urlscan.io logo urlscan.io
SecurityTrails logo

ouo.press Open in urlscan Pro
2606:4700:10::6816:3bfb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ouo.io/GpmJOo
Effective URL: https://ouo.press/GpmJOo
Submission Tags: falconsandbox
Submission: On May 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 8 countries across 44 domains to perform 131 HTTP transactions. The main IP is 2606:4700:10::6816:3bfb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 124303.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.
This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.255.6.120 7979 (SERVERS-COM)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.91.9.135 7979 (SERVERS-COM)
1 192.243.59.13 39572 (ADVANCEDH...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.66.97.111 16509 (AMAZON-02)
13 18.66.122.119 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.230 15169 (GOOGLE)
1 23.35.237.86 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.36.118.138 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 13.32.119.176 16509 (AMAZON-02)
1 213.19.147.43 3356 (LEVEL3)
6 37.252.172.123 29990 (ASN-APPNEX)
2 178.250.2.131 44788 (ASN-CRITE...)
1 35.158.247.23 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
12 23.35.228.23 16625 (AKAMAI-AS)
1 23.216.77.21 20940 (AKAMAI-ASN1)
1 23.35.236.188 16625 (AKAMAI-AS)
4 37.252.173.27 29990 (ASN-APPNEX)
2 23.35.236.201 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 6 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.2.146 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.216.77.34 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638::3 44788 (ASN-CRITE...)
7 172.64.151.192 13335 (CLOUDFLAR...)
2 104.19.133.80 13335 (CLOUDFLAR...)
1 104.18.36.64 13335 (CLOUDFLAR...)
1 141.95.98.66 16276 (OVH)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 18.202.70.186 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
2 151.101.193.108 54113 (FASTLY)
2 23.205.235.133 16625 (AKAMAI-AS)
1 104.17.120.107 13335 (CLOUDFLAR...)
6 7 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
4 6 142.250.186.34 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 3 52.46.130.91 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 3 52.95.115.196 16509 (AMAZON-02)
1 185.64.190.78 ()
131 55
1    2606:4700:10::6816:16a2 (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.io
5    2606:4700:10::6816:3bfb (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.press
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.255.6.120 (Netherlands)

ASN7979 (SERVERS-COM, US)
tv.gourdycortes.com
4    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    142.91.9.135 (Netherlands)

ASN7979 (SERVERS-COM, US)
video.your-notice.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
itineraryupper.com
3    2606:4700:3035::6815:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
1    18.66.97.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-111.fra56.r.cloudfront.net
ecdn.analysis.fi
13    18.66.122.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-119.fra60.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.36.118.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-118-138.us-west-2.compute.amazonaws.com
exchange.adtrue.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    13.32.119.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-176.fra60.r.cloudfront.net
c.amazon-adsystem.com
1    213.19.147.43 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
6    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    35.158.247.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-247-23.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
warp.media.net
lg3.media.net
hblg.media.net
1    23.216.77.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-21.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
cdn.adnxs.com
4    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:4700:3038::6815:ead6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adtrue.com
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    23.216.77.34 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-34.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    172.64.151.192 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
cm.adskeeper.com
2    104.19.133.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
1    104.18.36.64 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.com
1    141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    18.202.70.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-70-186.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
cdn.adnxs.com — Cisco Umbrella Rank: 1420
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7769
acdn.adnxs.com — Cisco Umbrella Rank: 596
84 KB
13 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 18380
cdn.firstimpression.io — Cisco Umbrella Rank: 19112
329 KB
12 media.net
contextual.media.net — Cisco Umbrella Rank: 526
warp.media.net — Cisco Umbrella Rank: 2373
lg3.media.net — Cisco Umbrella Rank: 3456
hblg.media.net — Cisco Umbrella Rank: 1491
158 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 393
mug.criteo.com — Cisco Umbrella Rank: 2669
dis.criteo.com Failed
17 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 288
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1187
82 KB
10 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
eus.rubiconproject.com — Cisco Umbrella Rank: 556
token.rubiconproject.com — Cisco Umbrella Rank: 692
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
21 KB
8 adskeeper.com
jsc.adskeeper.com — Cisco Umbrella Rank: 30892
c.adskeeper.com — Cisco Umbrella Rank: 18023
servicer.adskeeper.com — Cisco Umbrella Rank: 30112
s-img.adskeeper.com — Cisco Umbrella Rank: 19302
cm.adskeeper.com — Cisco Umbrella Rank: 34091
84 KB
8 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 202
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
2 KB
5 adtrue.com
cdn.adtrue.com — Cisco Umbrella Rank: 107921
exchange.adtrue.com — Cisco Umbrella Rank: 84545
87 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 7
analytics.google.com — Cisco Umbrella Rank: 685
41 KB
5 ouo.press
ouo.press — Cisco Umbrella Rank: 124303
32 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
332 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
84 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 439
hbopenbid.pubmatic.com Failed
image6.pubmatic.com
99 KB
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 832
id.rlcdn.com — Cisco Umbrella Rank: 598
355 B
2 adskeeper.co.uk
cdn.adskeeper.co.uk — Cisco Umbrella Rank: 28307
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
108 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1544
res-a.akamaihd.net — Cisco Umbrella Rank: 6392
25 KB
1 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1156
194 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 511
707 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2797
1 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
385 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1635
333 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 663
616 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5483
501 B
1 cdn-adtrue.com
cdn-adtrue.com — Cisco Umbrella Rank: 129173
905 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2157
154 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1277
165 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 432
10 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1327
3 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 24076
5 KB
1 itineraryupper.com
itineraryupper.com — Cisco Umbrella Rank: 236299
1 your-notice.com
video.your-notice.com — Cisco Umbrella Rank: 78706
743 B
1 gourdycortes.com
tv.gourdycortes.com
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
918 B
1 ouo.io
ouo.io — Cisco Umbrella Rank: 99849
1 KB
0 bidr.io Failed
match.prod.bidr.io Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 adition.com Failed
dsp.adfarm1.adition.com Failed
0 de17a.com Failed
d5p.de17a.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 adform.net Failed
c1.adform.net Failed
131 44
Domain Requested by
9 cdn.firstimpression.io ecdn.firstimpression.io
6 cm.g.doubleclick.net 4 redirects
6 gum.criteo.com 3 redirects static.criteo.net
6 ib.adnxs.com ecdn.firstimpression.io
cdn.adtrue.com
acdn.adnxs.com
5 contextual.media.net ecdn.firstimpression.io
contextual.media.net
ouo.press
5 c.amazon-adsystem.com ecdn.firstimpression.io
c.amazon-adsystem.com
5 ouo.press ouo.press
4 token.rubiconproject.com 4 redirects
4 mug.criteo.com ouo.press
4 lg3.media.net ouo.press
4 fra1-ib.adnxs.com ecdn.firstimpression.io
ouo.press
cdn.adnxs.com
4 ecdn.firstimpression.io ouo.press
ecdn.firstimpression.io
4 www.google.com ouo.press
www.gstatic.com
www.google.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 pixel.rubiconproject.com 2 redirects
3 s.amazon-adsystem.com 2 redirects
3 static.criteo.net cdn.adtrue.com
static.criteo.net
ecdn.firstimpression.io
3 www.gstatic.com www.google.com
3 cdn.adtrue.com ouo.press
exchange.adtrue.com
2 eus.rubiconproject.com ecdn.firstimpression.io
eus.rubiconproject.com
2 acdn.adnxs.com ecdn.firstimpression.io
cdn.adtrue.com
2 cm.adskeeper.com jsc.adskeeper.com
2 cdn.adskeeper.co.uk jsc.adskeeper.com
2 c.adskeeper.com jsc.adskeeper.com
2 jsc.adskeeper.com exchange.adtrue.com
jsc.adskeeper.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com cdn-adtrue.com
www.googletagmanager.com
2 hblg.media.net ouo.press
2 ads.pubmatic.com ouo.press
cdn.adtrue.com
2 bidder.criteo.com ecdn.firstimpression.io
cdn.adtrue.com
2 exchange.adtrue.com ouo.press
cdn.adtrue.com
1 image6.pubmatic.com ads.pubmatic.com
1 id.rlcdn.com
1 ads.yahoo.com
1 px.ads.linkedin.com
1 biddr.brealtime.com ecdn.firstimpression.io
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 s-img.adskeeper.com
1 servicer.adskeeper.com jsc.adskeeper.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 res-a.akamaihd.net ouo.press
1 cdn-adtrue.com exchange.adtrue.com
1 cdn.adnxs.com ecdn.firstimpression.io
1 warp.media.net ecdn.firstimpression.io
1 qsearch-a.akamaihd.net ecdn.firstimpression.io
1 fastlane.rubiconproject.com ecdn.firstimpression.io
1 hb.emxdgt.com ecdn.firstimpression.io
1 tag.1rx.io ecdn.firstimpression.io
1 cdn.jsdelivr.net ecdn.firstimpression.io
1 fonts.gstatic.com fonts.googleapis.com
1 widgets.outbrain.com ouo.press
1 ad.doubleclick.net ouo.press
1 ecdn.analysis.fi ouo.press
1 itineraryupper.com ouo.press
1 video.your-notice.com ouo.press
1 tv.gourdycortes.com ouo.press
1 fonts.googleapis.com ouo.press
1 ouo.io 1 redirects
0 match.prod.bidr.io Failed ads.pubmatic.com
0 sync.srv.stackadapt.com Failed ads.pubmatic.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
0 dsp.adfarm1.adition.com Failed ads.pubmatic.com
0 dis.criteo.com Failed ads.pubmatic.com
0 d5p.de17a.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 c1.adform.net Failed ads.pubmatic.com
0 hbopenbid.pubmatic.com Failed cdn.adtrue.com
131 72

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
tv.gourdycortes.com
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
your-notice.com
R3		 2022-05-05 -
2022-08-03		 3 months crt.sh
itineraryupper.com
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-08-14		 2 years crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh

This page contains 26 frames:

Primary Page: https://ouo.press/GpmJOo
Frame ID: 537F2BFDE0CE1EA2D59DB982149A42E3
Requests: 24 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FGpmJOo&cb=3335810654&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/GpmJOo
Frame ID: 9DE4A4C90D775C88569EE0E30DE4B699
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=473m1jaxzsac
Frame ID: 85279D959C92AD8A1E809A37451960B5
Requests: 5 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: FAD8EC1216D619EF826022B454D3A6BD
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Frame ID: 3C04A175D0EF287A83CD1ED59FC5A4E2
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: 74C98CA532EFAF82BF7F0461742C464B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: BAB67DF1198212CCA4BB0FE893106532
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: AE3AE0D68A47A98EC52402CE56C4A936
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8C64EBFF8AB668272204371C9915FAC1
Requests: 4 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 8C8C6A46F3430D53DAACA526AFA6F4DB
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: C2A420C02840F794FA2D3D4D1DF463CA
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: B88C84E4D8F096ADE9FB80D3AB157542
Requests: 2 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1653158344804243114713
Frame ID: 8AE33318D5E39E32031446108A137D69
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9D8BEDCCF54617692CDD2C00560C64FC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3FA32A74E90BF37C60416230598C68D0
Requests: 10 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 5042E9751216D55DD675DDC0112D1248
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0305CD58766EBD7E17AADD6F951E6AC6
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 48D454A0615FE5058A443538EEB09A58
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=CBCD4F50-227F-4FA0-8EC8-0B24C29258C3
Frame ID: AC7ECAC8C62AF754726BFBA22DBBD528
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 616517F6EE5014E2A2977C945CB4463A
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 6BDB72EBBBA6104C83FF7334E7F2CF83
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: B2E0EE7C6DCFBACBD1E35066218EC341
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9
Frame ID: 4F8C8FFE8DF9539D34599321C35F9DEF
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 1BB62F127F8257BA5F8F343D27B00FC2
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11
Frame ID: 0DF392AA3A2138C5730E23245761FD3E
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 37B49F85F840CF44A860DC63AE4B05E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

  1. https://ouo.io/GpmJOo HTTP 302
    https://ouo.press/GpmJOo Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

131
Requests

85 %
HTTPS

35 %
IPv6

44
Domains

72
Subdomains

55
IPs

8
Countries

1625 kB
Transfer

4493 kB
Size

38
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ouo.io/GpmJOo HTTP 302
    https://ouo.press/GpmJOo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=QfMtIHxhZ1VlM3BmVlVxUmV0YVF0dVhtcTF4TnZacXZvbm5zNzVuckxDVzdHNU9pck8yb05yeUxNY1Z6VUp2RmZRWjlEMVB3ajNyUUgxWkI5bEJ5OGh0QzZDL3lIWEMxRnhneXg5TDNGYXQvemdaZmc5SHdYYUp3dTdacHl5MCtIMW9LZGpXTVhHNXQ2R3RzZHFiWXRFV3JIMEdJWTUwbGFNaWdqQ1IxWXl1cFRMK0RIamZiMmtYR2tLcEJ6RDJ1Yk81LzdFNFdxNk5VMmNQWktaZmdYMlh0aWtTZmtCaHk2bDhNNncyV00vSDhRMzRVPXw&cppv=2
Request Chain 87
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=cBTUJ19DaHdDT216UWcxeFhLNENZYmVGSElLOW9SRHpmRUUzalk2Nm4yZzk3MSUyRnVvRHJvNiUyRmdndnNSZ1J6Z3NYQVVuQ3NaY0JScmNyV0VGaldGTFNjWVp3NThVc2ZuVW9aODBFcFdaNmJ6eVl2cVNqUUJuJTJGbFVZcSUyRjNZdTF6alNvNkV0&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=gY860Hw3UmpzK3huMWlNQnIxdEI2RG01eVlRemNvM3hRVVNVdE4xMTgxT29nRlBDYVliREVvcm1QUFRHREtSMGNrT1FwdjJGeXhUcWVWK0ZHakFiM1RLbnhjcXIwMGIxK2IrUUZQUXNEVXVuVjNYc1FzcG1oUytIanJ6NkdRYk81U1oveGxjWEFtSGo2Q1czaTQycWxwVDhrS2hSRW1QWGw2NnhQWU5LQXZCbWM1K3VCKzdUcUZJcjhKQWtSZmRPdEVDQUJybXdLSnNBc2U2akhQRmlKekh4aHRXbFhSM3VGQnFNSHoxdXZGMThBS2M4SHk4KzRhMW5mTXgwR09rTmpJQXU1Ris1RkxDb0J6REFPUFRKbFRib1YwUT09fA&cppv=2
Request Chain 94
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=cBTUJ19DaHdDT216UWcxeFhLNENZYmVGSElLOW9SRHpmRUUzalk2Nm4yZzk3MSUyRnVvRHJvNiUyRmdndnNSZ1J6Z3NYQVVuQ3NaY0JScmNyV0VGaldGTFNjWVp3NThVc2ZuVW9aODBFcFdaNmJ6eVl2cVNqUUJuJTJGbFVZcSUyRjNZdTF6alNvNkV0&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=RPjB_Xx1Mm1YQ0VsZlN2Z1EvRy9MbWFiSktVOURRbzA2OGkzUDYyK1lFTWpFeVlpVnRweDJrb01kMEc0YU55Y3pDSFJaMWh0dFFHQzVqdVNwOEZoUHRnZUsveTFQMmNYZW14cnY2R0ZtMFAxeUc5cjFuNjMvZlBxUmpDZmpNaVpLbUppU012c3g1R1hFQ3ErWlFLSG40ZEpCMEhPWWdkVGlaSGs4NGJWaWtlS25SZTYwWm1rRHFXQk8wZXRsVnE0WEdQK082TTJwc2ttWDdQdEFUdGYwY0VjZk8xSDRJb1hkYzVxeGNHaXd2Z3JvaTl6ejAzNUFTY0locDZDQkZvUTh0dVBXUnljVFdERms1enNndENqY3NvZXlJUT09fA&cppv=2
Request Chain 111
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3G7SKX4-L-I1B4
Request Chain 112
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHN1NLWDQtTC1JMUI0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHN1NLWDQtTC1JMUI0&google_tc=
Request Chain 113
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3G7SKX4-L-I1B4&sigv=1&esig=2~beefabec871715467e49b7f6ec6685b3cbdeeb66
Request Chain 114
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU5MDQ3OTBmYzQyZmE0Y2RjMTg3MzA4MzFkMTFiMjJiMGRiNWZiNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU5MDQ3OTBmYzQyZmE0Y2RjMTg3MzA4MzFkMTFiMjJiMGRiNWZiNw&google_tc=
Request Chain 115
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0mdeYglwTV-WZrB_OZnrgg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0mdeYglwTV-WZrB_OZnrgg
Request Chain 117
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=f9EnbfsITQ6g1XSI9QNL2g&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=f9EnbfsITQ6g1XSI9QNL2g
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEOF5CoBlgHDsOtViDzNhMI&google_cver=1

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request GpmJOo
ouo.press/
Redirect Chain
  • https://ouo.io/GpmJOo
  • https://ouo.press/GpmJOo
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
154e8ecb37668fbe80aab0c7f45aed840663e701684d62cb6714016d4d2de35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
70ef6eb358869bc4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 21 May 2022 18:39:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
70ef6eb1b93f90c7-FRA
content-type
text/html; charset=UTF-8
date
Sat, 21 May 2022 18:39:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ouo.press/GpmJOo
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		1020 B
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 21 May 2022 16:59:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 21 May 2022 18:39:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 May 2022 18:39:02 GMT
bootstrap.css
ouo.press/css/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/bootstrap.css
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/GpmJOo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12044
cf-polished
origSize=109522
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Sat, 14 Feb 2015 06:58:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"54def1fc-1abd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
70ef6eb4dc599bc4-FRA
expires
Sun, 22 May 2022 03:18:17 GMT
link-safe.css
ouo.press/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/link-safe.css
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/GpmJOo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12047
cf-polished
status=cannot_optimize
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Wed, 02 Oct 2019 21:46:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d951ace-1830"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
70ef6eb4dc5b9bc4-FRA
expires
Sun, 22 May 2022 03:18:14 GMT
48786
tv.gourdycortes.com/1clkn/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.gourdycortes.com/1clkn/48786
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.6.120 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 18:39:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Keep-Alive
timeout=20
api.js
www.google.com/recaptcha/ 		884 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8634c6aebd163b8ec8af15a57a1e482b3f354399cf1c600510a5bcbe67929f62
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Sat, 21 May 2022 18:39:01 GMT
html_102001.js
video.your-notice.com/ 		1 KB
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video.your-notice.com/html_102001.js
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
89be71f355d291d9fe367281422cd22efdad50c7d7a338bef42c1952d87828fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:38:02 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
ed36014633829dc70a42dccaefdf3f11.js
itineraryupper.com/ed/36/01/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 18:39:02 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type
application/javascript
Content-Length
0
async.js
cdn.adtrue.com/rtb/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10064064
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOTOP1yy7N8ttNEimhjDGhGKI5CA9SyA9f3FVoX17uTSVQefEkwMHXp7%2BZW50ndiFTuQ6b5Jke1G612sTKjctBHxXsNkiJ0n9aNDOVZNgRer%2FZCJmJLPp6wnkzQMAw%2BbX9wZfY6cPV9orRtH5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
70ef6eb619c0904c-FRA
expires
Fri, 20 Jan 2023 07:04:38 GMT
world.png
ouo.press/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouo.press/images/world.png
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/GpmJOo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1909215
cf-polished
status=not_needed
content-length
5692
x-xss-protection
1; mode=block
last-modified
Wed, 06 May 2015 05:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5549a07c-163c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Sun, 29 May 2022 16:18:47 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
70ef6eb5ce8c9bc4-FRA
cf-bgj
imgq:85,h2pri
email-decode.min.js
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/GpmJOo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 May 2022 19:29:40 GMT
server
cloudflare
etag
W/"6283f7a4-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
70ef6eb5be759bc4-FRA
vary
Accept-Encoding
expires
Mon, 23 May 2022 18:39:02 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-111.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:26:01 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
781
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
4240
x-amz-cf-id
IV6AyIDZaGQXOvQzliSgE_f3oFYhpn4cJwvO5eACqm57oZuT4QgiKA==
expires
Sat, 21 May 2022 19:26:01 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
8c3b6c02319a59ce6690e468d7bd99eab695904a8e43cdae4762f123734e0026
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 17:41:22 GMT
content-encoding
br
etag
W/"5c0ef9e027d40b55666c6e35b1c45c8f"
last-modified
Sat, 21 May 2022 17:41:22 UTC
server
nginx/1.20.0
age
3460
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
BpGV0CaFqIFZHFEoiVBB_BpZcvDMddOpEi14NL-_JWBKlsVUYJYnzg==
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 		365 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 17:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 May 2023 17:42:36 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 14:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14994
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 22 May 2022 14:29:08 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
last-modified
Sun, 01 May 2022 07:29:08 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1651391295.775433"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 20 Jun 2022 18:39:02 GMT
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:31:19 GMT
x-content-type-options
nosniff
age
256063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19292
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:12:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 19:31:19 GMT
impress
exchange.adtrue.com/delivery/ Frame 9DE4 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FGpmJOo&cb=3335810654&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/GpmJOo
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.118.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-118-138.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
abff3de1810d5f1b52b5cc99b7e4b29dc850b17aaa6523b289e4240a62cf0728

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
server
nginx
x-adtrue-instance
java2
content-length
4626
content-type
application/javascript
spc_fi.php
cdn.firstimpression.io/delivery/ 		26 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FGpmJOo&charset=UTF-8&ch=18&ref=ouo.press&viewerId=null&referer=&_firid=18816171
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
f52802b4c38a1aacfb58299c27b3a1f5096f648b8463315fa9e7dc1da6cd2eea

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://ouo.press
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
Xjfc6xESvCdxsL22Gsrq0YMu_jOeBC0vwzUMugSEmB7RS6CHtPo6BA==
expires
0
anchor
www.google.com/recaptcha/api2/ Frame 8527 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=473m1jaxzsac
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
72dbbce18267a319a74eb5d58e4669d103c4dea9abbbe62ca0657ad4e1b1e166
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vmjo7nhUIMfeOL9QYC17iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22154
content-security-policy
script-src 'report-sample' 'nonce-vmjo7nhUIMfeOL9QYC17iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 18:39:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
cdn.firstimpression.io/tracking/ 		2 B
406 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id
SASg3qEXW38W8fZLVD3sj75zyNX7rphKZRqFEiuJpJnAAvWTs01h4A==
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:27:22 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
700
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
_s6cKeT8g8w3xw6xiafiLFOkZ5Gw2iAHKVunKQj4-UIXgthVirHK6w==
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
expires
Sat, 21 May 2022 19:27:22 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
8874
age
33282
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA, cache-hhn4071-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o5U01IyNS986z8olCrWVXTeguqOFc4fle9PCjWAflcTe4IePbGJNp21dTZ24gjDgJTt2lNQGjCLMXce%2FRB4mqmUeINmDvCxVQY3XAz1G7YASrC1toLpID2LMgt3JFr2Ox9RLVXdWjCC29qcnxA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
70ef6eb8195f9b28-FRA
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-176.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
704
x-cache
Hit from cloudfront
server
Server
x-amz-rid
07VPHQ0X4HFHJAGQBSZV
date
Sat, 21 May 2022 18:27:18 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
p700q8vLUf5igYKYYY2ed9ou2ZbD0ZI7JGgF4TJsLh7lJBBD3yYYQQ==
fiamp.js
ecdn.firstimpression.io/static/js/ Frame FAD8 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:00:53 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 08:48:22 GMT
server
nginx/1.20.0
age
2289
etag
W/"624ff6d6-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
Plla2Ow7dTRNg0mh7a10G0dVrnT9piqo5R9ji53Swe-ywthpsH-HNg==
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
expires
Sat, 21 May 2022 19:00:53 GMT
truncated
/ 		592 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 8527 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=473m1jaxzsac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 17:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 May 2023 17:59:18 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 8527 		365 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=473m1jaxzsac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 17:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 May 2023 17:42:36 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame FAD8 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:27:22 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
700
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
ovuekX0pSgVJ4u3G3qYqsVH2Se2SqeX59fLAswZXWr9bt932_JPovg==
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
expires
Sat, 21 May 2022 19:27:22 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame FAD8 		1 B
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C88461%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C6%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459%7C110459
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
gzip
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
vqSVHpEspw9h1YUESoJ1nsneIHMC8JlspyEcj99C5zBmxzOvK_FkAA==
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
expires
0
mvo
tag.1rx.io/rmp/212927/0/ Frame FAD8 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
pragma
no-cache
date
Sat, 21 May 2022 18:39:02 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ Frame FAD8 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
874a578f11fa97ad6f97fd946bf3f55cf6ec58a9761229441462658999272cfc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 21 May 2022 18:39:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9cd4a19d-db4c-4a12-98fe-59ad05626ffe
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame FAD8 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
15aa6d5e0fe4fa2803ff888ffa708dd5fdfaf92f3cae0d126f72416f5cf5a2c9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 21 May 2022 18:39:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f1ab0d3f-8dff-49ab-a18d-6d083ac65418
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame FAD8 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=87896007091
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
hb.emxdgt.com/ Frame FAD8 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1653158342534&src=pbjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.247.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-247-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sat, 21 May 2022 18:39:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame FAD8 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FGpmJOo&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FGpmJOo&tg_i.page=https%3A%2F%2Fouo.press%2FGpmJOo&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=66640e79-cd87-4d7a-8faa-727827a99306&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6282720373282844
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
78d40f1d47bc079ed51a575bef59bfa80cac216d8fb94c40babd3fa87b5982b1

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:02 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7679
Expires
Wed, 17 Sep 1975 21:32:10 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame FAD8 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-176.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
704
x-cache
Hit from cloudfront
server
Server
x-amz-rid
07VPHQ0X4HFHJAGQBSZV
date
Sat, 21 May 2022 18:27:18 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
NE_cP-fUzb70NzjXqAjaS3yqzn-unVa5aixvY2VI91-AW1cCW2GxvA==
config
c.amazon-adsystem.com/cdn/prod/ Frame FAD8 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-176.fra60.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 15:14:52 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
server
Server
age
12249
x-cache
Hit from cloudfront
access-control-allow-origin
https://ouo.press
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
wZJlcJ7fynF-Ve9rIVXOu4dVB6vfX5f_JXCyFQY1nYp3BEPSQEIrfw==
bid
c.amazon-adsystem.com/e/dtb/ Frame FAD8 		23 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FGpmJOo&pid=vT5XBCCHwvZfY&cb=0&ws=728x90&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-176.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
K4469120Q79WQ813V97H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
-3D-iTJmRyjw-K-0WfuYY97qUW9ulktoSdH4h-KAe_8UORVdaLaEEQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame FAD8 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-176.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
57858
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Sat, 21 May 2022 02:34:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
c1SgQHLuSZ3OvJTPWvxBK6LGQUSGU7PGjHyz1tburVxDOv7xq60aHQ==
webworker.js
www.google.com/recaptcha/api2/ Frame 8527 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=473m1jaxzsac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=473m1jaxzsac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 21 May 2022 18:39:02 GMT
collect
cdn.firstimpression.io/tracking/ Frame FAD8 		2 B
405 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id
8u-4Bua-c_N77_PUCLvvALriOmDn6MX4AboStQsPg2yYvO_XN66rbg==
collect
cdn.firstimpression.io/tracking/ Frame FAD8 		2 B
406 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id
skzm5sQO8CM2IU7UnAwlCZ0i0pC6EWCOtT9ffQuyRLYj9TYMd-yCyQ==
collect
cdn.firstimpression.io/tracking/ Frame FAD8 		2 B
405 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id
tjjXrEazrin00jS_rlm9LE0mT8Ca2QEYsqCw9SM_YlMjZskKrkDaIQ==
v1
cdn.firstimpression.io/tracking/habit/ Frame FAD8 		2 B
406 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/habit/v1?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id
OEN6FhLwu8RQgMCzwLIdP-DHsuOKofm1EP23nAZp8DbNaUUPPSCKhw==
nmedianet.js
contextual.media.net/ Frame 3C04 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
142a769b571759c31ae540ce6f387561fec981fbc4ec029665cac698f6f064e9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-19
content-encoding
gzip
server
Apache
etag
"c03eb433d1353a970bf0c87cf4f0e223"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sat, 21 May 2022 18:39:02 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-34
expires
Sat, 21 May 2022 18:44:02 GMT
log
qsearch-a.akamaihd.net/ Frame 3C04 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=19050205&other_prv=9&jar_err=&current_day=6.0&adtyp=0&req_id=4505749776941165050&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=20.3098&exp=&second_bidder=*&search_res=44&floor_bucket=0.00&gpid_format=&seat=&size=728x90&url_l1=gpmjoo&f_seg=&prdp=0.0504&ogcbdp=0.0900&dfpbd=0.0504&server=1&ogerpm_wd_bkt=0-1&model_version=202204100739_generic_appn_2-cid_3&viewability=0.7100&dmm_r=0.3690&cut=44&dmm_l=0.0420&as_cache=0&tcyerpm=&sc=BY&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ouo.press%2Fgpmjoo%2F&bidrestime=1653158342632&cc=DE&strg=harmony&ss=&current_hour=18&time_stamp=2022-05-21+18%3A39%3A02&model_key=generic_appn_2-cid_3&rvshhon=&mul_ratio=0.0000&bdp=0.0900&ct=Rothenburg+Ob+Der+Tauber&akey=&mnckfl=0&bdp_bucket=0.10&algo=&dc=eu_be&splid=19050205&dim4=exploration&dn=ouo.press&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&buyer_id=&dmm_m10=1361427&bdp_wider_bucket=1&acid=6566d44c1ea64812880c17b64baee6b1&infl=&o_ver=NT+10.0&br_ver=101.0.4951.64&bdmm_m6=1.0000&bdmm_m7=0.6680&bdmm_m5=1.0000&ver=8.12.0&totalTimeBucket=4&visibility=0&totalTime=4091930&dmm_m1=2022-05-21+18%3A39%3A02.634201555&e_rpm=0.1540&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.6680&cid=8CU6M287B&bcrid=352460673&rawbid=0.0900&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-5f4649764d-8qkvv.BE&dfp_bucket=0.0&adblk=&itype=appnexus&pvid_seat=9&cliIP=3117783808&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=45&gpid=&iwb=1&dmm_d22=0.04&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.09
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-21.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:02 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 21 May 2022 18:39:02 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 3C04 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sat, 21 May 2022 18:39:02 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=59848
access-control-allow-credentials
true
content-length
62892
expires
Sun, 22 May 2022 11:16:30 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 3C04 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 18:39:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Sun, 21 May 2023 18:39:02 GMT
it
fra1-ib.adnxs.com/ Frame 3C04 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fouo.press%252FGpmJOo&e=wqT_3QLIBIBIAgAAAwDWAAUBCMbjpJQGELT1xY_56L6gCBgAKjYJmpkBAVCpPxEbL90kBoGlPxkAAAAghev1PyEREgApESTQMQAAAOBRuK4_MN3digk40RhAlQlIYFCBv4ioAVjRl2VgAGirgLkBeJ_YBYABAYoBA1VTRJIFBvD9mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCGGh0dHBzOi8vb3VvLnByZXNzL0dwbUpPb4ADAIgDAZADAJgDF6ADAaoDQBIYNDUwNTc0OTc3Njk0MTE2NTA1MF9zYmlkGhI1OTQ3NTE0MzU2MjI2NzcxNzIiCTM1MjQ2MDY3MyoFTTExNzPAA6wCyAMA2APcoKcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE2NqgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQlIViIBQGYBQCgBfrT_qrL8ejDPsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJSBgAIAAwADi6BkAAyAef2AXSBw0VdwE4CNoHBgknROAHAOoHAggA8Afs-wOKCAIQAA..&s=d0941e175c09b909d44c549e2f324dd4afca59f0
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:02 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
178cbdcc-48da-44a6-a345-2ab8d47e5d67
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
cdn.firstimpression.io/tracking/ Frame FAD8 		2 B
405 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id
BEHoRQBdX-jD4Ai3sXwCvAzCecM2z_cGcBWo6EB8MRVAj0KJkzzRdA==
reload
www.google.com/recaptcha/api2/ Frame 8527 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ca0c641794b61846b028382c9d78c95bab7bea336d35830df2db31b60a73bea5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=473m1jaxzsac
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18124
x-xss-protection
1; mode=block
expires
Sat, 21 May 2022 18:39:02 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 9DE4 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FGpmJOo&cb=3335810654&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/GpmJOo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7408198
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 14 Apr 2021 09:06:46 GMT
server
cloudflare
etag
W/"6076b0a6-3f06e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIHHxjHkvRkd07llllkhwIAKS7EUscngKCehx2DOaQO%2B47im0iYyTpWBXFKyZnUGQDiRgQIfN8N%2F5L%2BCVISWWatw%2FpIDui9JkR1R85O%2FRuKduUSyUX4fl5d%2Bty3nCJpd6V6JOJOCNByiUHADRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
70ef6eba9b226940-FRA
expires
Mon, 20 Feb 2023 00:49:04 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 9DE4 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:33:12 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3fca8-5cf4eee137dd8"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=23017
accept-ranges
bytes
content-type
text/javascript
content-length
80538
expires
Sun, 22 May 2022 01:02:39 GMT
ga.js
cdn-adtrue.com/track/ Frame 9DE4 		502 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FGpmJOo&cb=3335810654&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7445419
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Apr 2021 11:02:09 GMT
server
cloudflare
etag
W/"6066f9b1-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBW9BjDzhcSM41fG6CmVgtEFeYQQ90be6FSg7GwcjWddvI%2FV%2F%2FXGTQE%2FNsqPTxQwQ1OVCCJSYZs1Rc5TYyP0x34Ct3VFapn64iKWmikCwoztIwLz8p8hqtelvW2R7mzHb6OrDwaW1C3yVatgpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
70ef6ebad8705b86-FRA
expires
Sun, 19 Feb 2023 14:28:43 GMT
smtr
contextual.media.net/ Frame 3C04 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=211362147&size=728x90&cc=DE&chnm=HARMONY&pid=8PO15FLE3&tpid=TCOZEBG&https=1&vif=1&requrl=https%3A%2F%2Fouo.press%2FGpmJOo&nse=5&vi=1653158342416164631&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&bcpf=B48fOnRrolnfOur8z%2FBzqaNg&bdrId=9&ntv=0&katpre=1&katbid=-103&pgid=p1642385554t202205211839&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0974eff3bef9f915f9a67ceb86cd1bbf1d9a0e6d8f6bf3e4f9ce4017aa6f3028
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sat, 21 May 2022 18:39:03 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-jl7v
strict-transport-security
max-age=604800
timing-allow-origin
*
content-length
27310
x-sc-w
21-67x6
checksync.php
contextual.media.net/ Frame 74C9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4ba1ed4d3052c2e390e7e0dd7d742401a578004f5440f41bb9b38ca7c6b8c5dd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5747
content-type
text/html; charset=UTF-8
date
Sat, 21 May 2022 18:39:02 GMT
expires
Mon, 23 May 2022 18:39:02 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 3C04 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=513&&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&vi=1653158342416164631&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886994965&r=1653158342817&requrl=https%3A%2F%2Fouo.press%2FGpmJOo&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=39351&vgd_rakh=1653158342112598257&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p1642385554t202205211839&vgd_pgids=1&vgd_uspa=0&hvsid=00001653158342813031177838083900&gdpr=1&vgd_end=1
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Sat, 21 May 2022 18:39:02 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 21 May 2022 18:39:02 GMT
checksync.php
contextual.media.net/ Frame BAB6 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fbc4e3b4b5e7e59545fd56cbcd98961b0af06a5f9712970d200819546fc1259f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7841
content-type
text/html; charset=UTF-8
date
Sat, 21 May 2022 18:39:02 GMT
expires
Mon, 23 May 2022 18:39:02 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 3C04 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4658&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=4505749776941165050&s_city=frankfurt+am+main&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.090&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=227fcb8c&scrid=352460673&itypeid=16&mx_SPRIG=0&viewability=71&renderer=0&be=0&rtime=5.0&adj0=0.0&tmax=150&s_ip=37.252.173.75&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=4505749776941165050&sc=BY&mowxReqId=6566d44c1ea64812880c17b64baee6b1_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2FGpmJOo&bidrestime=1653158342632&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-21-5&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.090&ct=Rothenburg+Ob+Der+Tauber&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=39351&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=6566d44c1ea64812880c17b64baee6b1&actltime=20&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.050&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3153&bfs=103&rfc=1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460673&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2351%23%2313%23%2316%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1653158942887&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.050&csex=0&pvdTmax=111&ltime=19.0&epc=211362147&prvReqId=9491286260657_356155295_856004011191&zip=91541&exid=31&adl_wrapper=0&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&rtttime=25&apTags%3C%3E=75&mx_PC=1&wsip=mowx-5c9b44fcc5-44jsd&currsrc_date=2022-05-20+00%3A00%3A00&mx_divid=19050205&geoll=false&debug_ts=2022-05-21+18%3A39%3A02&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&pid=8PR113JGC&spTo=3&ecp=1.37&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-5f4649764d-8qkvv.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.09&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=594751435622677172&rme=adm&bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DROTHENBURGOBDERTAUBER~ref_cnt%3D1~r_ip%3D185.213.155.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D39351~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.04~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.042~dmm_r%3D0.369~e_rpm%3D0.154~dmm_m1%3D0.154~dmm_m2%3D0.062~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.668~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D0.668~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.968~dmm_m16%3D0.369~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D55979.821~dmm_m40%3D879507.000~dmm_m41%3D26.478~dmm_m42%3D351.000~dmm_m43%3D2.391~dmm_m44%3D0.968~dmm_m47%3D23878.000~dmm_m48%3D5746713.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.154~vbr%3D0~bid%3D0.090~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.710735%7Ecbdp%3D0.050%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.090%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~&utime=192&sf=0&cpr=0.8027143716883567
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
max-age=3600
date
Sat, 21 May 2022 18:39:02 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 22 May 2022 00:39:02 GMT
checksync.php
contextual.media.net/ Frame AE3A 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fbc4e3b4b5e7e59545fd56cbcd98961b0af06a5f9712970d200819546fc1259f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7841
content-type
text/html; charset=UTF-8
date
Sat, 21 May 2022 18:39:02 GMT
expires
Mon, 23 May 2022 18:39:02 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
rd_log
fra1-ib.adnxs.com/ Frame 3C04 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FGpmJOo&e=wqT_3QKIBIAIAgAAAwDWAAUBCMbjpJQGELT1xY_56L6gCBgAKjYJmpkBAVCpPxEbL90kBoGlPxkAAAAghev1PyEREgApESTQMQAAAOBRuK4_MN3digk40RhAlQlIYFCBv4ioAVjRl2VgAGirgLkBeJ_YBYABAYoBA1VTRJIFBvQgAZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAudD4ALDy1nqAhhodHRwczovL291by5wcmVzcy9HcG1KT2-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APcoKcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE2NqgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASBv4ioAYgFAZgFAKAF-tP-qsvx6MM-wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAANOwEBWBAAGADgBgHyBgIIAIAHAYgHAKAHAboHAahQABgAIAAwADi6BkAAyAef2AXSBw0JATQBAQEeDNoHBggFCUTgBwDqBwIIAPAH7PsDiggCEAA.&s=efade80dcb153e507afb5eb01dc2e00374e84c28&bdref=https%3A%2F%2Fouo.press%2FGpmJOo&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fouo.press%2FGpmJOo,https%3A%2F%2Fouo.press%2FGpmJOo,https%3A%2F%2Fouo.press%2FGpmJOo&
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:02 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e15776f7-5a52-421e-bbfd-73c63978d6ab
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 3C04 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FGpmJOo&e=wqT_3QLIBIBIAgAAAwDWAAUBCMbjpJQGELT1xY_56L6gCBgAKjYJmpkBAVCpPxEbL90kBoGlPxkAAAAghev1PyEREgApESTQMQAAAOBRuK4_MN3digk40RhAlQlIYFCBv4ioAVjRl2VgAGirgLkBeJ_YBYABAYoBA1VTRJIFBvD9mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCGGh0dHBzOi8vb3VvLnByZXNzL0dwbUpPb4ADAIgDAZADAJgDF6ADAaoDQBIYNDUwNTc0OTc3Njk0MTE2NTA1MF9zYmlkGhI1OTQ3NTE0MzU2MjI2NzcxNzIiCTM1MjQ2MDY3MyoFTTExNzPAA6wCyAMA2APcoKcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE2NqgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQlIViIBQGYBQCgBfrT_qrL8ejDPsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJSBgAIAAwADi6BkAAyAef2AXSBw0VdwE4CNoHBgknROAHAOoHAggA8Afs-wOKCAIQAA..&s=d0941e175c09b909d44c549e2f324dd4afca59f0&type=nv&nvt=5&jm=1003&sid=3644845061808307539&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&sw=1600&sh=1200&pw=1600&ph=1793&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:02 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
25085e21-e5da-4e16-92be-2ee92993d1e9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9DE4 		138 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
79e1241fc69fbba02e39237527dc0ceb97bb6a0ac5aad109a17362d33fb34cba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:02 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5be26b15-b0b4-40a8-8c24-fd690861842f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 9DE4 		0
0
cdb
bidder.criteo.com/ Frame 9DE4 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=9330552117
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 May 2022 18:39:02 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ouo.press
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 21 May 2022 18:39:02 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1062
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 9DE4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=QfMtIHxhZ1VlM3BmVlVxUmV0YVF0dVhtcTF4TnZacXZvbm5zNzVuckxDVzdHNU9pck8yb05yeUxNY1Z6VUp2RmZRWjlEMVB3ajNyUUgxWkI5bEJ5OGh0QzZDL3lIWEMxRnhneXg5TDNGYXQvemdaZmc5SHdYYUp3dTdacH...
347 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QfMtIHxhZ1VlM3BmVlVxUmV0YVF0dVhtcTF4TnZacXZvbm5zNzVuckxDVzdHNU9pck8yb05yeUxNY1Z6VUp2RmZRWjlEMVB3ajNyUUgxWkI5bEJ5OGh0QzZDL3lIWEMxRnhneXg5TDNGYXQvemdaZmc5SHdYYUp3dTdacHl5MCtIMW9LZGpXTVhHNXQ2R3RzZHFiWXRFV3JIMEdJWTUwbGFNaWdqQ1IxWXl1cFRMK0RIamZiMmtYR2tLcEJ6RDJ1Yk81LzdFNFdxNk5VMmNQWktaZmdYMlh0aWtTZmtCaHk2bDhNNncyV00vSDhRMzRVPXw&cppv=2
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
525cca3a085d3bd361a3452691b229260e841460e06e459b010a815927455502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:02 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3092
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:02 GMT
location
https://mug.criteo.com/sid?cpp=QfMtIHxhZ1VlM3BmVlVxUmV0YVF0dVhtcTF4TnZacXZvbm5zNzVuckxDVzdHNU9pck8yb05yeUxNY1Z6VUp2RmZRWjlEMVB3ajNyUUgxWkI5bEJ5OGh0QzZDL3lIWEMxRnhneXg5TDNGYXQvemdaZmc5SHdYYUp3dTdacHl5MCtIMW9LZGpXTVhHNXQ2R3RzZHFiWXRFV3JIMEdJWTUwbGFNaWdqQ1IxWXl1cFRMK0RIamZiMmtYR2tLcEJ6RDJ1Yk81LzdFNFdxNk5VMmNQWktaZmdYMlh0aWtTZmtCaHk2bDhNNncyV00vSDhRMzRVPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1316
content-length
482
expires
0
gtm.js
www.googletagmanager.com/ Frame 9DE4 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Requested by
Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d417ff3ddf56e86e827828659b8d425974b296d4a575ff3c632da54ead783e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40529
x-xss-protection
0
last-modified
Sat, 21 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 21 May 2022 18:39:03 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QfMtIHxhZ1VlM3BmVlVxUmV0YVF0dVhtcTF4TnZacXZvbm5zNzVuckxDVzdHNU9pck8yb05yeUxNY1Z6VUp2RmZRWjlEMVB3ajNyUUgxWkI5bEJ5OGh0QzZDL3lIWEMxRnhneXg5TDNGYXQvemdaZmc5SHdYYUp3dTdacHl5MCtIMW9LZGpXTVhHNXQ2R3RzZHFiWXRFV3JIMEdJWTUwbGFNaWdqQ1IxWXl1cFRMK0RIamZiMmtYR2tLcEJ6RDJ1Yk81LzdFNFdxNk5VMmNQWktaZmdYMlh0aWtTZmtCaHk2bDhNNncyV00vSDhRMzRVPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 21 May 2022 18:39:02 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1230
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ Frame 9DE4 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0fbc60b18df6621aeab97aecb37883b8838305e440626b353830cacc405de1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:03 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69518
x-xss-protection
0
expires
Sat, 21 May 2022 18:39:03 GMT
analytics.js
www.google-analytics.com/ Frame 9DE4 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1195
date
Sat, 21 May 2022 18:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 21 May 2022 20:19:08 GMT
truncated
/ Frame 8C64 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8C64 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame 8C64 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-34.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 18:39:03 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
collect
www.google-analytics.com/j/ Frame 9DE4 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2033705318&t=pageview&_s=1&dl=https%3A%2F%2Fouo.press%2FGpmJOo&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=YEBAAEABAAAAAC~&jid=1579300124&gjid=2042910653&cid=1671146006.1653158343&tid=UA-177299981-5&_gid=687936404.1653158343&_r=1&gtm=2wg5b0NPLC9ST&z=1126345354
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bql.php
lg3.media.net/ Frame 8C64 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6075&&&vgd_l2type=sca&v=1&gdpr=1&geo=50.1%7C8.63&dlper=20&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170721613&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=266&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Damenmode+f%C3%BCr+gro%C3%9Fe+Gr%C3%B6%C3%9Fen&kwt[]=391&kbc[]=1262271042&kwp[]=1&kid[]=350738831&kbc2[]=pmb%3D1%7C%7Crps%3D0.86%7C%7Crps_62%3D0.46%7C%7Crps_10%3D3.92%7C%7Crps_63%3D0.30%7C%7Crps_12%3D0.36%7C%7Crps_60%3D0.96%7C%7Crps_66%3D2.28%7C%7Cps%3D0.592%7C%7Crpc%3D0.25%7C%7Clvl%3D4.67&ktd[]=274894881024&ktrkt[]=Damenmode+f%C3%BCr+gro%C3%9Fe+Gr%C3%B6%C3%9Fen&kwd[]=G%C3%BCnstige+Druckerpatronen+auf+Rechnung&kwt[]=391&kbc[]=1262271042&kwp[]=2&kid[]=350738834&kbc2[]=pmb%3D1%7C%7Crps%3D0.86%7C%7Crps_62%3D0.46%7C%7Crps_10%3D3.92%7C%7Crps_63%3D0.30%7C%7Crps_12%3D0.36%7C%7Crps_60%3D0.96%7C%7Crps_66%3D2.28%7C%7Cps%3D0.592%7C%7Crpc%3D0.48%7C%7Clvl%3D4.41&ktd[]=274894881024&ktrkt[]=G%C3%BCnstige+Druckerpatronen+auf+Rechnung&kwd[]=Immobilien+auf+Mallorca+zur+Langzeitmiete&kwt[]=391&kbc[]=1262271042&kwp[]=3&kid[]=350738835&kbc2[]=pmb%3D1%7C%7Crps%3D0.45%7C%7Crps_62%3D0.43%7C%7Crps_10%3D3.92%7C%7Crps_63%3D0.30%7C%7Crps_12%3D0.79%7C%7Crps_60%3D0.45%7C%7Crps_66%3D2.28%7C%7Cps%3D0.592%7C%7Crpc%3D0.23%7C%7Clvl%3D4.64&ktd[]=274894881024&ktrkt[]=Immobilien+auf+Mallorca+zur+Langzeitmiete&kwd[]=Kfz-Versicherung+online+berechnen&kwt[]=391&kbc[]=1262271042&kwp[]=4&kid[]=330162058&kbc2[]=pmb%3D1%7C%7Crps%3D0.00%7C%7Crps_62%3D0.46%7C%7Crps_10%3D3.92%7C%7Crps_63%3D0.30%7C%7Crps_12%3D0.36%7C%7Crps_60%3D0.00%7C%7Crps_66%3D2.28%7C%7Cps%3D0.592%7C%7Crpc%3D0.64%7C%7Clvl%3D4.52&ktd[]=274894881024&ktrkt[]=Kfz-Versicherung+online+berechnen&cid=8CUL2446F&vwid=1653158342416164631&vi=1653158342416164631&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D39351&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721613&vgd_nrrv=61807&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1653158342112598257&sttm=1653158342813&upk=1653158343.27655&hvsid=00001653158342813031177838083900&verid=3111299&sbdrId=99&vgd_ecrid=352460673&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D39351&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8Ovui9X9f9X~Q7Ovui9X9f9X~875EJvK00I4tPb~e8Q8G8j875v9~N875vDa_q4IRPDZaRr4D_KPR4D~LJkMNz7vu~LM8EvuWX.fuA.uXX.9~LMQNvR3~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1QzvAiAXu~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHvu9~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvh9~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9H~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv99u99uu~G-M8z7YOv9~G-My8zQxv9~G-MNQv9~G-MQ8lJvhfW-i9~G-Mjf1Qv9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~OYYMjv9.9Hf~OYYMLv9.AFi~JMLEYv9.uXH~OYYMYuv9.uXH~OYYMYfv9.9Ff~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhv9.FFW~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.WFi~OYYMYufv9.FFW~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iFW~OYYMYuFv9.AFi~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAivXXihi.Wfu~OYYMYH9vWhiX9h.999~OYYMYHuvfF.HhW~OYYMYHfvAXu.999~OYYMYHAvf.Aiu~OYYMYHHv9.iFW~OYYMYHhvfAWhW.999~OYYMYHWvXhHFhuA.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.uXH~eGLv9~G8Ov9.9i9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8Ovui9X9f9X~e8JB1G8j875v9.hu9hAX~NGOEv9.9X9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~LJkMNz7vu~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.9i9~875EJM8OvuF~QJjjJLM71yM8Ovui9X9f9X~N1LL8JLVOv9~ONx7vHX~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=220406&vgd_scsver=208&vgd_l2ch=0&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001653158342813031177838083900&subBdr=99&bdrid=9&fp=CPlwIBiT932FkZzdrHiv5lv8EL5ebwrpp9Xj29uLY8pa6dIKrjLsS49FHsdqIvgAoSXVP-dbeP3IYcAz-QkLKuXYpV0HcAKGsSX0riCQjVYw2nVfYcaL3J8-5C04i5i5&cme=Cj3Yq_ZZDZmzEo4ySDf06z8sDumWQBTornVhxid0cna2gjLGcmmafo86Lu_eMJ7vx7Mm2WJAfs7BrvDDiarMNWGaW_RYHHRNqW3F49CgRixcFjYtkNr8Lk4UQjGqNV1BKvfLQ9UKVPNP9lMZDzahYhpbEVGfCgfPT-C2dDoX4LGMgFLCEDFzUVz2f27r26XHPsWxqoqeRQGp08x7l-nh7O_8Zo9z69Sv0x6qou3wASA%3D%7C%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7Ca0AmFUYXmD41Acxn9AJpoA7lW_XPYzR_h-ixmOQH1raVWSN18dZeIA%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C-wH3rnQvfYQ1PGBXnWbrgP0jDnmhJbWd7lvmae28yZ52sEXLqxKuftZCRYlWTydicKZvTA-sCXQaVyhkJIbUv2tR4GSQR-kQ6HXY2Htibyl0gF9kJfqdtEhX2IRcNEwM15vTPizmsEAivuSmS0pWXSPrjJQenunYoCupyMA0h_emJTlGwBIRLmO3tMkBULnuQ7vxzPDskFlG7Po8eRNO4nKUUUqcSImmBmwLsMGE3I8%3D%7C&rc=0&rand=1653158343166&acid=6566d44c1ea64812880c17b64baee6b1&matm=1653158343166&requrl=https%3A%2F%2Fouo.press%2FGpmJOo&vgd_x_pos=437&vgd_y_pos=1974&vgd_ren_page_h=1793&vgd_ltimesrc=1&vgd_ltime=528&vgd_rtime=441&vgd_etm=11&vgd_l1hcsd=A19%7C3318&vgd_l1ch=1&vgd_lhl=3040&vgd_pgid=p1642385554t202205211839&vgd_adprefflag=01&vgd_csip=rtb-common-5f4649764d-8qkvv.BE&vgd_sbSup=1&vgd_nrrs=61807&vgd_cntrdt=SL%7CDIV%7CDIV&oRurl=adomain%3Dhttps%253A%252F%252Fcontent.businessinfoline.com%26adt1%3D8CU6M287B%26adt2%3D856004011%26allsc%3DHE%26bcpf%3DB48fOnRrolnfOur8z%252FBzqaNg%26bdrId%3D9%26cb%3Dwindow._mNDetails.initAd%26cc%3DDE%26chnm%3DHARMONY%26cid%3D8CUL2446F%26cpcd%3DXwoV-NCuQXHq_FbmS-SljQ%253D%253D%26crid%3D211362147%26gdpr%3D1%26https%3D1%26kalog%3D%26kals%3D%26katbid%3D-103%26katpre%3D1%26lw%3D1%26matchstring%3D%26nb%3D1%26nse%3D5%26ntv%3D0%26pgid%3Dp1642385554t202205211839%26pid%3D8PO15FLE3%26requrl%3Dhttps%253A%252F%252Fouo.press%252FGpmJOo%26size%3D728x90%26tpid%3DTCOZEBG%26ugd%3D4%26vi%3D1653158342416164631%26vif%3D1&vgd_end=2
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Sat, 21 May 2022 18:39:03 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Sat, 21 May 2022 18:39:03 GMT
log
lg3.media.net/ Frame 3C04 		35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUL2446F&vi=1653158342416164631&hvsid=00001653158342813031177838083900&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=331&l2s_downloadTime=1&l2s_total=332&l2s_start=89&l2s_sslTime=0&l2s_nhp=h2&l1s_dnsTime=0&l1s_connectionTime=0&l1s_waitTime=48&l1s_downloadTime=4&l1s_total=52&l1s_start=8&l1s_sslTime=0&l1s_nhp=h2&gdpr=1
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:03 GMT
server
Jetty(9.4.35.v20201120)
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 21 May 2022 18:39:03 GMT
collect
analytics.google.com/g/ Frame 9DE4 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe5b0&_p=2033705318&_z=ccd.tbB&_gaz=1&cid=1671146006.1653158343&ul=en-us&sr=1600x1200&_s=1&sid=1653158343&sct=1&seg=0&dl=https%3A%2F%2Fouo.press%2FGpmJOo&dt=&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame 9DE4 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0DTZ6LRDBJ&cid=1671146006.1653158343&gtm=2oe5b0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 9DE4 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0DTZ6LRDBJ&cid=1671146006.1653158343&gtm=2oe5b0&aip=1&z=658788517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
cdn.firstimpression.io/tracking/ 		2 B
405 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-119.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 21 May 2022 18:39:03 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-amz-cf-id
LE7vvVym-I4PKn0VuJVM44wByj_0rWy49gqBAIhoHmhTP4btkr3Z_A==
vevent
fra1-ib.adnxs.com/ Frame 3C04 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FGpmJOo&e=wqT_3QLIBIBIAgAAAwDWAAUBCMbjpJQGELT1xY_56L6gCBgAKjYJmpkBAVCpPxEbL90kBoGlPxkAAAAghev1PyEREgApESTQMQAAAOBRuK4_MN3digk40RhAlQlIYFCBv4ioAVjRl2VgAGirgLkBeJ_YBYABAYoBA1VTRJIFBvD9mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCGGh0dHBzOi8vb3VvLnByZXNzL0dwbUpPb4ADAIgDAZADAJgDF6ADAaoDQBIYNDUwNTc0OTc3Njk0MTE2NTA1MF9zYmlkGhI1OTQ3NTE0MzU2MjI2NzcxNzIiCTM1MjQ2MDY3MyoFTTExNzPAA6wCyAMA2APcoKcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE2NqgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQlIViIBQGYBQCgBfrT_qrL8ejDPsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJSBgAIAAwADi6BkAAyAef2AXSBw0VdwE4CNoHBgknROAHAOoHAggA8Afs-wOKCAIQAA..&s=d0941e175c09b909d44c549e2f324dd4afca59f0&type=pv&jm=1003&px=436&py=1109&bw=728&bh=90&sf=1&sid=3644845061808307539&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:03 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b66a9323-95a5-46c8-b325-f0233a36cdcb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
passback.js
cdn.adtrue.com/rtb/ Frame 8C8C 		753 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: ouo.press
URL: https://ouo.press/GpmJOo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23389519
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuqeD8x1xl4%2BzV2ngUct8QeI6MioAlG%2Fp2qFcAZCu0aKRka3mBuGFv1EaS%2FOmXhWeYT25kmbb60a%2BSWD%2F1n7WPwGRVkLvVbKJPKP1%2FzGuzy9yifWOc5uLiIvPp%2FvffIYRBt705el5g%2FL2a%2FE4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
70ef6ec14f876940-FRA
expires
Fri, 19 Aug 2022 01:33:44 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9DE4 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:03 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 May 2022 18:39:03 GMT
passback
exchange.adtrue.com/tag/ Frame 8C8C 		296 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=377443321&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.118.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-118-138.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:03 GMT
server
nginx
content-length
296
content-type
application/javascript
syncframe
gum.criteo.com/ Frame C2A4 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9f75d4ba3fd309652e5518806c8527a4673b5852b88d66794f9e76e4577a8f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6041
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 18:39:03 GMT
server-processing-duration-in-ticks
2496
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9DE4 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 May 2022 18:39:04 GMT
sid
mug.criteo.com/ Frame C2A4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=cBTUJ19DaHdDT216UWcxeFhLNENZYmVGSElLOW9SRHpmRUUzalk2Nm4yZzk3MSUyRnVvRHJvNiUyRmdn...
  • https://mug.criteo.com/sid?cpp=gY860Hw3UmpzK3huMWlNQnIxdEI2RG01eVlRemNvM3hRVVNVdE4xMTgxT29nRlBDYVliREVvcm1QUFRHREtSMGNrT1FwdjJGeXhUcWVWK0ZHakFiM1RLbnhjcXIwMGIxK2IrUUZQUXNEVXVuVjNYc1FzcG1oUytIanJ6Nk...
425 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gY860Hw3UmpzK3huMWlNQnIxdEI2RG01eVlRemNvM3hRVVNVdE4xMTgxT29nRlBDYVliREVvcm1QUFRHREtSMGNrT1FwdjJGeXhUcWVWK0ZHakFiM1RLbnhjcXIwMGIxK2IrUUZQUXNEVXVuVjNYc1FzcG1oUytIanJ6NkdRYk81U1oveGxjWEFtSGo2Q1czaTQycWxwVDhrS2hSRW1QWGw2NnhQWU5LQXZCbWM1K3VCKzdUcUZJcjhKQWtSZmRPdEVDQUJybXdLSnNBc2U2akhQRmlKekh4aHRXbFhSM3VGQnFNSHoxdXZGMThBS2M4SHk4KzRhMW5mTXgwR09rTmpJQXU1Ris1RkxDb0J6REFPUFRKbFRib1YwUT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
8249b8a479ef7e58f0434f09e2c0f93c01977bc9257f453f9f71f4c752273735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:03 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5037
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:03 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=gY860Hw3UmpzK3huMWlNQnIxdEI2RG01eVlRemNvM3hRVVNVdE4xMTgxT29nRlBDYVliREVvcm1QUFRHREtSMGNrT1FwdjJGeXhUcWVWK0ZHakFiM1RLbnhjcXIwMGIxK2IrUUZQUXNEVXVuVjNYc1FzcG1oUytIanJ6NkdRYk81U1oveGxjWEFtSGo2Q1czaTQycWxwVDhrS2hSRW1QWGw2NnhQWU5LQXZCbWM1K3VCKzdUcUZJcjhKQWtSZmRPdEVDQUJybXdLSnNBc2U2akhQRmlKekh4aHRXbFhSM3VGQnFNSHoxdXZGMThBS2M4SHk4KzRhMW5mTXgwR09rTmpJQXU1Ris1RkxDb0J6REFPUFRKbFRib1YwUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1605
content-length
541
expires
0
adtrue.ouo.press.991771.js
jsc.adskeeper.com/a/d/ Frame 8C8C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=377443321&ref=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb90a8774aa9167be826bab2c4c178495e7362c695b8af8f13b6cf038db0e20e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6402
cf-ray
70ef6ec2c9fe900c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
745
x-amz-id-2
LU9A/+DnvLk9il7+QyWOxO7FuGbTbXciQF9tBWkbAZMEqFc353cwbeYTAU15ifp3yY3VUQ3wTg4=
last-modified
Thu, 19 May 2022 09:26:17 GMT
server
cloudflare
etag
"aef0043370d859b0e8b6b8c06254bdef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
00D9M4YYXZXQKMEF
cache-control
public, max-age=14400
x-amz-version-id
vrRm5rTtJM4LH2rMJ2bxf0jTjEylXNQ5
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 21 May 2022 22:39:04 GMT
adtrue.ouo.press.991771.es6.js
jsc.adskeeper.com/a/d/ Frame 8C8C 		230 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a090e4e333df7caef88f9b89843eb901eb20fd35cf58820bb6e02c37024c526c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6401
cf-ray
70ef6ec32a62905e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70924
x-amz-id-2
o+Lm0kFUNeQRdwiZ9BArKIAVP1t21M4u+ir8zrkpfDZvpO/ktN8ynPOBHb0a2++MuFLSOkEUVWM=
last-modified
Thu, 19 May 2022 09:26:17 GMT
server
cloudflare
etag
"0cc0097771b73c278ce9bcdd70bbb65c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
HYV7ANTQMS01R0K6
cache-control
public, max-age=14400
x-amz-version-id
bD8HNNR9l390Jna6_oU_zy.95lirZZwZ
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 21 May 2022 22:39:04 GMT
publishertag.prebid.113.js
static.criteo.net/js/ld/ Frame FAD8 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 May 2022 18:39:04 GMT
syncframe
gum.criteo.com/ Frame B88C 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9f75d4ba3fd309652e5518806c8527a4673b5852b88d66794f9e76e4577a8f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6041
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 18:39:04 GMT
server-processing-duration-in-ticks
3661
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bqi.php
lg3.media.net/ Frame 3C04 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3290&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_l2type=sca&pid=8PO15FLE3&katbid=-103&katen=1&cme=Cj3Yq_ZZDZmzEo4ySDf06z8sDumWQBTornVhxid0cna2gjLGcmmafo86Lu_eMJ7vx7Mm2WJAfs7BrvDDiarMNWGaW_RYHHRNqW3F49CgRixcFjYtkNr8Lk4UQjGqNV1BKvfLQ9UKVPNP9lMZDzahYhpbEVGfCgfPT-C2dDoX4LGMgFLCEDFzUVz2f27r26XHPsWxqoqeRQGp08x7l-nh7O_8Zo9z69Sv0x6qou3wASA=||u8A6SM53vAeDX2gxB2l7q9coRgBZkbzd|qW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb|a0AmFUYXmD41Acxn9AJpoA7lW_XPYzR_h-ixmOQH1raVWSN18dZeIA==|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|-wH3rnQvfYQ1PGBXnWbrgP0jDnmhJbWd7lvmae28yZ52sEXLqxKuftZCRYlWTydicKZvTA-sCXQaVyhkJIbUv2tR4GSQR-kQ6HXY2Htibyl0gF9kJfqdtEhX2IRcNEwM15vTPizmsEAivuSmS0pWXSPrjJQenunYoCupyMA0h_emJTlGwBIRLmO3tMkBULnuQ7vxzPDskFlG7Po8eRNO4nKUUUqcSImmBmwLsMGE3I8=|&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&requrl=https%3A%2F%2Fouo.press%2FGpmJOo&vi=1653158342416164631&ugd=4&cc=DE&sc=HE&bdrid=9&subBdr=99&startTime=1653158342806&l2type=sca&vgd_l1rakh=1653158342112598257&l1ch=1&sttm=1653158342813&upk=1653158343.27655&hvsid=00001653158342813031177838083900&acid=6566d44c1ea64812880c17b64baee6b1&verid=3111299&vgd_bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DROTHENBURGOBDERTAUBER~ref_cnt%3D1~r_ip%3D185.213.155.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D39351~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.04~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.042~dmm_r%3D0.369~e_rpm%3D0.154~dmm_m1%3D0.154~dmm_m2%3D0.062~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.668~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D0.668~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.968~dmm_m16%3D0.369~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D55979.821~dmm_m40%3D879507.000~dmm_m41%3D26.478~dmm_m42%3D351.000~dmm_m43%3D2.391~dmm_m44%3D0.968~dmm_m47%3D23878.000~dmm_m48%3D5746713.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.154~vbr%3D0~bid%3D0.090~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.710735%7Ecbdp%3D0.050%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.090%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~&vgd_sc=HE&infr=1&stime=1653158342737&vgd_ecrid=352460673&l1hcsd=l1!A19|3318&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22eu_be%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p1642385554t202205211839&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Sat, 21 May 2022 18:39:04 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Sat, 21 May 2022 18:39:04 GMT
log
hblg.media.net/ Frame 3C04 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=4505749776941165050&s_city=frankfurt+am+main&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.090&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=227fcb8c&scrid=352460673&itypeid=16&mx_SPRIG=0&viewability=71&renderer=0&be=0&rtime=5.0&adj0=0.0&tmax=150&s_ip=37.252.173.75&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=4505749776941165050&sc=BY&mowxReqId=6566d44c1ea64812880c17b64baee6b1_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2FGpmJOo&bidrestime=1653158342632&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-21-5&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.090&ct=Rothenburg+Ob+Der+Tauber&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=39351&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=6566d44c1ea64812880c17b64baee6b1&actltime=20&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.050&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3153&bfs=103&rfc=1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460673&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2351%23%2313%23%2316%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1653158942887&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.050&csex=0&pvdTmax=111&ltime=19.0&epc=211362147&prvReqId=9491286260657_356155295_856004011191&zip=91541&exid=31&adl_wrapper=0&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&rtttime=25&apTags%3C%3E=75&mx_PC=1&wsip=mowx-5c9b44fcc5-44jsd&currsrc_date=2022-05-20+00%3A00%3A00&mx_divid=19050205&geoll=false&debug_ts=2022-05-21+18%3A39%3A02&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&pid=8PR113JGC&spTo=3&ecp=1.37&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-5f4649764d-8qkvv.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.09&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=594751435622677172&rme=adm&bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DROTHENBURGOBDERTAUBER~ref_cnt%3D1~r_ip%3D185.213.155.0~r_sc%3DBY~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D39351~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.04~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.042~dmm_r%3D0.369~e_rpm%3D0.154~dmm_m1%3D0.154~dmm_m2%3D0.062~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.668~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D0.668~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.968~dmm_m16%3D0.369~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D55979.821~dmm_m40%3D879507.000~dmm_m41%3D26.478~dmm_m42%3D351.000~dmm_m43%3D2.391~dmm_m44%3D0.968~dmm_m47%3D23878.000~dmm_m48%3D5746713.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.154~vbr%3D0~bid%3D0.090~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.710735%7Ecbdp%3D0.050%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.090%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~&utime=192&sf=0&cpr=0.8027143716883567&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:04 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 21 May 2022 18:39:04 GMT
sid
mug.criteo.com/ Frame B88C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=cBTUJ19DaHdDT216UWcxeFhLNENZYmVGSElLOW9SRHpmRUUzalk2Nm4yZzk3MSUyRnVvRHJvNiUyRmdn...
  • https://mug.criteo.com/sid?cpp=RPjB_Xx1Mm1YQ0VsZlN2Z1EvRy9MbWFiSktVOURRbzA2OGkzUDYyK1lFTWpFeVlpVnRweDJrb01kMEc0YU55Y3pDSFJaMWh0dFFHQzVqdVNwOEZoUHRnZUsveTFQMmNYZW14cnY2R0ZtMFAxeUc5cjFuNjMvZlBxUmpDZm...
433 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RPjB_Xx1Mm1YQ0VsZlN2Z1EvRy9MbWFiSktVOURRbzA2OGkzUDYyK1lFTWpFeVlpVnRweDJrb01kMEc0YU55Y3pDSFJaMWh0dFFHQzVqdVNwOEZoUHRnZUsveTFQMmNYZW14cnY2R0ZtMFAxeUc5cjFuNjMvZlBxUmpDZmpNaVpLbUppU012c3g1R1hFQ3ErWlFLSG40ZEpCMEhPWWdkVGlaSGs4NGJWaWtlS25SZTYwWm1rRHFXQk8wZXRsVnE0WEdQK082TTJwc2ttWDdQdEFUdGYwY0VjZk8xSDRJb1hkYzVxeGNHaXd2Z3JvaTl6ejAzNUFTY0locDZDQkZvUTh0dVBXUnljVFdERms1enNndENqY3NvZXlJUT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d349604baf42cf87c80e6c13d310a495ed6bb40c19f820905d7f72867e810e9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:03 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4199
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:04 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=RPjB_Xx1Mm1YQ0VsZlN2Z1EvRy9MbWFiSktVOURRbzA2OGkzUDYyK1lFTWpFeVlpVnRweDJrb01kMEc0YU55Y3pDSFJaMWh0dFFHQzVqdVNwOEZoUHRnZUsveTFQMmNYZW14cnY2R0ZtMFAxeUc5cjFuNjMvZlBxUmpDZmpNaVpLbUppU012c3g1R1hFQ3ErWlFLSG40ZEpCMEhPWWdkVGlaSGs4NGJWaWtlS25SZTYwWm1rRHFXQk8wZXRsVnE0WEdQK082TTJwc2ttWDdQdEFUdGYwY0VjZk8xSDRJb1hkYzVxeGNHaXd2Z3JvaTl6ejAzNUFTY0locDZDQkZvUTh0dVBXUnljVFdERms1enNndENqY3NvZXlJUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1441
content-length
541
expires
0
/
c.adskeeper.com/pv/ Frame 8C8C 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1653158344627138111837&uniqId=066c0&lct=1652918400&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fouo.press%2FGpmJOo&cxurl=https%3A%2F%2Fouo.press%2FGpmJOo&lu=https%3A%2F%2Fouo.press%2FGpmJOo&sessionId=628931c9-12f3e&pageView=1&pvid=180e7ea77b495ed87ac&site=624865&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
70ef6ec60f1e900c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 8C8C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
content-encoding
br
cf-cache-status
HIT
age
1881
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E0Z33CBCQJ9KWVEB
x-amz-id-2
PpHILWzCRUeq+5r6D7cF55Xz3oq32dAgKKQ3mZH0LpftfA8EQfJTeuAtx3pyGw8tanpixw6/Svo=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
70ef6ec65e505c2c-FRA
expires
Sat, 21 May 2022 22:39:04 GMT
1
servicer.adskeeper.com/991771/ Frame 8C8C 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/991771/1?pv=5&cbuster=1653158344700906657153&uniqId=066c0&lct=1652918400&niet=4g&nisd=false&jsv=es6&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fouo.press%2FGpmJOo&cxurl=https%3A%2F%2Fouo.press%2FGpmJOo&lu=https%3A%2F%2Fouo.press%2FGpmJOo&sessionId=628931c9-12f3e&pageView=1&pvid=180e7ea77b495ed87ac&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c714e0fdb2fdc401597901d8973c02c9f519600094650a6baae40746fb5ad841

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
70ef6ec68fe9900c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 8C8C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
content-encoding
br
cf-cache-status
HIT
age
5104
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0VTMW8WSD1ZDZDSC
x-amz-id-2
0iM/LJmdYYfpIY+nn/l9Lz2ggQWLdu9bPZ7RVZoyFidyrskpryu09YZxCRuTYeXCBW+4+GUJn8c=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
70ef6ec6ec9390ae-FRA
expires
Sat, 21 May 2022 22:39:04 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMTAxMix5XzEzNjYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0Lzc3M...
s-img.adskeeper.com/g/12581125/492x277/-/ Frame 8C8C 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/12581125/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMTAxMix5XzEzNjYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0Lzc3MzU1M2U4ZjcxMTc3NmVmNDBkNjAxMTA1ZDBjZDBjLmpwZWc.webp?v=1653158344-Zthvg70Yu9qxf46_TGdl_PYKG71I_VcHnUqp08KVDYE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07cd93aaf40528d8402e57fae379a7fe2ff24090292d4b425263965e73316323

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 09:41:21 GMT
x-mg-request-uuid
8441b12c-89a0-4af3-a634-2556bc0e57b6
age
4090414
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
70ef6ec70e4f9b45-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11492
server
cloudflare
i.js
cm.adskeeper.com/ Frame 8C8C 		0
102 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1653158344788826854515
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
70ef6ec708b0900c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.adskeeper.com/ Frame 8AE3 		0
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1653158344804243114713
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
70ef6ec708b3900c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
806.json
id5-sync.com/g/v2/ Frame 9DE4 		213 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
a9e94e3ac536738587bb087945f7a20e1ab7fb1404cad8e8e46d2246ce5fc3a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sat, 21 May 2022 18:39:04 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 9DE4 		44 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 May 2022 18:39:04 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
id
id.crwdcntrl.net/ Frame 9DE4 		63 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.70.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-70-186.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ae3ee03d4d740ce444459793a13cdf9f3918841dd58c3656be63035725557766

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ouo.press
cache-control
no-cache
x-server
10.45.25.108
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame 9DE4 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f1cc7ad5dbce85701a1263fdbcdc75f061b042e773436de78e66134543ddcc0d

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 21 May 2022 18:39:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 20 Jun 2022 18:39:04 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9D8B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
51142
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 21 May 2022 18:39:05 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 610980
X-Served-By
cache-lga13628-LGA, cache-hhn4060-HHN
X-Timer
S1653158346.760607,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 3FA3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 May 2022 18:39:05 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 5042 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
29
CF-Cache-Status
HIT
CF-RAY
70ef6ecd2ae46907-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 21 May 2022 18:39:05 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Sat, 21 May 2022 19:39:05 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
async_usersync
ib.adnxs.com/ Frame 9D8B 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:05 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3006acc1-0f48-4e47-885e-e3399196b2ff
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3FA3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 18:39:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49356
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9446
Expires
Sun, 22 May 2022 08:21:41 GMT
setuid
px.ads.linkedin.com/ Frame 3FA3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3G7SKX4-L-I1B4
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3G7SKX4-L-I1B4
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:05 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 982F731174E549CBB909DDE7BE23666E Ref B: FRAEDGE1309 Ref C: 2022-05-21T18:39:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXfiev6VNXcZHf9CeiydQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3G7SKX4-L-I1B4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3FA3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHN1NLWDQtTC1JMUI0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHN1NLWDQtTC1JMUI0&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHN1NLWDQtTC1JMUI0&google_tc=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHN1NLWDQtTC1JMUI0&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 3FA3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3G7SKX4-L-I1B4&sigv=1&esig=2~beefabec871715467e49b7f6ec6685b3cbdeeb66
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3G7SKX4-L-I1B4&sigv=1&esig=2~beefabec871715467e49b7f6ec6685b3cbdeeb66
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:06 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3G7SKX4-L-I1B4&sigv=1&esig=2~beefabec871715467e49b7f6ec6685b3cbdeeb66
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3FA3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU5MDQ3OTBmYzQyZmE0Y2RjMTg3MzA4MzFkMTFiMjJiMGRiNWZiNw
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU5MDQ3OTBmYzQyZmE0Y2RjMTg3MzA4MzFkMTFiMjJiMGRiNWZiNw&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU5MDQ3OTBmYzQyZmE0Y2RjMTg3MzA4MzFkMTFiMjJiMGRiNWZiNw&google_tc=
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU5MDQ3OTBmYzQyZmE0Y2RjMTg3MzA4MzFkMTFiMjJiMGRiNWZiNw&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3FA3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0mdeYglwTV-WZrB_OZnrgg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0mdeYglwTV-WZrB_OZnrgg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0mdeYglwTV-WZrB_OZnrgg
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
30FFPEKBX205ZCMAH06N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0mdeYglwTV-WZrB_OZnrgg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 3FA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3FA3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=f9EnbfsITQ6g1XSI9QNL2g&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=f9EnbfsITQ6g1XSI9QNL2g
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=f9EnbfsITQ6g1XSI9QNL2g
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8BXBC0XS6YYANT45Z65Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=f9EnbfsITQ6g1XSI9QNL2g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3FA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEOF5CoBlgHDsOtViDzNhMI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEOF5CoBlgHDsOtViDzNhMI&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 18:39:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEOF5CoBlgHDsOtViDzNhMI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.adskeeper.com/ Frame 8C8C 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=300|250|28|i1vv8G7vP3iyOUuNbZpKFK9x0qhtEe-Ut-ncbwH1riIyqyo1gf1qCSs7-MgyfNpR&fw=1&extjs=66044&cid=991771&h2=CBvd3SiXK6CDlaashqQY2B-LAifAvcAwR1nWkedwnPI*&rid=4a75289c-d935-11ec-a0ab-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=180e7ea77b495ed87ac&cbuster=1653158345938511191897
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:05 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
354085b9-f9f5-46b9-a963-c8cc57f1740d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
70ef6ece2f33905e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
server
cloudflare
async_usersync
ib.adnxs.com/ Frame 9D8B 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:06 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
893046d6-ce66-46c8-ba43-f2d8dbfab6f0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0305 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=102695
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Sat, 21 May 2022 18:39:06 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Sun, 22 May 2022 23:10:41 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 48D4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
51144
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 21 May 2022 18:39:06 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 610998
X-Served-By
cache-lga13628-LGA, cache-hhn4060-HHN
X-Timer
S1653158347.888718,VS0,VE0
PugMaster
image6.pubmatic.com/AdServer/ Frame 0305 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89927347&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 18:39:05 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 48D4 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 18:39:06 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ae7b6c5e-4962-41c0-b377-b65e233868c9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame AC7E 		0
0
img
sync.mathtag.com/sync/ Frame 6165 		0
0
pubmatic
d5p.de17a.com/getuid/ Frame 6BDB 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame B2E0 		0
0
/
dsp.adfarm1.adition.com/cookie/ Frame 4F8C 		0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 1BB6 		0
0
sync
sync.srv.stackadapt.com/ Frame 0DF3 		0
0
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 37B4 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=CBCD4F50-227F-4FA0-8EC8-0B24C29258C3
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=9
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| apd_options object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _0x2a00 function| _0x205b object| a function| b undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector boolean| fifabAlready function| fi_fab object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| adtrue_tags function| generateCb number| adtrue_time number| adtrue_cb object| adtrue_rtb object| q object| qs string| js_code string| k function| vi_setCookie2 function| vi_getCookie2 function| open_dater number| pok function| dyns_load object| recaptcha object| closure_lm_420674 object| fiUtils object| _mNDetails number| lnt_z object| criteo_syncframe_state object| _mgPageViewEndPoint624865 object| _mgPageView624865 string| _mgPvid object| _mgPageImp624865

38 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJZS53bItWPiV8luWZuQ8vK9AlmueJbJOFlQdt3TId11BKna3NWW74fbo5UGruX-8SUueieUibNUFKMDUV-Ztzk
ouo.io/ Name: ouoio_session
Value: eyJpdiI6InRiQUxzdXRCTFdWRllScGN5cnRnTWIwRDBiOGpGUVwvaXBsWUN5eHY2VFwvbz0iLCJ2YWx1ZSI6IlwvenNoZjNDc2haOTFtbm9pZUFPaWNoTFRQaWFVWm1qUWo3VlI3QUJCQmlFbDFjUVFvN09XS0ZOOURNaXY0cGVVa1wvREZJZEl2alpuTTdKT2JDU2JPV2c9PSIsIm1hYyI6IjlkZjIzYTE1NWRiZTAyMzNlMGYxMDQ1NWQ5ZDA0NmE1N2M1NjdhNGM4MWI1MThhNTU2YTY3YTAxMWQ3MzFlYWUifQ%3D%3D
ouo.io/ Name: language
Value: eyJpdiI6Im9DZElhNTRNRXVBV3I1VEMyN3NDMlowUFVxbWJqQ01QRG9xc2k0Uzl5bUE9IiwidmFsdWUiOiJuclJMQmlFOElIUUVoaTdYeGZyR2ZxVVppQUxiOVE0ZlIxanJ4cUIxakVzPSIsIm1hYyI6IjkxNzAyODRiNWY1OTNjYjRjNjcxYjU1N2UwNjY2NDE3MTQ0MjA1Njg5YzUwMzBjNjNjZTJhMmM5YWNiNDZhYzUifQ%3D%3D
ouo.io/ Name: fb02fce2d3e3ed564b2cab5a0497698325d71600
Value: eyJpdiI6InN6MWN3b2pLOSt6UWJnSnE4a3psTnFDS2xraWVmUE41UW1Edm82dnJPU3c9IiwidmFsdWUiOiJzalJKUFo1Q3c1Rmpza0NoOGdUTzNtYUVTVnp4cExmdTdVSEZQZ05oRk5IM0hlY0dwbGdCZWtva3VUQUdXaHVGRmpGalFmMnZFMFpMdGFYeVFLQUs5RENSSE9IUTc4NW94V0N4VUVmMUNWWm5WUkcrZ3BDSkJMS250Wk1EZXE4bTZtczVaNjNjTXVUUXF1TGYzTHdNMkNxczB2cGdlZGVpVFBWbUF5bkZ3ZmN3WVwvaXY3bTBsNGx2a3JUbUJ4d3VxVm9nRW40bUV6ajRmajdIbXFOMVJmcEhyN2dDdDBZN0FxN0h4eUMyWDJWRFBqMys4ZkJ2MnJib0ZaSGVoNWtWaDZseGZEWFNQYTBpdm9INngyXC9rOFNGTVRKZzdWbEF2eFJicXNGYks3ODZ2U0NmKzBaYmdQdTVkTUlTTElDNzhxaXZ5bGJaVVlNWlc5M2dIUnJYXC9FN0E9PSIsIm1hYyI6IjBmNmUyOGRkZDQyNTNkYmM5OWYxYTQwY2NiZjc0NmRhYjA0YzA2OTk3MTgyZjY1ZDAwMGQ5OWI0MDY1MTAzOTkifQ%3D%3D
ouo.press/ Name: ouoio_session
Value: eyJpdiI6InFER2tIQlV1ZTJsaGNRaUVEc1wvRjc0UFwvMmZqSGNIdVprWWUrZ24waXV3ST0iLCJ2YWx1ZSI6ImZmTEozemE0TGhmRTh3U0MrbkxGcUxMWWZJd0h4eFhJYWNHOUVUTDgrQ1hUSFQzXC9iU25sVnlwZGhYVVgzMWJpeFRpNXozSUVlR3k0a3YyZkRFSXpkUT09IiwibWFjIjoiNjAyZTlkMzdlMWU1ODU2NDk5NGM2YTAxNTkwYTZiOWFkM2YzYTg0NjhkNTIxMjNhYWYxYTQ4N2I0MmUwNDA0MCJ9
ouo.press/ Name: language
Value: eyJpdiI6IkpUM243K3p1cGZwV0hqNnRrSFczQXZzWTY5cCt4V3lDNXNKSTg2WUR6Nk09IiwidmFsdWUiOiJ2bUVydTd4T2xQajVHXC9iNHFIUzE0VHpcL3dCaFNcL2RWcVVuT1VZOExwc09rPSIsIm1hYyI6ImJiNWY4ZDhkMWE1NTZkNzA4Mzk2MDQ2ZmI3NzJkZjk3NTNhNWJkNjVmZjBlOGI0ZmEwMjE0NmY4NWIwMGY4NWMifQ%3D%3D
ouo.press/ Name: f8f3bf259ff35fc71786d7ade3ef457640358f08
Value: eyJpdiI6IlRTQVJvY2JrbVFcLzU1ZzkzZURyK2V1VDNiZjVzRU1EWktnc3lQUEh2djQ0PSIsInZhbHVlIjoiRjEwSTNSdFJ1RThNRis0YkE0dk1TM3plb2pIR0xRT2xhUTNnd08yNVI3cVZnM25abXU3WUU2TGQrSXFldFljUzFKZUZTS3hGMU80Sm95ZVRuTEJSTEJhczZOU3grc3lwdTI2T3dcLzc5XC9RQTY1Ymk0cTF2eUxVS1JVOG5kOUtYZkNXeTFpSWprZldOcGlmSXEycHpqOFRSTUM2YktiRXRtWHdPVklCSGdhUFVJUmNoZTRZaGxMXC82Z05WenVYSXYweG53Q0JLY1VMRWY1VjNlWmxzVmc0cWFhc1ZoZnZQUzhZa0NIZWp4T1dNWDhPTWk0RXRPWDFvMXZqYk1TMTFST2RRbDJsbjRqQkpRZ0Foc0lsaG83OFNNSFp0MFZFejRMazRcL2FRWGNcL2dsM1VlZ0p1WTRMN3M3YlJ2VE1hVHVRQXk2UkFUNjBVb2tONG02NXdzVlpkcndnMVMzZCsycFh1OTdDT2daV0xMQWdcLytLYnNrMlQ4c0h2VXdhWE94aWpaIiwibWFjIjoiNjU1YmYzMWFjZmM1MTU3ZGIzNDc2NDIwYzkzMDMzZWRmYmIzOGRkMTgxYTM1MDcxMmNiNmY0NGJlMTc5YWNhNSJ9
.ouo.press/ Name: __cf_bm
Value: SxmtYtY_Lyu9aZIGlHy9WylNy7hhkq8HoYooEnp3fYQ-1653158341-0-ARjTiJTB4V/0xFzjvHcBiG2XeDabzDVNi2n89yDaW7Hu4mz0+ypP1SzYvYnT9NJyT4hh5lKwz0zFPxgr3dpjMo8=
tv.gourdycortes.com/ Name: GL_UI4
Value: eJw9jVtugzAQRSHm0SgFdSQWkCXYISH0s%2Boi%2BokGPCFuwBMZN6i7r1Wp%2FbpH96EbRdGmKiF%2BZALEF55gf5Cv5%2BOlx3ODQ9PqupftqZH1sUY6KNUibM3Seewn8gk8j2TJmaEbWFMBLyH6c26WV5tA2ju0uoB0Do2pgLx3vC7kKgGJxZkge786DprO%2BMkOhJIqsLGBYwkbXipRbiH%2FMFaHYbmDjZJlkUWwu0%2FoL%2BzmzugshnR0qAniN3ga0NPI7htyTcvN8x2AJ939939%2FxaokZJoeZgjn7K%2FkfgA9UUpX
tv.gourdycortes.com/ Name: GL_GI10
Value: eJxljNFKwzAYhbvUxRVl48AeoC%2BwQiyd3qrr3I1XPkAI3d8RpEn4kw3r06sbiODd4TvnO1mWieUcwgYs1ENT3am6Uk1TqfUa%2BYE8xKbFbeePLvGonRkI1y%2FEg3EjJNPBegexa3Fzybrze8J0067%2BsLM13VGMhKvOphHYsnHv%2FZFTaYby1ViH4qe46Mtv%2Ff8gtzEAtVL3dflGfLIdxfLxCYWjpGMg2qN49hw8m0SY%2F9Lzp8wxs1EH9h%2BjnGCR7ECf3pH2fR8pSYHJSYov5TZPzw%3D%3D
cdn.firstimpression.io/ Name: OAID
Value: GDPR
.adnxs.com/ Name: icu
Value: ChgIw6tREAoYASABKAEwxuOklAY4AUABSAEQxuOklAYYAA..
.adnxs.com/ Name: uuid2
Value: 3081378692530761903
.rubiconproject.com/ Name: khaos
Value: L3G7SKX4-L-I1B4
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqQbGU6lSShfD5APvdogVCbaTd6KyMQnau0RTcz8e+19V6uvfVAbcqioVU2gxcNTeSjJyCvVaOjObzwVI85VVVJ0A+VO7RH1E0=
ouo.press/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ouo.press/ Name: pbjs-pubCommonId
Value: f1782fee-9a3b-4590-abb2-0d7b6a7f5ab7
ouo.press/ Name: cto_bidid
Value: 8pm5Yl83RGZsMUdNV05qQ0VUODBDcTJhRmRkZ3UlMkZ6WmtjRmU5cE5hb2FEeGpOS2xTNFVIJTJCRlNhejBFbjFRNzNTMnE0ZHJzelM4eXJSbXA3TGY2aU5CSnV6UUElM0QlM0Q
ouo.press/ Name: cto_bundle
Value: cBTUJ19DaHdDT216UWcxeFhLNENZYmVGSElLOW9SRHpmRUUzalk2Nm4yZzk3MSUyRnVvRHJvNiUyRmdndnNSZ1J6Z3NYQVVuQ3NaY0JScmNyV0VGaldGTFNjWVp3NThVc2ZuVW9aODBFcFdaNmJ6eVl2cVNqUUJuJTJGbFVZcSUyRjNZdTF6alNvNkV0
.ouo.press/ Name: _gid
Value: GA1.2.687936404.1653158343
.ouo.press/ Name: _gat_UA-177299981-5
Value: 1
.ouo.press/ Name: _ga_0DTZ6LRDBJ
Value: GS1.1.1653158343.1.0.1653158343.60
.ouo.press/ Name: _ga
Value: GA1.1.1671146006.1653158343
.criteo.com/ Name: uid
Value: 02930d8d-d786-42b1-82f5-ef0f77083269
.ouo.press/ Name: cto_bundle
Value: 60KdU19DaHdDT216UWcxeFhLNENZYmVGSElGaFE1WXdWMEJza2J1VXE5cE9RWGFtNE5EbE9DNXJWNTQ4aGw4biUyRm5XRVNrY1ptYnM2YSUyQllNTEd6cSUyQlY3clR2eTdIbjdzV0FDMjV5cjFmc0V0cTQydWhvTVdRTVZHRWdqaXpmOHElMkJsVlQ5JTJGayUyQiUyQlpOOWU5SEg2TUFHNHA2QnB1ZyUzRCUzRA
ouo.press/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C991771%22%3A%7B%22page%22%3A1%2C%22time%22%3A1653158344760%7D%7D
ouo.press/ Name: _lr_retry_request
Value: true
ouo.press/ Name: _lr_env_src_ats
Value: false
ouo.press/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-05-21T18%3A39%3A04.941627Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
ouo.press/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-05-21T18%3A39%3A04%22%7D
.ouo.press/ Name: panoramaId_expiry
Value: 1653244745003
.doubleclick.net/ Name: IDE
Value: AHWqTUkVblgTog2TG2vcdAq2iNmIa9vob0wURwDEvHwNAo0SieRGshjMpleG_43OOEE
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&4964ebc2-2561-4633-802f-d5ed31dbdd18"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTMxNTgzNDY7MjswMjHMaC1sjtuLQIy2lsYYGaRuPPYAQ3Q7OIOihEwYc8lRPw==
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2637:u=1:x=1:i=1653158346:t=1653244746:v=2:sig=AQFZUwYm73Dh2pLhSSPruHm3jTqCNz5c"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: Ax8afEayQUmNmOnIVOrLVFA

3 Console Messages

Source Level URL
Text
network error URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
ads.yahoo.com
analytics.google.com
api.rlcdn.com
bidder.criteo.com
biddr.brealtime.com
c.adskeeper.com
c.amazon-adsystem.com
c1.adform.net
cdn-adtrue.com
cdn.adnxs.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.firstimpression.io
cdn.jsdelivr.net
cm.adskeeper.com
cm.g.doubleclick.net
contextual.media.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
exchange.adtrue.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
gum.criteo.com
hb.emxdgt.com
hblg.media.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
itineraryupper.com
jsc.adskeeper.com
lg3.media.net
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
ouo.io
ouo.press
pixel.rubiconproject.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
s-img.adskeeper.com
s.amazon-adsystem.com
servicer.adskeeper.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.srv.stackadapt.com
tag.1rx.io
token.rubiconproject.com
tv.gourdycortes.com
video.your-notice.com
warp.media.net
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
c1.adform.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
hbopenbid.pubmatic.com
match.prod.bidr.io
sync-tm.everesttech.net
sync.mathtag.com
sync.srv.stackadapt.com
104.17.120.107
104.18.36.64
104.19.133.80
13.32.119.176
141.95.98.66
142.250.185.230
142.250.186.34
142.91.9.135
151.101.193.108
172.255.6.120
172.64.151.192
178.250.2.131
178.250.2.146
18.202.70.186
18.66.122.119
18.66.97.111
185.64.190.78
192.243.59.13
213.19.147.43
23.205.235.133
23.216.77.21
23.216.77.34
23.35.228.23
23.35.236.188
23.35.236.201
23.35.237.86
2602:803:c003:200::61
2606:4700:10::6816:16a2
2606:4700:10::6816:3bfb
2606:4700:3035::6815:8a9
2606:4700:3038::6815:ead6
2606:4700::6810:5614
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:800::200e
2a00:1450:4001:809::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9c
2a02:2638::1c
2a02:2638::3
3.33.220.150
34.120.133.55
35.158.247.23
35.244.174.68
37.252.172.123
37.252.173.27
52.36.118.138
52.46.130.91
52.95.115.196
69.173.144.138
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07cd93aaf40528d8402e57fae379a7fe2ff24090292d4b425263965e73316323
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0974eff3bef9f915f9a67ceb86cd1bbf1d9a0e6d8f6bf3e4f9ce4017aa6f3028
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
142a769b571759c31ae540ce6f387561fec981fbc4ec029665cac698f6f064e9
154e8ecb37668fbe80aab0c7f45aed840663e701684d62cb6714016d4d2de35f
15aa6d5e0fe4fa2803ff888ffa708dd5fdfaf92f3cae0d126f72416f5cf5a2c9
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
4ba1ed4d3052c2e390e7e0dd7d742401a578004f5440f41bb9b38ca7c6b8c5dd
525cca3a085d3bd361a3452691b229260e841460e06e459b010a815927455502
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
72dbbce18267a319a74eb5d58e4669d103c4dea9abbbe62ca0657ad4e1b1e166
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e
78d40f1d47bc079ed51a575bef59bfa80cac216d8fb94c40babd3fa87b5982b1
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79e1241fc69fbba02e39237527dc0ceb97bb6a0ac5aad109a17362d33fb34cba
8249b8a479ef7e58f0434f09e2c0f93c01977bc9257f453f9f71f4c752273735
8634c6aebd163b8ec8af15a57a1e482b3f354399cf1c600510a5bcbe67929f62
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
874a578f11fa97ad6f97fd946bf3f55cf6ec58a9761229441462658999272cfc
89be71f355d291d9fe367281422cd22efdad50c7d7a338bef42c1952d87828fd
8c3b6c02319a59ce6690e468d7bd99eab695904a8e43cdae4762f123734e0026
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
9f75d4ba3fd309652e5518806c8527a4673b5852b88d66794f9e76e4577a8f1c
a090e4e333df7caef88f9b89843eb901eb20fd35cf58820bb6e02c37024c526c
a1454ecc15be4ed4f80ea452ed9fb072fa1eac4e5561d47517a52eca69e2a5ce
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
a9e94e3ac536738587bb087945f7a20e1ab7fb1404cad8e8e46d2246ce5fc3a7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
abff3de1810d5f1b52b5cc99b7e4b29dc850b17aaa6523b289e4240a62cf0728
ae3ee03d4d740ce444459793a13cdf9f3918841dd58c3656be63035725557766
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
c0fbc60b18df6621aeab97aecb37883b8838305e440626b353830cacc405de1e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c714e0fdb2fdc401597901d8973c02c9f519600094650a6baae40746fb5ad841
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
ca0c641794b61846b028382c9d78c95bab7bea336d35830df2db31b60a73bea5
cb90a8774aa9167be826bab2c4c178495e7362c695b8af8f13b6cf038db0e20e
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
d349604baf42cf87c80e6c13d310a495ed6bb40c19f820905d7f72867e810e9b
d417ff3ddf56e86e827828659b8d425974b296d4a575ff3c632da54ead783e62
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f
ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cc7ad5dbce85701a1263fdbcdc75f061b042e773436de78e66134543ddcc0d
f52802b4c38a1aacfb58299c27b3a1f5096f648b8463315fa9e7dc1da6cd2eea
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fbc4e3b4b5e7e59545fd56cbcd98961b0af06a5f9712970d200819546fc1259f
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546