1NWQxNWUzYjhmOGY3ZWY2ODgyNzM3MGNmZTc2Yzg1YTFkNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDQ4Y2U1NWQxNWUzYjhmOGY3ZWY2ODgyNzM3MGNmZTc2Yzg1YTFkNQ&google_tc=

121 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 2l2t9v Show response
ouo.press/
Redirect Chain

https://ouo.io/2l2t9v
https://ouo.press/2l2t9v

8 KB
5 KB

266ms
226ms

Document
text/html

2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048c66a87893508d22358cabcedb8bd0c4a4779ba0bcd22f5984465411a393ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e8547b56acc0229-ZRH
content-encoding: br

Redirect headers

date: Mon, 07 Mar 2022 18:09:04 GMT
content-type: text/html; charset=UTF-8
location: https://ouo.press/2l2t9v
cache-control: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e8547b3cce22355-ZRH

GET
H2 200 css
fonts.googleapis.com/ 1020 B
918 B 44ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 16:23:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 18:09:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 18:09:05 GMT

GET
H2 200 bootstrap.css
ouo.press/css/ 107 KB
18 KB 29ms
29ms Stylesheet
text/css 2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/bootstrap.css

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/2l2t9v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4798
cf-polished: origSize=109522
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"54def1fc-1abd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 6e8547b70d050229-ZRH
expires: Tue, 08 Mar 2022 04:49:07 GMT

GET
H2 200 link-safe.css
ouo.press/css/ 6 KB
2 KB 27ms
27ms Stylesheet
text/css 2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/link-safe.css

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/2l2t9v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21523
cf-polished: status=cannot_optimize
cf-bgj: minify
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d951ace-1830"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 6e8547b70d080229-ZRH
expires: Tue, 08 Mar 2022 00:10:22 GMT

GET
H/1.1 200
OK 16562 Show response
phallicuncut.com/1clkn/ 0
1 KB 190ms
21ms Script
application/javascript 23.109.87.138
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://phallicuncut.com/1clkn/16562

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.138 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 18:09:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Keep-Alive: timeout=20

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
996 B 43ms
15ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb0afebc03130352b185e9b88985e5339d7d7d5bdd28a41034161270c5405448

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Mon, 07 Mar 2022 18:09:05 GMT

GET
H2 200 html_102001.js Show response
video.your-notice.com/ 775 B
525 B 60ms
25ms Script
application/javascript 142.91.9.135
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://video.your-notice.com/html_102001.js
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f89938c79873cd609d75b6112604cbedf77695f1eeed40d179bc5a450d9680b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:08:57 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H/1.1 403
Forbidden ed36014633829dc70a42dccaefdf3f11.js
itineraryupper.com/ed/36/01/ 0
0 583ms
107ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Mar 2022 18:09:05 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ 7 KB
3 KB 79ms
28ms Script
application/x-javascript 2606:4700:3035::6815:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3564642
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
server: cloudflare
etag: W/"5fb1d3ed-1c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z11vKVJjweSsEQX1PXK5QkopNmoFU1Hp6%2BPRlDsMFTlyqSrgTwaVF0EKJHXdWHytuAlKiR22i2uJJxcpcGPo7E4Jb8QHHtmDENtHU2DGrSXxmuJoh0V8XYMx5C5xhbrOiTyxgtQuM%2BgkjvaRug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 6e8547b7aec991e7-FRA
expires: Fri, 20 Jan 2023 11:58:23 GMT

GET
H2 200 world.png
ouo.press/images/ 6 KB
6 KB 34ms
33ms Image
image/png 2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ouo.press/images/world.png

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/2l2t9v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1260012
cf-polished: status=not_needed
content-length: 5692
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2015 05:02:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5549a07c-163c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Wed, 23 Mar 2022 04:08:53 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e8547b74d8c0229-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 email-decode.min.js Show response
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
818 B 15ms
14ms Script
application/javascript 2606:4700:10::6816:3bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/2l2t9v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Mar 2022 15:11:12 GMT
server: cloudflare
etag: W/"621f8910-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6e8547b74d830229-ZRH
vary: Accept-Encoding
expires: Wed, 09 Mar 2022 18:09:05 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 45ms
7ms Script
application/javascript 18.66.97.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-73.fra56.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 17:31:13 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 04:22:44 GMT
server: nginx/1.18.0
age: 2272
etag: W/"62258894-1090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: IQp8VKNnmz-YIbb9XsFdi3QvE8kMzmNNuIZ2a0o_fyHnlEO8h7We3A==
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
expires: Mon, 07 Mar 2022 18:31:13 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 53ms
14ms Script
application/javascript 65.9.78.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-25.ams1.r.cloudfront.net

Software

nginx/1.18.0 / PHP/7.3.23

Resource Hash

8d149d060bf69874e2b9e11acf63ef3648521c87c7688d05744830ab2b2e3bd2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 17:51:39 GMT
content-encoding: br
age: 1046
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
x-xss-protection: 0
access-control-allow-origin: *
last-modified: Mon, 07 Mar 2022 17:51:39 UTC
server: nginx/1.18.0
etag: W/"381549f91c5cf2e6dbdd29d511d7224b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: DU3fY7Y77K4Qpe7RNvwDrhHOq1ageB9p0cMz_R7OffKDkltoYxQrdA==
expires: Mon, 07 Mar 2022 18:51:39 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ 360 KB
142 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:41:18 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 29ms
7ms Image
image/x-icon 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 01:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Mar 2022 01:51:47 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 56ms
15ms Image
image/svg+xml 92.122.145.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.145.25 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-145-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
last-modified: Mon, 07 Mar 2022 10:58:09 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1646650816.657144"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 06 Apr 2022 18:09:05 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 26 KB
6 KB 80ms
47ms XHR
application/json 18.66.248.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2F2l2t9v&charset=UTF-8&ch=18&ref=ouo.press&viewerId=null&referer=&_firid=18712921
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-82.dus51.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 4f0ed4f3fd00dc3bed116fd03b4554f8e204be9a1552ca06cd5a5f334a884dc7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
x-powered-by: PHP/7.3.23
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
access-control-allow-origin: https://ouo.press
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: Pl_IC7EPsvsIgVuZ5qJitabuCneFgMegzfH-obfugIC6EdClhRx0uw==
expires: 0

GET
H2 200 prebidamp.js Show response
ecdn.firstimpression.io/static/js/ 312 KB
115 KB 46ms
15ms Script
application/javascript 65.9.78.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-25.ams1.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 17:38:29 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 08:13:38 GMT
server: nginx/1.18.0
age: 1836
etag: W/"6225beb2-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 2LW9vMaTc7D1ey1rKItTODJk-PWOyR3K7uGl9Sd-Twkpt4zDPrAb0w==
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
expires: Mon, 07 Mar 2022 18:38:29 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 26 KB
9 KB 269ms
32ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5991
x-jsd-version: 1.13.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19149-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e8547ba0c310208-ZRH

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 250ms
14ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 675
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0CQEWNGGFGE3TDFG4DGX
date: Mon, 07 Mar 2022 17:58:05 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: cstS74pEt9aWfJGdk7kRbPw8Cxu4EE9jREkwJSauaXVYCBAVlr3Bog==

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v17/ 19 KB
19 KB 218ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v17/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 20:05:16 GMT
x-content-type-options: nosniff
age: 425029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19292
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:15:05 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 20:05:16 GMT

GET
H2 200 fiamp.js Show response
ecdn.firstimpression.io/static/js/ Frame 057C 110 KB
41 KB 16ms
16ms Script
application/javascript 65.9.78.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-25.ams1.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 17:38:29 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 10:35:55 GMT
server: nginx/1.18.0
age: 1836
etag: W/"6225e00b-1b8e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: mVOyb73_SLYY98vvbo0tI-L2PtYkBN31pYOemI576DeEreYxd0wCgQ==
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
expires: Mon, 07 Mar 2022 18:38:29 GMT

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 prebidamp.js Show response
ecdn.firstimpression.io/static/js/ Frame 057C 312 KB
115 KB 14ms
14ms Script
application/javascript 65.9.78.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-25.ams1.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 17:38:29 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 08:13:38 GMT
server: nginx/1.18.0
age: 1836
etag: W/"6225beb2-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 5vDtJdtLQtKY4UrFFIPRZR6tVITkRkTUkeURFsQpJxUG0ypPB15Qlw==
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
expires: Mon, 07 Mar 2022 18:38:29 GMT

POST
H2 200 lg.php
cdn.firstimpression.io/delivery/ Frame 057C 1 B
446 B 41ms
40ms Ping
text/html 18.66.248.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C88461%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C6%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459%7C110459
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-82.dus51.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:05 GMT
content-encoding: gzip
server: nginx/1.18.0
x-amz-cf-pop: DUS51-P1
x-powered-by: PHP/7.3.23
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-amz-cf-id: bYYuOYAKnYf6ODjR5K2ZtHGHB1Eb_6E7z8fF0Xh0Mbyrh1k_CaVXpQ==
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 057C 348 B
1 KB 112ms
90ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F2l2t9v&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F2l2t9v&tg_i.page=https%3A%2F%2Fouo.press%2F2l2t9v&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=2f8de268-1bb9-474e-85b8-3579648f4cac&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7046143566673979
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f51186752e2064fb17e40959ccb4986aa15002d57bf49745d1aa4e5959a1c34c

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 18:09:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 348
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 057C 18 B
306 B 81ms
46ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=65424112178

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 057C 138 B
823 B 127ms
97ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e62ea73458f8000b65cfaac2cb417bd4bb81b756e3db66dd78a403178f94d3c4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 18:09:05 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2e570088-e7f6-4be2-9d08-6cae98bed548
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 / Show response
hb.emxdgt.com/ Frame 057C 8 KB
8 KB 68ms
44ms XHR
application/json 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=2000&ts=1646676545660&src=pbjs
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e7e73df61ed4b2f96e42b14a60144eab3195a23ef2a2110f6645224fdc036c4a

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Mon, 07 Mar 2022 18:09:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type
content-length: 7966
content-type: application/json

POST
H2 204 mvo Show response
tag.1rx.io/rmp/212927/0/ Frame 057C 0
165 B 56ms
18ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
pragma: no-cache
date: Mon, 07 Mar 2022 18:09:05 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 057C 139 B
824 B 42ms
13ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7acd3c93d9b6845fdfa1fff105625d10b0840134f580f3b7f129a0bac794b9bd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 18:09:05 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 735dc120-6b85-4ae1-b961-1a0c3545fa04
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 057C 134 KB
36 KB 15ms
15ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 675
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0CQEWNGGFGE3TDFG4DGX
date: Mon, 07 Mar 2022 17:58:05 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2XyxWBpfGvJbo1hzDXaMSXptobR9JfV1eym4wbEDLzH3YcXjzy3scg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 057C 0
305 B 30ms
29ms XHR
text/plain 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:54:45 GMT
via: 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
server: Server
age: 11659
x-cache: Hit from cloudfront
access-control-allow-origin: https://ouo.press
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: lJMiz04fBdty9Ezj-Jbf5es6nyalI8C-KMR-rCSpAxTWIJBy0cXgOQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 057C 23 B
487 B 151ms
151ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F2l2t9v&pid=sC5qeUUipg49V&cb=0&ws=728x90&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.79.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-79-193.ams1.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
via: 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-amz-rid: 8XMMESRNK6RMN2CM5QKM
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Hav24lKb6iFEyN78zXeJ2SNPohQX5tpXBzC6dBMb1Fua6qSBSKXJ5Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 057C 6 KB
3 KB 42ms
13ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:44:21 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 80685
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: AXkJXqghzZ6e2xF980zJycFwOrPE-_ivhHbmeRaK2NEXE6862kYjwg==

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame 69AE 5 KB
5 KB 833ms
170ms Script
application/javascript 35.163.34.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F2l2t9v&cb=2876510374&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/2l2t9v
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.34.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-34-104.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: abff3de1810d5f1b52b5cc99b7e4b29dc850b17aaa6523b289e4240a62cf0728

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
server: nginx
x-adtrue-instance: java2
content-length: 4626
content-type: application/javascript

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 894C 42 KB
22 KB 27ms
26ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=gjfbiitrz2g9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

617fc93ef78f96c82aabe074e1fb5b3073b020f22ea0953b366f2489d7516f83

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W4wz15bjImxw0sSTetKhVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Mar 2022 18:09:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-W4wz15bjImxw0sSTetKhVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22071
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 894C 51 KB
24 KB 26ms
11ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=gjfbiitrz2g9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 10:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 10:47:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 894C 360 KB
142 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 14:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 14:41:18 GMT

POST
H2 200 v1
cdn.firstimpression.io/tracking/habit/ Frame 057C 2 B
406 B 34ms
34ms Ping
text/plain 18.66.248.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/tracking/habit/v1?b=1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-82.dus51.r.cloudfront.net
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Mar 2022 18:09:05 GMT
access-control-request-method: *
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: OPTIONS, GET, POST
content-type: text/plain
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-amz-cf-id: OcsdOLgpFgZZ20YqqJVLR-I_RAkOScOylNZY8bwX27E6UHH61dAqJw==

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 352E
Redirect Chain

https://aws-fr.bidswitch.net/imp/0.02210/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R38516439_Qrtbwp_R_I_WAUCTION__PRICE_X-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0_Qrtbdata_RM9-Z3hVKlYSwdiYkQVqRiirq1...
https://track.adform.net/adfscript/?bn=38516439;rtbwp=0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0;rtbdata=M9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjs...

959 B
1 KB

194ms
20ms

Script
text/javascript

37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38516439;rtbwp=0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0;rtbdata=M9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cf7f735d333453c31248849e87ca328710cff99564961d91e74561bfbbb41309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 822
expires: -1

Redirect headers

location: https://track.adform.net/adfscript/?bn=38516439;rtbwp=0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0;rtbdata=M9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2;OOBClickTrack=$%7BCLICK_URL_ENC%7D
date: Mon, 07 Mar 2022 18:09:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

204

put
e1.emxdgt.com/ Frame 352E
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital
https://x.bidswitch.net/sync?dsp_id=70&user_id=2015447608807446942&ssp=emxdigital
https://e1.emxdgt.com/put?d=d21&uid=35b5d350-2f23-4f80-a869-453deec19c28&gdpr=&gdpr_consent=

0
59 B

79ms
32ms

Image
text/html

18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d21&uid=35b5d350-2f23-4f80-a869-453deec19c28&gdpr=&gdpr_consent=
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: H2
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-length: 0
content-type: text/html

Redirect headers

Location: //e1.emxdgt.com/put?d=d21&uid=35b5d350-2f23-4f80-a869-453deec19c28&gdpr=&gdpr_consent=
Date: Mon, 07 Mar 2022 18:09:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

check_gdpr.js Show response
biddr.brealtime.com/ Frame 352E
Redirect Chain

https://imp-euro.emxdgt.com./imp/?cp=0.02210&ts=1646676546&adom=acer.com&seat=70&w=728&h=90&pb=0.01768&sid=9316&tid=122081&pid=1312&uid=74781646676545689998f1&wid=21&dom=ouo.press&tp=0.02210&mt=1&d...
https://biddr.brealtime.com/check_gdpr.js

704 B
1 KB

65ms
26ms

Script
application/javascript

104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check_gdpr.js
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: HTTP/1.1
Server: 104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 18:09:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7096
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: 0WF80THSMJ06014K
x-amz-id-2: cuaKGv2lHZvtdAh7r+AM0beixqPJh3Ee2Az1avgd8rCQbAyjeGIVAbbQ+tUxH4aflL/b4Dodk6M=
Last-Modified: Wed, 19 Aug 2020 01:11:27 GMT
Server: cloudflare
ETag: W/"45fc2df97a85ec1dbd37c6e43e5da119"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=60
CF-RAY: 6e8547bfcbc29b1f-FRA
Expires: Mon, 07 Mar 2022 18:10:06 GMT

Redirect headers

Location: https://biddr.brealtime.com/check_gdpr.js
Date: Mon, 07 Mar 2022 18:09:06 GMT
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html

GET
H2 200 moatad.js Show response
z.moatads.com/emxsspdisplay905071498485/ Frame 352E 297 KB
101 KB 519ms
15ms Script
application/x-javascript 92.122.146.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/emxsspdisplay905071498485/moatad.js?moatClientLevel1=1312&moatClientLevel2=9316&moatClientLevel3=122081&moatClientSlicer1=ouo.press&moatClientSlicer2=&moatClientSlicer3=
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.146.218 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-146-218.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3ddab5e9b793d8ea924db245405898c13465522468cc0d867297f31079009db3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 17:17:06 GMT
server: AmazonS3
x-amz-request-id: TC5G3427NM5HFK84
etag: "7cbea6a6b64a76836a9403fcae92ad9e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=64596
accept-ranges: bytes
content-length: 102994
x-amz-id-2: Nh/5tGReGWtyowGHip7S8wTL4SAbkaKlFAxH69iKqTINWpDff1agpC60lnqhwmq+Odq0nzd1BcI=

GET
H/1.1 200
OK openvv.js Show response
js.brealtime.com/ Frame 352E 25 KB
7 KB 528ms
21ms Script
application/javascript 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.brealtime.com/openvv.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 18:09:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 6053
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: ERCBPK6FYYZ085N7
x-amz-id-2: LfvK16OMLhxMNpYFuEXMONEqQTcjyGyapkISVW1sG4TTe0xlfpZaY4bOORGAPfZ6eAc9pz/D3Ps=
Last-Modified: Mon, 28 Jan 2019 20:39:00 GMT
Server: cloudflare
ETag: W/"a3f3c6d66a408f8552e62ced6abc6fb4"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=60
CF-RAY: 6e8547beebb25c50-FRA
Expires: Mon, 07 Mar 2022 18:10:06 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 894C 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=gjfbiitrz2g9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 07 Mar 2022 18:09:06 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 894C 31 KB
18 KB 44ms
44ms XHR
application/json 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

657716e6a3197b4b7ee592a950cca6b905fb1548cfebf63acaa672b27de3f796

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=gjfbiitrz2g9
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17955
x-xss-protection: 1; mode=block
expires: Mon, 07 Mar 2022 18:09:06 GMT

GET
H3 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame 69AE 252 KB
77 KB 77ms
39ms Script
application/x-javascript 2606:4700:3035::6815:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F2l2t9v&cb=2876510374&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/2l2t9v
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3564640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 09:06:46 GMT
server: cloudflare
etag: W/"6076b0a6-3f06e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FZm91eb2trzwGHjRkqJebjSHCzGC86AcQDL3ZQp1ZSp%2Fn32Zc6xbOyeDHiIbH5pTaFBYUH%2F7ApRiWrbffdXDwePXnA5R%2F%2BCkQnAqDhV88ae6FGPsCyMDvcP0EWip1LYm8NBhdMwwi0zRzdbfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 6e8547c04a7892a8-FRA
expires: Fri, 20 Jan 2023 11:58:26 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 69AE 255 KB
79 KB 142ms
15ms Script
text/javascript 104.85.4.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.4.200 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-4-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 05:33:12 GMT
server: Apache/2.2.15 (CentOS)
etag: "1241a12-3fca8-5cf4eee137dd8"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=96883
accept-ranges: bytes
content-type: text/javascript
content-length: 80538
expires: Tue, 08 Mar 2022 21:03:49 GMT

GET
H2 200 ga.js Show response
cdn-adtrue.com/track/ Frame 69AE 502 B
905 B 82ms
29ms Script
application/x-javascript 2606:4700:3038::6815:ead7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F2l2t9v&cb=2876510374&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/2l2t9v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3564592
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Apr 2021 11:02:09 GMT
server: cloudflare
etag: W/"6066f9b1-1f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KETb4aQNm43vnok8H%2F5Dohk0Aykw4%2BgN%2B0buBL60%2BvPauBvoCjVD3zqCtHnClE3jgzr27JOqFAFE4RDr5rMrPzGm4ICY%2BbkeYQ8t0YnDtawcNS13Gk31t1aQGMLmisarwV93Doq4FpCyqm5upw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 6e8547c06bb291d7-FRA
expires: Fri, 20 Jan 2023 11:59:14 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 352E 33 KB
16 KB 110ms
21ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: aws-fr.bidswitch.net
URL: https://aws-fr.bidswitch.net/imp/0.02210/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R38516439_Qrtbwp_R_I_WAUCTION__PRICE_X-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0_Qrtbdata_RM9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh__f__EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss__d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX__YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3__1r__7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/Uqo5YL0bPrHMtbU7KST8k5D0kn_wxNZYwnO7CbpLArNwBCtXOijbEMwT_fwxy8pMS6hQI0V6LCKEWmJ3ers0teFAJlAuDZqMk0t75h6WieKAS6DaWg2Q-kuJa4zbw8lL-RxLbsrA084EXsxpskeRGSwW6c5WmmdsbmNRLyHzHUe4wPMGwXFWzpLA7yBQIl2IFa6tkwiFkjYY-kz7JjN0dZNga2rt0jLDEN7FRiKzdgCGlEsz9RnUvMcKgSlBRi8uNC7-z_c4oYjFZpyo4IMcRU7S6GqHD-_OZb_jSIVHaAq4oXMbMr2unofONbMMTx-aabADAbkatz5aJQeiQX4o4Rw8C3gHbXzs_AFbwmKRdYPN6jWqMylw9UYgdBL6SOuDYizdah6EqZ8LGe7KnACWyirdYe2xRBxuaSzcdo3I37_f7E1K9-fLl5flUJPy9F4er_eqR3YBV_vcJMpN1g1r-dB-WayBTefV1CS3nDuA4rAlY13SzfvgLnU64ZzISFRXDmFkKUtXw5pNlRsITr7wqYh0LcUccvL2tdL_OibA6IuziYAnbYvNPJkplyPIwEU0HulcH3RUagl9aM9enpT9ZMX7ZUNpy9RlGpIizPQkvuzh_qlPh-Ybjulyl-MzD4_Eopiw_IPeLKqxidq5WtAsFKoxarAo-n9s-8dd4Yx7TjlNgVwYNhHI6WCjj_hfYcoRJ4U3Uc_RKvJyNY3tSb2MJu84ZlJkGf3EjteHHYXc6IogQBB7GkJuwGJvNRBzIE2V3vOCByfSSjoNzs6SOxl9lRc81lsjVGrhCqh3NCAsxZCV/$%7BCLICK_URL_ENC%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 08 Mar 2022 21:52:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 69AE 98 KB
38 KB 41ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST

Requested by

Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d0048f65964a8f38770dd0864b98be44d696bca3aa7db85f1a2341774626077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38494
x-xss-protection: 0
expires: Mon, 07 Mar 2022 18:09:06 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 69AE 0
210 B 21ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=58418204947

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 69AE 138 B
823 B 123ms
123ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f09cbba3a164821956fde3d0c50314fef3be7423ca0783b1d661d1b99e1e4128

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 18:09:06 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ef7222a1-1b40-42ad-b825-74097a71dddf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 69AE 0
111 B 963ms
200ms XHR
text/plain 204.237.133.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Mon, 07 Mar 2022 18:09:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 69AE 171 KB
63 KB 30ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c211ab25cc0ecc4d7aab40eea326c62cf0b1ecaf7c810d5475f1fbaeb63941b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64437
x-xss-protection: 0
expires: Mon, 07 Mar 2022 18:09:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 69AE 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2053
date: Mon, 07 Mar 2022 17:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Mar 2022 19:34:53 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 352E 5 KB
3 KB 21ms
21ms Script
text/javascript 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=38516439;rtbwp=0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0;rtbdata=M9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2;oobclicktrack=%24%257BCLICK_URL_ENC%257D;js=1;adfxid=1x;6327;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fouo.press%2F2l2t9v

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8a02e1b2787fc81a83401b952ddcdebe7dfbf2b72fa49f78ece786fce4e9dc0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2511
expires: -1

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 50ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://ouo.press
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1390
date: Mon, 07 Mar 2022 18:09:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 69AE
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=lY-hyXwwQlRzSE12aW5JMGk5d3IzQnBnT216WHVTTG0vVUg3TUdBaGJneWhKS0xPd3dkMzkrZjZiWjNyb3ZzejU0VGc4aStBWlVUTFgzNmJlS3pMYUNKU1Y5LzN6QWNWRmpOSmQ4L2RrNDA5WExJbXRNczAzM2RjSk56Qm...

350 B
612 B

107ms
37ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lY-hyXwwQlRzSE12aW5JMGk5d3IzQnBnT216WHVTTG0vVUg3TUdBaGJneWhKS0xPd3dkMzkrZjZiWjNyb3ZzejU0VGc4aStBWlVUTFgzNmJlS3pMYUNKU1Y5LzN6QWNWRmpOSmQ4L2RrNDA5WExJbXRNczAzM2RjSk56QmcvN09iaVpwYVhRRmxmZmxMUjVSenYrNmpaS2luS2dSY3RFRzIyQ2U0SDZWbFRvYlRNWW8xMXdKWHYyQ1RBUmNuLzgxQWQ0NnJucmdxTmF0OVR5VWFiMTJBenVoYUpnMjJ4MGNLMWljdEFMY293a3lHaWJjPXw&cppv=2

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c9ea49b7336470b35fffad00bdc7db0d7f043a95201c706501422efed66b820d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2925
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
location: https://mug.criteo.com/sid?cpp=lY-hyXwwQlRzSE12aW5JMGk5d3IzQnBnT216WHVTTG0vVUg3TUdBaGJneWhKS0xPd3dkMzkrZjZiWjNyb3ZzejU0VGc4aStBWlVUTFgzNmJlS3pMYUNKU1Y5LzN6QWNWRmpOSmQ4L2RrNDA5WExJbXRNczAzM2RjSk56QmcvN09iaVpwYVhRRmxmZmxMUjVSenYrNmpaS2luS2dSY3RFRzIyQ2U0SDZWbFRvYlRNWW8xMXdKWHYyQ1RBUmNuLzgxQWQ0NnJucmdxTmF0OVR5VWFiMTJBenVoYUpnMjJ4MGNLMWljdEFMY293a3lHaWJjPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1804
content-length: 482
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 352E 35 KB
13 KB 71ms
26ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25645
x-guploader-uploadid: ADPycdsr5n4kU1rNLkiSrbRzdMb-9DabWoAfQTOrTOqZ3NYXVgPrNi4N3t5dVkDjvEN376F-ekn4TmbIv9GEx6HzMco
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:00:45 GMT
server: cloudflare
etag: W/"25dab5d0aa24f68116270a61c758162f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEBiBv1xccehHRLTSLBJt5tHc8xLoaEnf0i%2F3Tw2pobGabbz11c2AEsv5xkjAcoIIBjmbENQyGMdA2pZwSTCWrxFNjdBSgrP5h2lfw25d5vwHAQ1Vu9SMFJHVssjpHj%2FdYnJJgE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643194845770575
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11870
cf-ray: 6e8547c1a96e8ff4-FRA
expires: Mon, 07 Mar 2022 11:01:41 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 352E 35 B
455 B 22ms
22ms Ping
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38516439&csi=PTBYfcQrADt0SaV_cV4cUufJ6EnkVBkqnKRWaOGiMrAJDwKV3Zer3Ib15tfM368WQK-z2KYFcIC-X3sZvIXW32QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 69AE 1 B
21 B 33ms
18ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=991884798&t=pageview&_s=1&dl=https%3A%2F%2Fouo.press%2F2l2t9v&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=YEBAAEABAAAAAC~&jid=106584655&gjid=671168298&cid=1584060270.1646676547&tid=UA-177299981-5&_gid=441565225.1646676547&_r=1&gtm=2wg320NPLC9ST&z=718243296

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ Frame 69AE 0
342 B 35ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe320&_p=991884798&_z=ccd.B&_gaz=1&cid=1584060270.1646676547&ul=en-us&sr=1600x1200&_s=1&sid=1646676546&sct=1&seg=0&dl=https%3A%2F%2Fouo.press%2F2l2t9v&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame 69AE 0
342 B 68ms
28ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0DTZ6LRDBJ&cid=1584060270.1646676547&gtm=2oe320&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 69AE 42 B
501 B 67ms
32ms Image
image/gif 2a00:1450:400e:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0DTZ6LRDBJ&cid=1584060270.1646676547&gtm=2oe320&aip=1&z=1657303152

Requested by

Host: ouo.press
URL: https://ouo.press/2l2t9v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 352E 35 KB
15 KB 34ms
34ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d80c5e589d01a4960b7737680fe9bd09293cab9db77fcfb7de2d64a1f0361037

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 08 Mar 2022 21:55:21 GMT

GET
H2 204 / Show response
e1.emxdgt.com/sync/ Frame 352E 0
22 B 221ms
220ms Script
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.emxdgt.com/sync/
Requested by: Host: imp-euro.emxdgt.com.
URL: https://imp-euro.emxdgt.com./imp/?cp=0.02210&ts=1646676546&adom=acer.com&seat=70&w=728&h=90&pb=0.01768&sid=9316&tid=122081&pid=1312&uid=74781646676545689998f1&wid=21&dom=ouo.press&tp=0.02210&mt=1&dt=2&st=1&os=&ip=217.64.151.31&sz=&country=SE&region=AB&city=Stockholm&zip=&dma=&agency_id=0&cluster=hb&browser=chrome&rf=ouo.press&data_fee_type=&data_fee=0&cat=19&crid=70_38516439&burl=https://ghent-aws-fr.bidswitch.net/win_notice/emxdigital_bid?rid=Uqo5YL0bPrHMtbU7KST8k5D0kn_wxNZYwnO7CbpLArNwBCtXOijbEMwT_fwxy8pMS6hQI0V6LCKEWmJ3ers0teFAJlAuDZqMk0t75h6WieKAS6DaWg2Q-kuJa4zbw8lL-RxLbsrA084EXsxpskeRGSwW6c5WmmdsbmNRLyHzHUe4wPMGwXFWzpLA7yBQIl2IFa6tkwiFkjYY-kz7JjN0dZNga2rt0jLDEN7FRiKzdgCGlEsz9RnUvMcKgSlBRi8uNC7-z_c4oYjFZpyo4IMcRU7S6GqHD-_OZb_jSIVHaAq4oXMbMr2unofONbMMTx-aabADAbkatz5aJQeiQX4o4Rw8C3gHbXzs_AFbwmKRdYPN6jWqMylw9UYgdBL6SOuDYizdah6EqZ8LGe7KnACWyirdYe2xRBxuaSzcdo3I37_f7E1K9-fLl5flUJPy9F4er_eqR3YBV_vcJMpN1g1r-dB-WayBTefV1CS3nDuA4rAlY13SzfvgLnU64ZzISFRXDmFkKUtXw5pNlRsITr7wqYh0LcUccvL2tdL_OibA6IuziYAnbYvNPJkplyPIwEU0HulcH3RUagl9aM9enpT9ZMX7ZUNpy9RlGpIizPQkvuzh_qlPh-Ybjulyl-MzD4_Eopiw_IPeLKqxidq5WtAsFKoxarAo-n9s-8dd4Yx7TjlNgVwYNhHI6WCjj_hfYcoRJ4U3Uc_RKvJyNY3tSb2MJu84ZlJkGf3EjteHHYXc6IogQBB7GkJuwGJvNRBzIE2V3vOCByfSSjoNzs6SOxl9lRc81lsjVGrhCqh3NCAsxZCV&p=${EMX_BURL}&aid=&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzRFVxbzVZTDBiUHJITXRiVTdLU1Q4azVEMGtuX3d4TlpZd25PN0NicExBck53QkN0WE9pamJFTXdUX2Z3eHk4cE1TNmhRSTBWNkxDS0VXbUozZXJzMHRlRkFKbEF1RFpxTWswdDc1aDZXaWVLQVM2RGFXZzJRLWt1SmE0emJ3OGxMLVJ4TGJzckEwODRFWHN4cHNrZVJHU3dXNmM1V21tZHNibU5STHlIekhVZTR3UE1Hd1hGV3pwTEE3eUJRSWwySUZhNnRrd2lGa2pZWS1rejdKak4wZFpOZ2EycnQwakxERU43RlJpS3pkZ0NHbEVzejlSblV2TWNLZ1NsQlJpOHVOQzctel9jNG9ZakZacHlvNElNY1JVN1M2R3FIRC1fT1piX2pTSVZIYUFxNG9YTWJNcjJ1bm9mT05iTU1UeC1hYWJBREFia2F0ejVhSlFlaVFYNG80Unc4QzNnSGJYenNfQUZid21LUmRZUE42aldxTXlsdzlVWWdkQkw2U091RFlpemRhaDZFcVo4TEdlN0tuQUNXeWlyZFllMnhSQnh1YVN6Y2RvM0kzN19mN0UxSzktZkxsNWZsVUpQeTlGNGVyX2VxUjNZQlZfdmNKTXBOMWcxci1kQi1XYXlCVGVmVjFDUzNuRHVBNHJBbFkxM1N6ZnZnTG5VNjRaeklTRlJYRG1Ga0tVdFh3NXBObFJzSVRyN3dxWWgwTGNVY2N2TDJ0ZExfT2liQTZJdXppWUFuYll2TlBKa3BseVBJd0VVMEh1bGNIM1JVYWdsOWFNOWVucFQ5Wk1YN1pVTnB5OVJsR3BJaXpQUWt2dXpoX3FsUGgtWWJqdWx5bC1NekQ0X0VvcGl3X0lQZUxLcXhpZHE1V3RBc0ZLb3hhckFvLW45cy04ZGQ0WXg3VGpsTmdWd1lOaEhJNldDampfaGZZY29SSjRVM1VjX1JLdkp5TlkzdFNiMk1KdTg0WmxKa0dmM0VqdGVISFlYYzZJb2dRQkI3R2tKdXdHSnZOUkJ6SUUyVjN2T0NCeWZTU2pvTnpzNlNPeGw5bFJjODFsc2pWR3JoQ3FoM05DQXN4WkNWJTI2cCUzRCUyNCU3QkVNWF9CVVJMJTdEJTI2YWlkJTNE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:06 GMT
content-length: 0
content-type: text/html

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 232ms
35ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1112
date: Mon, 07 Mar 2022 18:09:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 31ms
16ms Image
image/gif 92.122.146.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1646676547115&de=957099675282&m=0&ar=359f21c1e97-clean&iw=33c6e96&q=2&cb=0&ym=0&cu=1646676547115&ll=2&lm=0&ln=1&em=0&en=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F2l2t9v&id=1&ii=4&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&gw=emxsspdisplay905071498485&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A596%3A1197%3A2322%3A1152&fs=197273&na=1132660023&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.146.218 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-146-218.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Mar 2022 18:09:07 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame BED6 2 KB
2 KB 49ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdugBLBP-Vwd2B9WHPfqz7wLElCJPL4RDx_q8DQF8SE2-ZYKEh4d8NJI0q3TqTXs-Lt8QdoPKRS3lY5o3ig520BPzOfHoA
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
expires: Mon, 07 Mar 2022 19:09:07 GMT
cache-control: public, max-age=3600
last-modified: Wed, 06 May 2020 15:09:30 GMT
age: 903349
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBiiWo2VbjBls1H%2FBisc2rkbfouh4dXDZwKTWAzwXTNDPiz4BsmhZJ892pPBX89rk2SIkKTnE4knNsej78lgP2dp1N4iJfi5RXc4cM2%2Byo7RJVsdqlFC1v0lPvoHtA3YG%2FMSFW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e8547c43c098fe6-FRA
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame 352E 905 B
1 KB 46ms
46ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4abad6d1c160d53068f345412a5cf2abed184359e6063c272d4b867f7d2c12

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e8547c4e9578fec-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRN7B43sTXhINbv4TjiErkonGC%2B2bsmPmTH3l8zp9G5BxPPr6D9MC9Ys%2BcQg6ugN7JE%2B0dCrlnfYYKw9Pqa8rOK8RMDbpDV%2FWnxT4NdngO5bMA%2Bb6eAAxI5SjNHdWtKhdGc5Cus%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ouo.press
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-s94j

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 62ms
45ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ouo.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-s94j
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SakQfMviTuAEQqSXu1bAglNC2DNsk%2BcYr6D%2B8JrVbw3ZRb9Vxr6GjZaSVn3tIdsiMRNJ8PEHj7nA8npIuP5CAlmkxMSTdfVmp%2FzD3pJemiCb%2FaMMZh1R4zJxaGgjv6WM1EvYnIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e8547c498a58fec-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame EFE7 2 KB
2 KB 35ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=OGcOFJyqGYcju8j7rI5paKB8cokkjDC2&g=ee037900754e55608ec107e747c300cc%2F7563766144627536384&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1646676547366&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3D0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0%3Bcrtbdata%3DM9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2%3Badfibeg%3D0%3Bcdata%3DbOtQMMiWTw8Sc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2Ty86Jz6kRvSt9oeHwCI_8fUXx6LxiWNZRbb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0Gen5bwGRbCSH30gLtdl7v46tybq2xB-7EpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f2l2t9v%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0bbddaaa7533d6f001fe547757396c005d44c83b02c2d7520a67c709d4a5d3c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e8547c5386f8ff4-FRA
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame EFE7 81 KB
11 KB 44ms
41ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=OGcOFJyqGYcju8j7rI5paKB8cokkjDC2&g=ee037900754e55608ec107e747c300cc%2F7563766144627536384&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1646676547366&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3D0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0%3Bcrtbdata%3DM9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2%3Badfibeg%3D0%3Bcdata%3DbOtQMMiWTw8Sc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2Ty86Jz6kRvSt9oeHwCI_8fUXx6LxiWNZRbb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0Gen5bwGRbCSH30gLtdl7v46tybq2xB-7EpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f2l2t9v%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=OGcOFJyqGYcju8j7rI5paKB8cokkjDC2&g=ee037900754e55608ec107e747c300cc%2F7563766144627536384&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1646676547366&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3D0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0%3Bcrtbdata%3DM9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2%3Badfibeg%3D0%3Bcdata%3DbOtQMMiWTw8Sc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2Ty86Jz6kRvSt9oeHwCI_8fUXx6LxiWNZRbb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0Gen5bwGRbCSH30gLtdl7v46tybq2xB-7EpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f2l2t9v%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1153150
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Tue, 22 Feb 2022 09:49:57 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6e8547c58ec18fe6-FRA
cf-bgj: minify

GET
H2 200 32474425E8363839F28732C5112202E39B2E81CCA0BED9ED84241FD0C5FAC377B9D6617652E2E0CE16FD32E4A4F73456745E6AA24ABFDCFE73F55E082D4AC023
assets.ad4m.at/product_image/ Frame EFE7 12 KB
13 KB 28ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/32474425E8363839F28732C5112202E39B2E81CCA0BED9ED84241FD0C5FAC377B9D6617652E2E0CE16FD32E4A4F73456745E6AA24ABFDCFE73F55E082D4AC023
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=OGcOFJyqGYcju8j7rI5paKB8cokkjDC2&g=ee037900754e55608ec107e747c300cc%2F7563766144627536384&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1646676547366&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3D0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0%3Bcrtbdata%3DM9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2%3Badfibeg%3D0%3Bcdata%3DbOtQMMiWTw8Sc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2Ty86Jz6kRvSt9oeHwCI_8fUXx6LxiWNZRbb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0Gen5bwGRbCSH30gLtdl7v46tybq2xB-7EpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f2l2t9v%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 487be7a230db36c303bf24c9f5dedd44a7d39b3e0a3eb05b7c96153c9f90f726

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=GXgAjA==, md5=5QJ8TdgDXKlS1IL38AWanA==
date: Mon, 07 Mar 2022 18:09:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145440
cf-polished: qual=85, origFmt=jpeg, origSize=27876
x-guploader-uploadid: ADPycdu9gtzN9TU9vcFH8NFsc8t0euMD5dwZASvt9ZkcQ-vkJPK_hGweTyPLlRVtwCZ0-QlCowVr7-VjGCSyvA5OASo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12182
last-modified: Tue, 01 Mar 2022 17:02:37 GMT
server: cloudflare
etag: "e5027c4dd8035ca952d482f7f0059a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzPMNbfHJ3gMBzls2c7tpC2cq%2F8ePSE8hePIYr7HViSCMzEBpiSvr5gg0z9xjOtaMC%2BlRvVFgfyDBPDxL0Y7h5119005CSy1Py5IxQl0qQ1eLgEYsr5nJK1a6iy65orPSvIHgnsh8fvESJYu"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1646047574107457
content-type: image/webp
expires: Tue, 08 Mar 2022 18:09:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 27876
accept-ranges: bytes
cf-ray: 6e8547c5890e8ff4-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ Frame 057C 85 KB
27 KB 64ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Mar 2022 18:09:07 GMT

GET
H3 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame 6B3D 753 B
1013 B 40ms
39ms Script
application/x-javascript 2606:4700:3035::6815:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: ouo.press
URL: https://ouo.press/2l2t9v
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3564637
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
etag: W/"5f98e4fc-2f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQOKkumvCorFGLDqeD2%2FkQIxFeqvMQq%2B6Fr8GrF%2FvJvzwLNwNE3Y0Ap4DPaNeFvNK3CD5lJFZi5CeYsVjYpraHUCR%2ByY55QTrpw1BF6GTixIdj0g%2FvXQhK4hIGpQ4hTFIEi5V%2B3mqV8C2lhr7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 6e8547c70f5c92a8-FRA
expires: Fri, 20 Jan 2023 11:58:30 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 17ms
17ms Image
image/gif 92.122.146.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fas.ad4m.at%2Fad%2Frar%3Fa%3D164572%26b%3D54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1%26f%3Dprgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE%26c%3D728%26d%3D90%26e%3DOGcOFJyqGYcju8j7rI5paKB8cokkjDC2%26g%3Dee037900754e55608ec107e747c300cc%252F7563766144627536384%26i%3D27903%26j%3D22%26k%3D0%26l%3D0%26m%3D0%26n%3D%26p%3D%26q%3D%26o%3DadfPros%26r%3D1646676547366%26h%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D38516439%253Bcrtbwp%253D0.023704-99lk8MZmmBTA5R9pomzGBJsefDJtLuxm0%253Bcrtbdata%253DM9-Z3hVKlYSwdiYkQVqRiirq1Cwf9RxQECEBFyBh_f_EMIUS8tdHJJorXCVsXvA6dfbojnNZZ6Fd9ss_d1vZf57Q4bjsQB-7kDHiAaBs9oAvtIHWNL3wk-SuqKIzBNerQitrX_YJtx4O0pBzFxrLUv2Kp8RDIUT7v3kqXO8ieffz2b3_1r_7JZFX5BwTjk0bKQZMCNnsxr0AYSG219oeWg2%253Badfibeg%253D0%253Bcdata%253DbOtQMMiWTw8Sc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2Ty86Jz6kRvSt9oeHwCI_8fUXx6LxiWNZRbb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0Gen5bwGRbCSH30gLtdl7v46tybq2xB-7EpnkTpCdy6-w2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fouo.press%25252f2l2t9v%253BC%253D1%253Bcpdir%253D%26y%3D1%26z%3D0&i=EMX_SSP_DISPLAY1&ol=3876742770&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-blcpsj5UIp%2B9WA%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F2l2t9v&id=1&ii=4&f=0&j=&t=1646676547115&de=957099675282&cu=1646676547115&m=586&ar=359f21c1e97-clean&iw=33c6e96&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1793&le=1&gm=1&io=1&fx=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A596%3A1197%3A2322%3A1152&as=0&ag=87&an=0&gf=87&gg=0&ix=87&ic=87&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=87&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=173&cd=0&ah=173&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=214586961&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.146.218 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-146-218.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Mar 2022 18:09:07 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 69AE 97 KB
31 KB 27ms
27ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 21:31:17 GMT
server: nginx
etag: W/"62194aa5-18342"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Mar 2022 18:09:07 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame 6B3D 296 B
486 B 169ms
169ms Script
application/javascript 35.163.34.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=567728073&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.34.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-34-104.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
server: nginx
content-length: 296
content-type: application/javascript

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D064 13 KB
5 KB 18ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2326
date: Mon, 07 Mar 2022 18:09:07 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 057C 97 KB
31 KB 65ms
30ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 21:31:17 GMT
server: nginx
etag: W/"62194aa5-18342"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Mar 2022 18:09:07 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2281 13 KB
5 KB 22ms
21ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 5568
date: Mon, 07 Mar 2022 18:09:06 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 69AE 97 KB
31 KB 43ms
42ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 21:31:17 GMT
server: nginx
etag: W/"62194aa5-18342"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Mar 2022 18:09:07 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D064
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=WVb2Hl9tTzNzajFWZ1lYRGZ1aXVxMmxyM1VkSXJFZU1SS2tDNHpSS2FJWiUyRiUyRmxJSEl5Uk1BMW1x...
https://mug.criteo.com/sid?cpp=uOW0s3xDM3Y3OEdSRklYM2xLdmw3dUh2anFaVllsOFc1ZlNxS1BZSEd0cjhtSnU0SW50TE1IMFhLUTdpdTk3cjNzR2s2eVBIdmtLNlRnTWJwdGRzRVpBdnVYUENGNzZtcmNMdlA0d2ZFSHJYUlpHVGlzZXRHOFlvQ3UrSW...

433 B
633 B

37ms
36ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uOW0s3xDM3Y3OEdSRklYM2xLdmw3dUh2anFaVllsOFc1ZlNxS1BZSEd0cjhtSnU0SW50TE1IMFhLUTdpdTk3cjNzR2s2eVBIdmtLNlRnTWJwdGRzRVpBdnVYUENGNzZtcmNMdlA0d2ZFSHJYUlpHVGlzZXRHOFlvQ3UrSWFrdGFrZ2JiWGtDc1pCU2hRNFpGSGhXS3V4bWxjT1YzalY3bGUwTkFsRkplaHVtRzZKMElnakRhUWU2anUzUUNMREdza0orSzd0c1diR2RIbVUyd3VzUW03WHRoUmcxWmNjUkw2cUFRMWpBTFNNWkYyWkVFc2g4dmk5Z2QwejdsMUlNZWxYZHpNbTgrZVlBNlpXWnc0Y1pxcDRFd291SFZ3QTdZdlAxSkluRDh0clhXZTQ3az18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f4b7dbf91e2408730a739bf65ef0be94a421f9e2b1039d0cb6315e891d967971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:07 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3849
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:06 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=uOW0s3xDM3Y3OEdSRklYM2xLdmw3dUh2anFaVllsOFc1ZlNxS1BZSEd0cjhtSnU0SW50TE1IMFhLUTdpdTk3cjNzR2s2eVBIdmtLNlRnTWJwdGRzRVpBdnVYUENGNzZtcmNMdlA0d2ZFSHJYUlpHVGlzZXRHOFlvQ3UrSWFrdGFrZ2JiWGtDc1pCU2hRNFpGSGhXS3V4bWxjT1YzalY3bGUwTkFsRkplaHVtRzZKMElnakRhUWU2anUzUUNMREdza0orSzd0c1diR2RIbVUyd3VzUW03WHRoUmcxWmNjUkw2cUFRMWpBTFNNWkYyWkVFc2g4dmk5Z2QwejdsMUlNZWxYZHpNbTgrZVlBNlpXWnc0Y1pxcDRFd291SFZ3QTdZdlAxSkluRDh0clhXZTQ3az18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1877
content-length: 567
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2281
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=WVb2Hl9tTzNzajFWZ1lYRGZ1aXVxMmxyM1VkSXJFZU1SS2tDNHpSS2FJWiUyRiUyRmxJSEl5Uk1BMW1x...
https://mug.criteo.com/sid?cpp=o2-6DXw0b05qM2hQV2p0Vk9mZjZkRGZxV0RrTDZOTS8zMHVzL0taMEdFR3h0eldVKzFmRmMxTHBFZHlYUmxQOWh0YmtIeVhoMy9VUVJ2OEJ0N3FyTmhIRzBOKzBzNzRKUG54dVBvc3N0QkI0ZmNkTUNHVDFEN3RHT0Q3dE...

430 B
635 B

38ms
38ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=o2-6DXw0b05qM2hQV2p0Vk9mZjZkRGZxV0RrTDZOTS8zMHVzL0taMEdFR3h0eldVKzFmRmMxTHBFZHlYUmxQOWh0YmtIeVhoMy9VUVJ2OEJ0N3FyTmhIRzBOKzBzNzRKUG54dVBvc3N0QkI0ZmNkTUNHVDFEN3RHT0Q3dE40VkZvRUE2dzFmcWxWSlBQRHJTZGNDa0tQL3JUb0NQakJPc2V2QVJBVDV5cGtWVzVxTUY3eERZRXRPNlFBTVljL2QydVJnbk5rdWRjYjNSU1UxYlJkSEpJTW9TcUlqK3NPVVpyRXZrc1I3eEFVNFg2SWVGQzlyUE51eXFiV2YzWmJwT1RNV0lBMkZLcG4wYzh2cHR5ZVFSamdjdEVhQVN4L0JvNEFmdTcyQ25GYVFmenQ2Zz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b5de199f18610b1db8fa17a75b8775c8b5b43fec838f7e1817d7cc1dec7f4fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:07 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3433
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:07 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=o2-6DXw0b05qM2hQV2p0Vk9mZjZkRGZxV0RrTDZOTS8zMHVzL0taMEdFR3h0eldVKzFmRmMxTHBFZHlYUmxQOWh0YmtIeVhoMy9VUVJ2OEJ0N3FyTmhIRzBOKzBzNzRKUG54dVBvc3N0QkI0ZmNkTUNHVDFEN3RHT0Q3dE40VkZvRUE2dzFmcWxWSlBQRHJTZGNDa0tQL3JUb0NQakJPc2V2QVJBVDV5cGtWVzVxTUY3eERZRXRPNlFBTVljL2QydVJnbk5rdWRjYjNSU1UxYlJkSEpJTW9TcUlqK3NPVVpyRXZrc1I3eEFVNFg2SWVGQzlyUE51eXFiV2YzWmJwT1RNV0lBMkZLcG4wYzh2cHR5ZVFSamdjdEVhQVN4L0JvNEFmdTcyQ25GYVFmenQ2Zz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2043
content-length: 567
expires: 0

GET
H2 200 adtrue.ouo.press.991771.js Show response
jsc.adskeeper.com/a/d/ Frame 6B3D 2 KB
1 KB 50ms
15ms Script
text/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=567728073&ref=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb90a8774aa9167be826bab2c4c178495e7362c695b8af8f13b6cf038db0e20e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6480
cf-ray: 6e8547c879829b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 745
x-amz-id-2: 8ydgnfjC7y+SUTIBCQQOR4yIVLGsQAmuvPlSpyf+kSOuh6+zwZCz10/zPxxanglZQm/znfVQbUQ=
last-modified: Fri, 04 Feb 2022 11:19:57 GMT
server: cloudflare
etag: "aef0043370d859b0e8b6b8c06254bdef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 368SF7CE539R97T3
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 07 Mar 2022 22:09:07 GMT

GET
H3 200 adtrue.ouo.press.991771.es6.js Show response
jsc.adskeeper.com/a/d/ Frame 6B3D 229 KB
70 KB 34ms
21ms Script
text/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61586690dee1bbaef49feed5d250af279d49aaf551db56f480f779653c79402b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:07 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 153
cf-ray: 6e8547c8b8019b46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70695
x-amz-id-2: khX0/ekGbh0WNfniM/v26q5/vuEnP3MLwCv/30m81E39lA4nVqa+/PFldP46CDRMzsnEiQHwhAs=
last-modified: Fri, 04 Feb 2022 11:19:58 GMT
server: cloudflare
etag: "693f5f355368964e9c4001044bace94a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: PX39C5540H444QCG
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 07 Mar 2022 22:09:07 GMT

GET
H/1.1 200
OK /
imp.emxdgt.com/view/ Frame 352E 0
129 B 421ms
96ms Image
text/javscript 34.230.115.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imp.emxdgt.com/view/?cp=0.02210&ts=1646676546&adom=acer.com&seat=70&w=728&h=90&pb=0.01768&sid=9316&tid=122081&pid=1312&uid=74781646676545689998f1&wid=21&dom=ouo.press&tp=0.02210&mt=1&dt=2&st=1&os=&ip=217.64.151.31&sz=&country=SE&region=AB&city=Stockholm&zip=&dma=&agency_id=0&cluster=hb&browser=chrome&rf=ouo.press&data_fee_type=&data_fee=0&cat=19&crid=70_38516439&burl=https://ghent-aws-fr.bidswitch.net/win_notice/emxdigital_bid?rid=Uqo5YL0bPrHMtbU7KST8k5D0kn_wxNZYwnO7CbpLArNwBCtXOijbEMwT_fwxy8pMS6hQI0V6LCKEWmJ3ers0teFAJlAuDZqMk0t75h6WieKAS6DaWg2Q-kuJa4zbw8lL-RxLbsrA084EXsxpskeRGSwW6c5WmmdsbmNRLyHzHUe4wPMGwXFWzpLA7yBQIl2IFa6tkwiFkjYY-kz7JjN0dZNga2rt0jLDEN7FRiKzdgCGlEsz9RnUvMcKgSlBRi8uNC7-z_c4oYjFZpyo4IMcRU7S6GqHD-_OZb_jSIVHaAq4oXMbMr2unofONbMMTx-aabADAbkatz5aJQeiQX4o4Rw8C3gHbXzs_AFbwmKRdYPN6jWqMylw9UYgdBL6SOuDYizdah6EqZ8LGe7KnACWyirdYe2xRBxuaSzcdo3I37_f7E1K9-fLl5flUJPy9F4er_eqR3YBV_vcJMpN1g1r-dB-WayBTefV1CS3nDuA4rAlY13SzfvgLnU64ZzISFRXDmFkKUtXw5pNlRsITr7wqYh0LcUccvL2tdL_OibA6IuziYAnbYvNPJkplyPIwEU0HulcH3RUagl9aM9enpT9ZMX7ZUNpy9RlGpIizPQkvuzh_qlPh-Ybjulyl-MzD4_Eopiw_IPeLKqxidq5WtAsFKoxarAo-n9s-8dd4Yx7TjlNgVwYNhHI6WCjj_hfYcoRJ4U3Uc_RKvJyNY3tSb2MJu84ZlJkGf3EjteHHYXc6IogQBB7GkJuwGJvNRBzIE2V3vOCByfSSjoNzs6SOxl9lRc81lsjVGrhCqh3NCAsxZCV&p=${EMX_BURL}&aid=&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzRFVxbzVZTDBiUHJITXRiVTdLU1Q4azVEMGtuX3d4TlpZd25PN0NicExBck53QkN0WE9pamJFTXdUX2Z3eHk4cE1TNmhRSTBWNkxDS0VXbUozZXJzMHRlRkFKbEF1RFpxTWswdDc1aDZXaWVLQVM2RGFXZzJRLWt1SmE0emJ3OGxMLVJ4TGJzckEwODRFWHN4cHNrZVJHU3dXNmM1V21tZHNibU5STHlIekhVZTR3UE1Hd1hGV3pwTEE3eUJRSWwySUZhNnRrd2lGa2pZWS1rejdKak4wZFpOZ2EycnQwakxERU43RlJpS3pkZ0NHbEVzejlSblV2TWNLZ1NsQlJpOHVOQzctel9jNG9ZakZacHlvNElNY1JVN1M2R3FIRC1fT1piX2pTSVZIYUFxNG9YTWJNcjJ1bm9mT05iTU1UeC1hYWJBREFia2F0ejVhSlFlaVFYNG80Unc4QzNnSGJYenNfQUZid21LUmRZUE42aldxTXlsdzlVWWdkQkw2U091RFlpemRhaDZFcVo4TEdlN0tuQUNXeWlyZFllMnhSQnh1YVN6Y2RvM0kzN19mN0UxSzktZkxsNWZsVUpQeTlGNGVyX2VxUjNZQlZfdmNKTXBOMWcxci1kQi1XYXlCVGVmVjFDUzNuRHVBNHJBbFkxM1N6ZnZnTG5VNjRaeklTRlJYRG1Ga0tVdFh3NXBObFJzSVRyN3dxWWgwTGNVY2N2TDJ0ZExfT2liQTZJdXppWUFuYll2TlBKa3BseVBJd0VVMEh1bGNIM1JVYWdsOWFNOWVucFQ5Wk1YN1pVTnB5OVJsR3BJaXpQUWt2dXpoX3FsUGgtWWJqdWx5bC1NekQ0X0VvcGl3X0lQZUxLcXhpZHE1V3RBc0ZLb3hhckFvLW45cy04ZGQ0WXg3VGpsTmdWd1lOaEhJNldDampfaGZZY29SSjRVM1VjX1JLdkp5TlkzdFNiMk1KdTg0WmxKa0dmM0VqdGVISFlYYzZJb2dRQkI3R2tKdXdHSnZOUkJ6SUUyVjN2T0NCeWZTU2pvTnpzNlNPeGw5bFJjODFsc2pWR3JoQ3FoM05DQXN4WkNWJTI2cCUzRCUyNCU3QkVNWF9CVVJMJTdEJTI2YWlkJTNE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.230.115.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-115-234.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 18:09:08 GMT
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/javscript

GET
H2 200 / Show response
c.adskeeper.com/pv/ Frame 6B3D 0
306 B 38ms
29ms Script
text/plain 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?pv=5&cbuster=1646676548377839241647&uniqId=04295&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fouo.press%2F2l2t9v&cxurl=https%3A%2F%2Fouo.press%2F2l2t9v&lu=https%3A%2F%2Fouo.press%2F2l2t9v&sessionId=62264a44-02d36&pageView=1&pvid=17f65921b1a927a1786&site=624865&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6e8547cb79c89b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 6B3D 4 KB
2 KB 58ms
30ms Image
image/svg+xml 104.19.132.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 3420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PQQY40JG1BTA00NB
x-amz-id-2: jn8iFc6HIZ78ziSodiCEP66Q9ApPuT2TQqxEag+8wBEQ/l8XxqONp5qtUsNtHzGMPfbkonGCXqs=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6e8547cbaaf85cb0-FRA
expires: Mon, 07 Mar 2022 22:09:08 GMT

GET
H3 200 widget-ssp-performance
c.adskeeper.com/ Frame 6B3D 43 B
361 B 32ms
31ms Image
image/gif 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/widget-ssp-performance?time=39
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e8547cbaeee9b46-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.adskeeper.com/991771/ Frame 6B3D 1 KB
979 B 58ms
47ms Script
application/x-javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/991771/1?pv=5&cbuster=1646676548452241865806&uniqId=04295&niet=4g&nisd=false&jsv=es6&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fouo.press%2F2l2t9v&cxurl=https%3A%2F%2Fouo.press%2F2l2t9v&lu=https%3A%2F%2Fouo.press%2F2l2t9v&sessionId=62264a44-02d36&pageView=1&pvid=17f65921b1a927a1786&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 591572d762c7c233915fa42b8d90e338ae597a95e10648f289eeb1fd86280de5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6e8547cbeb089b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 widget-ssp-performance
c.adskeeper.com/ Frame 6B3D 43 B
361 B 36ms
35ms Image
image/gif 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/widget-ssp-performance?time=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e8547cc38509b46-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 6B3D 4 KB
2 KB 31ms
19ms Image
image/svg+xml 104.19.132.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 3420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PQQY40JG1BTA00NB
x-amz-id-2: jn8iFc6HIZ78ziSodiCEP66Q9ApPuT2TQqxEag+8wBEQ/l8XxqONp5qtUsNtHzGMPfbkonGCXqs=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6e8547cc6caa5c0e-FRA
expires: Mon, 07 Mar 2022 22:09:08 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWU2MjZjMWNlZTk5MzI5Z...
s-img.adskeeper.com/g/11533285/492x277/-/ Frame 6B3D 29 KB
30 KB 741ms
716ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/11533285/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWU2MjZjMWNlZTk5MzI5ZjMwMzkyZjYwZDliZmU0YmMuanBn.webp?v=1646676548-6GgMwqxp4gyvqYrZ2S0SHsz6_TaXsIfqWBMTjlrZUSY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12615c597206679a2abc11ddb75ae8d737a69bdb952c152bcec22485ae31e920

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:09 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jan 2022 07:58:13 GMT
x-mg-request-uuid: 1a8fad58-2a1d-4e11-b329-032364c98bf3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6e8547cc7c6f9110-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30160
server: cloudflare

GET
H2 200 i.js Show response
cm.adskeeper.com/ Frame 6B3D 0
160 B 155ms
139ms Script
application/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1646676548555616620414
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 18:09:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6e8547cc9c9d9b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame AD32 0
80 B 247ms
246ms Script
application/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1646676548572849473176
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 18:09:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6e8547cc9ca29b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 15ms
15ms Image
image/gif 92.122.146.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=3876742770&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-blcpsj5UIp%2B9WA%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F2l2t9v&id=1&ii=4&f=0&j=&t=1646676547115&de=957099675282&cu=1646676547115&m=1613&ar=359f21c1e97-clean&iw=33c6e96&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1793&le=1&gm=1&io=1&fx=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A596%3A1197%3A2322%3A1152&as=1&ag=1120&an=87&gi=1&gf=1120&gg=87&ix=1120&ic=1120&ez=1&ck=1120&kw=1005&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1120&bx=87&ci=1120&jz=1005&dj=1&aa=1&ad=1019&cn=0&gn=1&gk=1019&gl=0&ik=1019&co=1019&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=173&ah=1005&am=173&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1654979022&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.146.218 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-146-218.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Mar 2022 18:09:08 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 20ms
20ms Image
image/gif 92.122.146.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=3876742770&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-blcpsj5UIp%2B9WA%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F2l2t9v&id=1&ii=4&f=0&j=&t=1646676547115&de=957099675282&cu=1646676547115&m=1613&ar=359f21c1e97-clean&iw=33c6e96&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1793&le=1&gm=1&io=1&fx=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A596%3A1197%3A2322%3A1152&as=1&ag=1120&an=1120&gi=1&gf=1120&gg=1120&ix=1120&ic=1120&ez=1&ck=1120&kw=1005&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1120&bx=1120&ci=1120&jz=1005&dj=1&aa=1&ad=1019&cn=1019&gn=1&gk=1019&gl=1019&ik=1019&co=1019&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1009750383&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.146.218 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-146-218.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Mar 2022 18:09:08 GMT

POST
H/1.1 200 806.json Show response
id5-sync.com/g/v2/ Frame 69AE 212 B
526 B 47ms
16ms XHR
application/json 51.89.7.198
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/806.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.7.198 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p20.id5-sync.com

Software

Resource Hash

d50f8cc491170b5789a8693e569fb0fdc2be7171d4ec21a3140fcfcf8c71afbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ouo.press
Date: Mon, 07 Mar 2022 18:09:08 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 69AE 44 B
323 B 41ms
16ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Mar 2022 18:09:08 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 69AE 63 B
332 B 108ms
38ms XHR
application/json 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 672862525bebe2ba2acc6512e0762a31a71f12af60700682c758fc2af5be41a0

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ouo.press
cache-control: no-cache
x-server: 10.45.24.45
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 69AE 109 B
538 B 102ms
38ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 44451dadc411eafefba4991247e0fac2382bf8e947c601b908008658c637f52a

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Mar 2022 18:09:08 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 06 Apr 2022 18:09:08 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 16ms
16ms Image
image/gif 92.122.146.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=3876742770&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSArBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-blcpsj5UIp%2B9WA%3D%3D&sc=1&os=1-pA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F2l2t9v&id=1&ii=4&f=0&j=&t=1646676547115&de=957099675282&cu=1646676547115&m=1614&ar=359f21c1e97-clean&iw=33c6e96&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1793&le=1&gm=1&io=1&fx=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A596%3A1197%3A2322%3A1152&as=1&ag=1120&an=1120&gi=1&gf=1120&gg=1120&ix=1120&ic=1120&ez=1&ck=1120&kw=1005&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1120&bx=1120&ci=1120&jz=1005&dj=1&aa=1&ad=1019&cn=1019&gn=1&gk=1019&gl=1019&ik=1019&co=1019&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=894122287&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.146.218 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-146-218.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Mar 2022 18:09:08 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B4D3 281 B
554 B 64ms
7ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 Mar 2022 18:09:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame A49B 926 B
1 KB 15ms
15ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/

Response headers

Date: Mon, 07 Mar 2022 18:09:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 3073
Expires: Mon, 07 Mar 2022 18:10:08 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6e8547cdfa679b1f-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DF4A 52 KB
17 KB 57ms
8ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ouo.press/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 04 Mar 2022 06:18:14 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 07 Mar 2022 18:09:08 GMT
Age: 42649
X-Served-By: cache-lga21953-LGA, cache-hhn4021-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 5, 843084
X-Timer: S1646676549.845561,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B4D3 32 KB
10 KB 8ms
7ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 31f905374457a5300e13a4c80dc5220d85c84a903b1da9d2562ac53c2ed6353a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 18:09:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26427
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9535
Expires: Tue, 08 Mar 2022 01:29:35 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame DF4A
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
815 B

37ms
37ms

Script
text/html

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 18:09:08 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 09b4e8ff-d48e-4ad0-ba1d-17fa6d90f92b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 18:09:08 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 25cd65dc-202c-4de6-9f3b-ec3a148599df
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 352E 35 B
464 B 19ms
19ms Ping
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2015447608807446942@@38516439,7447823482484572501,100|1192|0|0|0|0|0|0|0||41|0|2639|eeef4a8a-a840-3ac8-9d45-ddb2b8d932a7_1|||1|0|0|MDgv3RhQTdC48M5tcwHHbXk7Q8xKEUXwyrX1Ty8Wcqum_6jiUpdOEhhpnBRkvb3lA7z_uuw_WOM1|||11|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ouo.press/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:08 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B4D3
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBIMFA2RTgtMjgtOThMQw==
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBIMFA2RTgtMjgtOThMQw==&google_tc=

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBIMFA2RTgtMjgtOThMQw==&google_tc=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBIMFA2RTgtMjgtOThMQw==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame B4D3 70 B
264 B 30ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame B4D3
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M3hTyFZbQfqVf4esH4t0pQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M3hTyFZbQfqVf4esH4t0pQ

43 B
556 B

105ms
105ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M3hTyFZbQfqVf4esH4t0pQ

Protocol

HTTP/1.1

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 18:09:09 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HZG0TXKN9NME2ZE2RN3J
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M3hTyFZbQfqVf4esH4t0pQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame B4D3
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0H0P6E8-28-98LC&sigv=1&esig=2~49a661bc71eab0b6978a5b495ce83e11d73145d9

0
194 B

74ms
21ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0H0P6E8-28-98LC&sigv=1&esig=2~49a661bc71eab0b6978a5b495ce83e11d73145d9

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:09 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0H0P6E8-28-98LC&sigv=1&esig=2~49a661bc71eab0b6978a5b495ce83e11d73145d9
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B4D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECKmmBHUdRszg-kMD3ejbwY&google_cver=1

0
239 B

42ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECKmmBHUdRszg-kMD3ejbwY&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECKmmBHUdRszg-kMD3ejbwY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame B4D3
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V2u-golITMWaMt7agEKkhQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=V2u-golITMWaMt7agEKkhQ

43 B
797 B

110ms
110ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=V2u-golITMWaMt7agEKkhQ

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 18:09:09 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NEJED113VYZD17QXHSY3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=V2u-golITMWaMt7agEKkhQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame B4D3
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0H0P6E8-28-98LC

0
708 B

196ms
144ms

Image
text/plain

2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0H0P6E8-28-98LC
Protocol: H2
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:09:08 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B6D6DD6FA582475799A3BA47E2BA7B4C Ref B: VIEEDGE1117 Ref C: 2022-03-07T18:09:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZpMLF0eT54aRdvL8nFQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0H0P6E8-28-98LC
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B4D3
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDQ4Y2U1NWQxNWUzYjhmOGY3ZWY2ODgyNzM3MGNmZTc2Yzg1YTFkNQ
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDQ4Y2U1NWQxNWUzYjhmOGY3ZWY2ODgyNzM3MGNmZTc2Yzg1YTFkNQ&google_tc=

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDQ4Y2U1NWQxNWUzYjhmOGY3ZWY2ODgyNzM3MGNmZTc2Yzg1YTFkNQ&google_tc=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:09:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDQ4Y2U1NWQxNWUzYjhmOGY3ZWY2ODgyNzM3MGNmZTc2Yzg1YTFkNQ&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DF4A 0
743 B 14ms
14ms Script
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 18:09:09 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 698c3428-7788-419b-809c-f0e40556aef5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET c
c.adskeeper.com/ Frame 6B3D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.adskeeper.com
URL: https://c.adskeeper.com/c?f=1&pv=3&v=300|250|12|IQVIri3nxQxUEP631tAozAwDe3z5olNQZD-TnexhpS0BIVFybIM1jeCAv8mBKRNN&fw=1&extjs=66044&cid=991771&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=aed4a823-9e41-11ec-9eb0-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=17f65921b1a927a1786&cbuster=1646676550372101581141&tpl=0

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 05:43:48	Name: _GRECAPTCHA Value: 09AMBQo-LRE5X62LZXlISom2lOSnq9WCp8Ul30I9_kpuoz6Lo4icpvw0If2kSzdflHdEu6VupnB-nPzueX2LllmMA
ouo.io/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6IlpUVzJTeHdlWHhDbHE1aDJ1K3U0VmlcL1ZQZ0NxbUdzeGU0NFh5ME1vRkxNPSIsInZhbHVlIjoiZWkxWXA3d2lqbmtFN1lDVHp6Y2swZnZsUHZwS29vRHEyM0ZnZk9YekMyR2x1TjR4VTByWEo2MzdiQ29zT1pBQXlyM05YNVExQVROYjZUMjdaQ1VIMXc9PSIsIm1hYyI6IjNiNjk1NGM4ZmRiMjYxYzIzMWRmNjRmMWEwNWIxYjNlZWQwNTMyZWM1OTU3ZDQ4YjUwZjM5NDI0YzZiNjYzNTcifQ%3D%3D
ouo.io/	1970-01-21 21:12:36	Name: language Value: eyJpdiI6IkhoQTlzT2VzdktJbHVQbitXQnc4SDVUOHhUNUtDYWFaRG1NSXlvcmZcL200PSIsInZhbHVlIjoia0lReHFWTks5NVVNTHhuVkJNNlhCMEQ3MTlkc2xIa1h2MGJ3eFJONENxND0iLCJtYWMiOiIxNDZjYTYwOWIxMTZkZTM4YmQ3MTZjYmRlNjI3NjBhZDM1ODdkNDYwMTIxY2FjNzRiNDJkODI2OGNjZTMyZmFlIn0%3D
ouo.io/	1970-01-20 01:24:43	Name: 5ee90282d1bd646d7f506de976428a49d8651d43 Value: eyJpdiI6InJ4RlZPekpLVkVGV0JcL0J3YzdBVUJQZ3ZxVStNNVE5dlRRbWhsTlVxT3JRPSIsInZhbHVlIjoiU05OV2xPcjlwVGl4ZHB2MThJMktuMmhXTkM0dGtNYmpGeHlESDZwZWk1QmlIR1JcLzFLcGlcL1JKdndnTjhHTnhkQzVEcCtQaG0rcnNpZVh6dlFiWit1SGhGc1BndTYwcElEMUQ3NVk4Tkhra3VPdlA3amFvcmJEd3ZLeUJpbFYzcGs1NlZIXC9KYTZiQ0tubmozWjRuRTlvTUFMTHljUVNCc1pEbXhiMngwdWVyMThTbkpxZ2NRajJUeDhJQklxWUNrc0JKZW5TVktKU3dSWXRTMHBLRDhURDRCOStpS2lyVmdWdHdqcWZ6M3E5dzl6V003SUgxT09FOFZlMkNkenFvSVhvUGJTaGVycjNDYUpJZkpFM094SDBDRmM0NllmYTdEM0tuMFFcL3kzV3VnSXp2Vko5T0lRNVdTSDZLazl1ZHkzN1c2RlE3NXM0TVNWOGpaUVVhRmxTQT09IiwibWFjIjoiZWI2ZDgzMjkwNTgyMGRiYWNkZjg4MTZmNTAzMDY2NDRiZmQwZmY0MDZkNDkyYzhhMTMyZTFiMmFiZTEwYTk2OCJ9
ouo.press/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6IjdVS1FuK2c1RWVEaFpHdHI4MFpKTUVnWlA1UnpCN1NYbDVnck5MaFNZSTQ9IiwidmFsdWUiOiJ6a2VsQlZ1TDg4Wkk2ODkwcmdzWFRNSGNLQlwvYmJSNDNlUVhQeTdjY1BCQ3JlV3ZDUk8zclNtb2x5d0tGR1FnOTkxdFhHcU1yWFpSTElTR0ZGYTRPaGc9PSIsIm1hYyI6IjcyMDU0YmMwNGFlYmNjMmYzODhhNzg3ZWFkNjZhMjRiZTU3YWM4MzY3YTIxOWM3MjAwZGI0YWY3ZWQ3NTc0YTgifQ%3D%3D
ouo.press/	1970-01-21 21:12:36	Name: language Value: eyJpdiI6IjhvSGZPXC9rSlh4amVsQVliY041VmJlU2o2U3gwQ3ZndE4zS1dFSFZEUHRZPSIsInZhbHVlIjoia3JiZDBlQ0NRNFVvaFc4RHhLTG9UYlV6T2lFZjl2ZWsyRU9UK1E3M2Ixcz0iLCJtYWMiOiJkZDdhMTUxZDA2MDI3NjA4MmEzNzEyMzNjM2ZkZmZjYTRlYTgxOGExMWM4YzFhMjRlNGE1NzY4MWMyZjlmOGEyIn0%3D
ouo.press/	1970-01-20 01:24:43	Name: 5d2f2d8a244bdb5dce448533edf159ab95d2785c Value: eyJpdiI6IlwvK0E2QmM3bTBIZUxJMlhrNjNXa1kxaVdFK3VxWmUyZmJqTENERDIraklFPSIsInZhbHVlIjoiUmoxZE1iSTFcL1FTNWIwckJsNEMyK2NxYXpndUJ1d2tubnFNSXMrU1dNUWk4QzhNNm12ZjVaakFCUXNtSDZsaTZnSXZvYlkwNlFtbEFoVWh4dEpyUU1IZmJOZnNJRFlhWTBObUN3VW5mOGFxeEhEVEtLekVGdFpCdDkwVzNaUkNkSVRwSk1tY2hHTGVmbG1BV283UE1FeFl5dHBva3g2WDdCXC9SeVwvd1c1eUlLcUsxQXdnMHhlTnlmeFc3VEppQXYwZmRDaVdoY1BoaU1xXC8xTlBTSzd5TTJTZ3I3VDRoMW1YWWQ2YWVlMkFPYnJ1RmUxQ0FKaUFkR0hrVTlrYWhYRGh4RWloYktIUUUwdnFQcjZUazF6eVdadTM2WW43M2k0OFwvWHZKXC9WTmRyd2FcL0FBc283OGxxSkNDNEQzY0FzdmxaWjRXZXdOUDN3STlKZWptcWV3d1d5RnJKZEZrbytwYWpKckJwNjhiZEozRlc1QlNtTHdMMmRlQVlhdjh6TnllZiIsIm1hYyI6ImZiMThjMTNiMjc2OTBjYTJmMGVkNmIzMDUxZWYyNjMwZjkyMmEzMDVjMGU0YmQxY2JiYzVjMjZiNjQ1MGZkMWMifQ%3D%3D
.ouo.press/	1970-01-20 01:24:38	Name: __cf_bm Value: Rlitb88c.tGcZ44h0oeMkL8MyrHvoDN9fV_407AAFls-1646676545-0-Afl4kGori5OCpYj3HhWWiYRRHtT91/Dca5wYLYUvnwjT/Ofi7dJQoDqmcKIrkfk5tV3mrZRDS3zKMQu6qXvDZ7E=
cdn.firstimpression.io/	1969-12-31 23:59:59	Name: OAID Value: GDPR
phallicuncut.com/	1970-01-20 01:26:02	Name: GL_UI4 Value: eJw9jVtOhDAYhYFycTJCPAkLcAlFZJRH4yJ8JH9pYepAOyl1iLu3MdGn8%2BVccqIoSuoK8S1nYF%2FU4fEkeuK87dtJNCf%2BIjhJatruiU%2BvzTOJDge9DZ7EonyK%2B1kZ5fQ4jFaqEg8h%2BnMuxu4mRSYcGVkiW0NjKVEIZ%2FdNuZohNbQq5O9nZ4NmK31ah6TvA2oTMOZI7Faz6oDiQxsZdtURScOrMo9wvC7kJ%2BvWQcs8RjY7kgrxG%2B5G8mq27huFVNvF2ytgFzn8939v2d5w5FLd9Bi%2BrT8r9wMevUpU
phallicuncut.com/	1970-01-20 01:26:02	Name: GL_GI10 Value: eJw9i1sOgjAURHmYClEwN3EBroCkiLIANf7oGhoCF9IPeptSjXX1ghq%2B5szJjOd5wTaFQGpIcl5mxyLjB57tOYQdEgTnC6xreihrnFBVj7C8oukr5YAZ7CSpBFY%2FEDU16M1tGiewqKV1CcRT%2FAehHDRE97wodzfbQKzQikEjjngio8lUFiGd7ffFQojkILShl2M%2BbKzs8U0KBbXtgHZU%2FpMFHz9TOxU%3D
.rubiconproject.com/	1970-01-20 10:10:12	Name: khaos Value: L0H0P6E8-28-98LC
.rubiconproject.com/	1970-01-20 10:10:12	Name: audit Value: 1\|hLZGFuTafB1cpNLnm6OcGCAkF7RiBdb4AgvEG2sPPZq/zJBpTbUTS2Qlk4G1Grd+oVU2gxcNTeSjJyCvVaOjObzwVI85VVVJ0A+VO7RH1E0=
.bidswitch.net/	1970-01-20 10:10:12	Name: c Value: 1646676546
.bidswitch.net/	1970-01-20 10:10:12	Name: tuuid_lu Value: 1646676546
.bidswitch.net/	1970-01-20 10:10:12	Name: tuuid Value: 35b5d350-2f23-4f80-a869-453deec19c28
.adform.net/	1970-01-20 02:09:11	Name: C Value: 1
.adform.net/	1970-01-20 02:50:56	Name: uid Value: 2015447608807446942
ouo.press/	1970-01-20 02:07:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.adform.net/	1970-01-20 01:34:41	Name: TPC Value: 1646676546742
.ouo.press/	1970-01-20 02:07:48	Name: pbjs-pubCommonId Value: 06a4229a-6f6b-42ef-98b8-82e28e656b0d
.ouo.press/	1970-01-20 01:26:02	Name: _gid Value: GA1.2.441565225.1646676547
.ouo.press/	1970-01-20 01:24:36	Name: _gat_UA-177299981-5 Value: 1
.ouo.press/	1970-01-20 18:55:48	Name: _ga_0DTZ6LRDBJ Value: GS1.1.1646676546.1.0.1646676546.60
.ouo.press/	1970-01-20 18:55:48	Name: _ga Value: GA1.1.1584060270.1646676547
ouo.press/	1969-12-31 23:59:59	Name: dt Value: 2022-03-07T18:09:06.889Z
ouo.press/	1970-01-20 10:46:12	Name: cto_bidid Value: j1iJtl9nTHhWS0pzOXdTNGVtU1lPSnl1UiUyRjNrQmlBNUpmQWNoNllheWxNJTJCUllOT2pFRCUyRlN5M29UUGF5NThQOEdETld0VThUUG5UVkVHYzNseFg0alh0SUJnZyUzRCUzRA
ouo.press/	1970-01-20 10:46:12	Name: cto_bundle Value: WVb2Hl9tTzNzajFWZ1lYRGZ1aXVxMmxyM1VkSXJFZU1SS2tDNHpSS2FJWiUyRiUyRmxJSEl5Uk1BMW1xektua2liWVdWMHBtVGlpanhFazFkRjBDdkczNHNxbDFFVk1EViUyRktkR01LdUxQeWJhJTJGeG5xRmVXOWtseXhUb1FDUGdha2ZKUXRFTFI2
.criteo.com/	1970-01-20 10:46:12	Name: uid Value: 721bcac8-1418-4d9e-9487-b2147192a8d0
.ouo.press/	1970-01-20 10:46:12	Name: cto_bundle Value: teVr2l9tTzNzajFWZ1lYRGZ1aXVxMmxyM1VjOXhJQ2EzaUxyWnRZUkd4NCUyQmJIOWNLZWxpREMwTVV2WHUlMkJuT1Y4ejllQUZoZWglMkY3cGNyMjRLem1tbDA2cHcwZlpLM0R5TXlhYUJZR1QlMkZ0SndGaUdiMHBqYmVQVjB6YlpOcDd3ZEZ3anIlMkJ5NENoUDZPc1I4NGM3VkdVdk9XTmVBJTNEJTNE
.adskeeper.com/	1970-01-25 20:31:23	Name: muidn Value: m278e_seE89a
servicer.adskeeper.com/	1970-01-20 01:24:37	Name: __mglb Value: f093cb96f37842cf40d0daae92270708
ouo.press/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%7D%2C%22C991771%22%3A%7B%22page%22%3A1%2C%22time%22%3A1646676548525%7D%7D
ouo.press/	1970-01-20 01:24:40	Name: _lr_retry_request Value: true
ouo.press/	1970-01-20 02:07:48	Name: _lr_env_src_ats Value: false
ouo.press/	1970-01-20 02:07:48	Name: id5_storage Value: %7B%22created_at%22%3A%222022-03-07T18%3A09%3A08.81605Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.adsrvr.org/	1970-01-20 10:10:12	Name: TDID Value: 01802f38-2019-4752-8be4-41ed5cc21718
ouo.press/	1970-01-20 02:51:00	Name: pubmatic-unifiedid Value: %7B%22TDID%22%3A%2201802f38-2019-4752-8be4-41ed5cc21718%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-07T18%3A09%3A08%22%7D
.ouo.press/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1646762948852
.adnxs.com/	1970-01-20 03:34:12	Name: uuid2 Value: 6814278619330109665
.doubleclick.net/	1970-01-20 10:46:12	Name: IDE Value: AHWqTUlssqK59jNASk0Njd7TP2n_UeSOZ7Yk-g7y4nmOudFJtZbt1HXzxuJPcFcXMYc
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:56:30	Name: bcookie Value: "v=2&cf33b65e-6c1e-44fa-82cf-73c95eeaec23"
.linkedin.com/	1970-01-20 18:41:39	Name: li_gc Value: MTswOzE2NDY2NzY1NDk7MjswMjEnbSvBx6hLDnl+Je+h4lWle2GSZmqP5/vIJe0heI7KGQ==
.linkedin.com/	1970-01-20 01:26:02	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2316:u=1:x=1:i=1646676549:t=1646762949:v=2:sig=AQHLLi6_YGUnKf4m-pfBxjFGzvEasCKT"
.amazon-adsystem.com/	1970-01-21 21:50:02	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 06:24:07	Name: ad-id Value: AzIlOiQILEFDp8Y2D04Z1UE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad4m.at
ads.pubmatic.com
ads.yahoo.com
analytics.google.com
api.rlcdn.com
as.ad4m.at
assets.ad4m.at
aws-fr-sync.bidswitch.net
aws-fr.bidswitch.net
bidder.criteo.com
biddr.brealtime.com
c.adskeeper.com
c.amazon-adsystem.com
c1.adform.net
cdn-adtrue.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.firstimpression.io
cdn.jsdelivr.net
cm.adskeeper.com
cm.g.doubleclick.net
e1.emxdgt.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
exchange.adtrue.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
imp-euro.emxdgt.com.
imp.emxdgt.com
itineraryupper.com
js.brealtime.com
jsc.adskeeper.com
match.adsrvr.org
mug.criteo.com
ouo.io
ouo.press
phallicuncut.com
pixel.rubiconproject.com
px.ads.linkedin.com
px.moatads.com
s-img.adskeeper.com
s.amazon-adsystem.com
s1.adform.net
servicer.adskeeper.com
static.criteo.net
stats.g.doubleclick.net
tag.1rx.io
token.rubiconproject.com
track.adform.net
video.your-notice.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
c.adskeeper.com
104.17.120.107
104.18.16.65
104.18.17.65
104.19.132.80
104.85.4.200
104.92.74.8
142.250.185.166
142.250.185.226
142.91.9.135
15.197.193.217
151.101.129.108
178.250.0.165
178.250.2.146
18.185.222.19
18.195.155.181
18.196.230.57
18.66.248.82
18.66.97.73
185.33.220.100
192.243.59.20
204.237.133.116
209.54.177.54
213.19.147.43
23.109.87.138
2602:803:c004:200::143
2606:4700:10::6816:3bfb
2606:4700:10::ac43:697
2606:4700:20::681a:ad1
2606:4700:3035::6815:8a9
2606:4700:3038::6815:ead7
2606:4700::6810:5514
2620:1ec:22::14
2a00:1288:80:807::1
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:813::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c06::9d
2a00:1450:400e:811::2003
2a02:2638::1c
2a02:2638::3
3.122.58.191
34.120.133.55
34.230.115.234
35.163.34.104
37.157.2.247
37.157.4.40
37.157.5.142
51.89.7.198
52.29.141.195
52.29.45.114
52.30.140.199
52.94.223.37
65.9.78.25
65.9.79.193
69.173.144.139
69.173.144.165
92.122.145.25
92.122.146.218
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
048c66a87893508d22358cabcedb8bd0c4a4779ba0bcd22f5984465411a393ca
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0048f65964a8f38770dd0864b98be44d696bca3aa7db85f1a2341774626077
12615c597206679a2abc11ddb75ae8d737a69bdb952c152bcec22485ae31e920
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
31f905374457a5300e13a4c80dc5220d85c84a903b1da9d2562ac53c2ed6353a
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ddab5e9b793d8ea924db245405898c13465522468cc0d867297f31079009db3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
44451dadc411eafefba4991247e0fac2382bf8e947c601b908008658c637f52a
487be7a230db36c303bf24c9f5dedd44a7d39b3e0a3eb05b7c96153c9f90f726
4f0ed4f3fd00dc3bed116fd03b4554f8e204be9a1552ca06cd5a5f334a884dc7
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
591572d762c7c233915fa42b8d90e338ae597a95e10648f289eeb1fd86280de5
61586690dee1bbaef49feed5d250af279d49aaf551db56f480f779653c79402b
617fc93ef78f96c82aabe074e1fb5b3073b020f22ea0953b366f2489d7516f83
657716e6a3197b4b7ee592a950cca6b905fb1548cfebf63acaa672b27de3f796
672862525bebe2ba2acc6512e0762a31a71f12af60700682c758fc2af5be41a0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
7acd3c93d9b6845fdfa1fff105625d10b0840134f580f3b7f129a0bac794b9bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8a02e1b2787fc81a83401b952ddcdebe7dfbf2b72fa49f78ece786fce4e9dc0c
8d149d060bf69874e2b9e11acf63ef3648521c87c7688d05744830ab2b2e3bd2
8d4abad6d1c160d53068f345412a5cf2abed184359e6063c272d4b867f7d2c12
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
abff3de1810d5f1b52b5cc99b7e4b29dc850b17aaa6523b289e4240a62cf0728
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3
b5de199f18610b1db8fa17a75b8775c8b5b43fec838f7e1817d7cc1dec7f4fd1
c211ab25cc0ecc4d7aab40eea326c62cf0b1ecaf7c810d5475f1fbaeb63941b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c9ea49b7336470b35fffad00bdc7db0d7f043a95201c706501422efed66b820d
cb90a8774aa9167be826bab2c4c178495e7362c695b8af8f13b6cf038db0e20e
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7f735d333453c31248849e87ca328710cff99564961d91e74561bfbbb41309
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d50f8cc491170b5789a8693e569fb0fdc2be7171d4ec21a3140fcfcf8c71afbb
d80c5e589d01a4960b7737680fe9bd09293cab9db77fcfb7de2d64a1f0361037
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62ea73458f8000b65cfaac2cb417bd4bb81b756e3db66dd78a403178f94d3c4
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e7e73df61ed4b2f96e42b14a60144eab3195a23ef2a2110f6645224fdc036c4a
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f
eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240
ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09cbba3a164821956fde3d0c50314fef3be7423ca0783b1d661d1b99e1e4128
f0bbddaaa7533d6f001fe547757396c005d44c83b02c2d7520a67c709d4a5d3c
f4b7dbf91e2408730a739bf65ef0be94a421f9e2b1039d0cb6315e891d967971
f51186752e2064fb17e40959ccb4986aa15002d57bf49745d1aa4e5959a1c34c
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f89938c79873cd609d75b6112604cbedf77695f1eeed40d179bc5a450d9680b3
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fb0afebc03130352b185e9b88985e5339d7d7d5bdd28a41034161270c5405448
fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

ouo.press Open in urlscan Pro 2606:4700:10::6816:3bfb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

88 %HTTPS

32 %IPv6

40 Domains

69 Subdomains

56 IPs

10 Countries

1628 kBTransfer

4544 kBSize

47 Cookies

0 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ouo.press Open in urlscan Pro
2606:4700:10::6816:3bfb Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

88 %
HTTPS

32 %
IPv6

40
Domains

69
Subdomains

56
IPs

10
Countries

1628 kB
Transfer

4544 kB
Size

47
Cookies

121 HTTP transactions
1 data transactions