urlscan.io logo urlscan.io
SecurityTrails logo

ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/0c9yHNsOmR
Effective URL: https://ouo.press/Z0EoOZD
Submission: On April 09 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 8 countries across 60 domains to perform 155 HTTP transactions. The main IP is 2606:4700:10::6816:3afb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 171872.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.
This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.69 13414 (TWITTER)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.109.82.121 7979 (SERVERS-COM)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.91.9.135 7979 (SERVERS-COM)
1 192.243.59.20 39572 (ADVANCEDH...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.66.97.111 16509 (AMAZON-02)
4 18.66.248.77 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.134 15169 (GOOGLE)
1 23.35.237.86 16625 (AKAMAI-AS)
7 18.66.122.109 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 108.138.3.177 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 50.112.169.222 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
1 213.19.147.43 3356 (LEVEL3)
1 52.57.231.46 16509 (AMAZON-02)
2 178.250.0.165 44788 (ASN-CRITE...)
6 185.33.220.244 29990 (ASN-APPNEX)
11 23.35.228.23 16625 (AKAMAI-AS)
1 23.216.77.21 20940 (AKAMAI-ASN1)
1 151.101.1.108 54113 (FASTLY)
4 185.33.221.88 29990 (ASN-APPNEX)
2 23.35.236.201 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 6 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.2.146 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.216.77.34 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638::3 44788 (ASN-CRITE...)
8 104.18.17.65 13335 (CLOUDFLAR...)
2 104.19.134.80 13335 (CLOUDFLAR...)
1 54.36.109.186 16276 (OVH)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 52.30.14.23 16509 (AMAZON-02)
2 3.33.220.150 16509 (AMAZON-02)
2 23.205.235.133 16625 (AKAMAI-AS)
2 23.35.236.188 16625 (AKAMAI-AS)
1 104.17.119.107 13335 (CLOUDFLAR...)
2 3 54.239.38.253 16509 (AMAZON-02)
6 7 69.173.144.138 26667 (RUBICONPR...)
2 3 52.46.130.91 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2 142.250.186.130 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
1 198.47.127.19 ()
155 56
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    2606:4700:10::6816:17a2 (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.io
5    2606:4700:10::6816:3afb (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.press
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.109.82.121 (Netherlands)

ASN7979 (SERVERS-COM, US)
phallicuncut.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    142.91.9.135 (Netherlands)

ASN7979 (SERVERS-COM, US)
video.your-notice.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
itineraryupper.com
3    2606:4700:3033::ac43:8bcc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
1    18.66.97.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-111.fra56.r.cloudfront.net
ecdn.analysis.fi
4    18.66.248.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-77.dus51.r.cloudfront.net
ecdn.firstimpression.io
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
7    18.66.122.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-109.fra60.r.cloudfront.net
cdn.firstimpression.io
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    108.138.3.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-177.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    50.112.169.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-169-222.us-west-2.compute.amazonaws.com
exchange.adtrue.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    213.19.147.43 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    52.57.231.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-231-46.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
6    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
11    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
warp.media.net
lg3.media.net
hblg.media.net
1    23.216.77.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-21.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
4    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ams1-ib.adnxs.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:4700:3038::6815:ead7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adtrue.com
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    23.216.77.34 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-34.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
8    104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
cm.adskeeper.com
2    104.19.134.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
1    54.36.109.186 (France)

ASN16276 (OVH, FR)
PTR: p06.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a05:d018:d29:3601:b73:5e1d:a8b6:5551 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
cdn.adnxs.com — Cisco Umbrella Rank: 1424
ams1-ib.adnxs.com — Cisco Umbrella Rank: 7279
acdn.adnxs.com — Cisco Umbrella Rank: 597
79 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 758
gum.criteo.com — Cisco Umbrella Rank: 383
mug.criteo.com — Cisco Umbrella Rank: 2668
dis.criteo.com Failed
15 KB
11 media.net
contextual.media.net — Cisco Umbrella Rank: 527
warp.media.net — Cisco Umbrella Rank: 2158
lg3.media.net — Cisco Umbrella Rank: 3387
hblg.media.net — Cisco Umbrella Rank: 1498
157 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1212
s.amazon-adsystem.com — Cisco Umbrella Rank: 281
81 KB
11 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 17877
cdn.firstimpression.io — Cisco Umbrella Rank: 18219
328 KB
10 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 458
eus.rubiconproject.com — Cisco Umbrella Rank: 567
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
token.rubiconproject.com — Cisco Umbrella Rank: 675
14 KB
8 adskeeper.com
jsc.adskeeper.com — Cisco Umbrella Rank: 28404
c.adskeeper.com — Cisco Umbrella Rank: 14439
servicer.adskeeper.com — Cisco Umbrella Rank: 26962
s-img.adskeeper.com — Cisco Umbrella Rank: 15438
cm.adskeeper.com — Cisco Umbrella Rank: 29847
466 KB
5 adtrue.com
cdn.adtrue.com — Cisco Umbrella Rank: 116989
exchange.adtrue.com — Cisco Umbrella Rank: 86859
87 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 4
analytics.google.com — Cisco Umbrella Rank: 724
41 KB
5 ouo.press
ouo.press — Cisco Umbrella Rank: 171872
32 KB
4 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
2 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
356 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 632
89 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 461
hbopenbid.pubmatic.com Failed
image6.pubmatic.com
simage2.pubmatic.com Failed
image2.pubmatic.com Failed
99 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ads.yahoo.com — Cisco Umbrella Rank: 1132
ups.analytics.yahoo.com Failed
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
802 B
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 821
id.rlcdn.com — Cisco Umbrella Rank: 601
323 B
2 adskeeper.co.uk
cdn.adskeeper.co.uk — Cisco Umbrella Rank: 25535
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
104 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1554
res-a.akamaihd.net — Cisco Umbrella Rank: 6026
25 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
704 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2644
1 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1709
333 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 699
527 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5383
501 B
1 cdn-adtrue.com
cdn-adtrue.com — Cisco Umbrella Rank: 140680
908 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1787
154 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
sync.1rx.io Failed
165 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
10 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1340
3 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 22035
5 KB
1 itineraryupper.com
itineraryupper.com — Cisco Umbrella Rank: 316741
1 your-notice.com
video.your-notice.com — Cisco Umbrella Rank: 71853
525 B
1 phallicuncut.com
phallicuncut.com — Cisco Umbrella Rank: 309426
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
918 B
1 ouo.io
ouo.io — Cisco Umbrella Rank: 126228
1 KB
1 t.co
t.co — Cisco Umbrella Rank: 476
503 B
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 playground.xyz Failed
ads.playground.xyz Failed
0 turn.com Failed
ad.turn.com Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 quantserve.com Failed
pixel.quantserve.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
0 taboola.com Failed
trc.taboola.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 erne.co Failed
green.erne.co Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 truffle.bid Failed
matching.truffle.bid Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 loopme.me Failed
csync.loopme.me Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 de17a.com Failed
d5p.de17a.com Failed
0 adform.net Failed
c1.adform.net Failed
155 60
Domain Requested by
7 cdn.firstimpression.io ecdn.firstimpression.io
6 gum.criteo.com 3 redirects static.criteo.net
6 ib.adnxs.com ecdn.firstimpression.io
cdn.adtrue.com
acdn.adnxs.com
5 contextual.media.net ecdn.firstimpression.io
contextual.media.net
t.co
ouo.press
5 c.amazon-adsystem.com ecdn.firstimpression.io
c.amazon-adsystem.com
5 ouo.press t.co
ouo.press
4 token.rubiconproject.com 4 redirects
4 mug.criteo.com ouo.press
4 ams1-ib.adnxs.com ecdn.firstimpression.io
ouo.press
cdn.adnxs.com
4 ecdn.firstimpression.io ouo.press
ecdn.firstimpression.io
4 www.google.com ouo.press
www.gstatic.com
www.google.com
3 s.amazon-adsystem.com 2 redirects
3 pixel.rubiconproject.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 static.criteo.net cdn.adtrue.com
static.criteo.net
ecdn.firstimpression.io
3 lg3.media.net ouo.press
t.co
3 www.gstatic.com www.google.com
3 cdn.adtrue.com ouo.press
exchange.adtrue.com
t.co
2 cm.g.doubleclick.net 1 redirects
2 acdn.adnxs.com ecdn.firstimpression.io
cdn.adtrue.com
2 eus.rubiconproject.com ecdn.firstimpression.io
eus.rubiconproject.com
2 match.adsrvr.org ads.pubmatic.com
2 cm.adskeeper.com jsc.adskeeper.com
2 cdn.adskeeper.co.uk jsc.adskeeper.com
2 c.adskeeper.com jsc.adskeeper.com
2 jsc.adskeeper.com exchange.adtrue.com
jsc.adskeeper.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com cdn-adtrue.com
www.googletagmanager.com
2 hblg.media.net ouo.press
2 ads.pubmatic.com t.co
cdn.adtrue.com
ads.pubmatic.com
2 bidder.criteo.com ecdn.firstimpression.io
cdn.adtrue.com
2 exchange.adtrue.com t.co
cdn.adtrue.com
1 image6.pubmatic.com ads.pubmatic.com
1 id.rlcdn.com
1 ads.yahoo.com
1 px.ads.linkedin.com
1 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
1 biddr.brealtime.com ecdn.firstimpression.io
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 s-img.adskeeper.com
1 servicer.adskeeper.com jsc.adskeeper.com
1 www.google.de ouo.press
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 res-a.akamaihd.net ouo.press
1 cdn-adtrue.com exchange.adtrue.com
1 cdn.adnxs.com ecdn.firstimpression.io
1 warp.media.net ecdn.firstimpression.io
1 qsearch-a.akamaihd.net ecdn.firstimpression.io
1 hb.emxdgt.com ecdn.firstimpression.io
1 tag.1rx.io ecdn.firstimpression.io
1 fastlane.rubiconproject.com ecdn.firstimpression.io
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net ecdn.firstimpression.io
1 widgets.outbrain.com ouo.press
1 ad.doubleclick.net ouo.press
1 ecdn.analysis.fi ouo.press
1 itineraryupper.com ouo.press
1 video.your-notice.com ouo.press
1 phallicuncut.com ouo.press
1 fonts.googleapis.com ouo.press
1 ouo.io 1 redirects
1 t.co
0 pixel-sync.sitescout.com Failed ads.pubmatic.com
0 ads.playground.xyz Failed ads.pubmatic.com
0 ad.turn.com Failed ads.pubmatic.com
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 x.bidswitch.net Failed ads.pubmatic.com
0 ups.analytics.yahoo.com Failed ads.pubmatic.com
0 pixel.quantserve.com Failed ads.pubmatic.com
0 um.simpli.fi Failed ads.pubmatic.com
0 image2.pubmatic.com Failed ads.pubmatic.com
0 pixel.onaudience.com Failed ads.pubmatic.com
0 trc.taboola.com Failed ads.pubmatic.com
0 sync.1rx.io Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 green.erne.co Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 matching.truffle.bid Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 sync.srv.stackadapt.com Failed ads.pubmatic.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 dis.criteo.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 d5p.de17a.com Failed ads.pubmatic.com
0 c1.adform.net Failed ads.pubmatic.com
0 hbopenbid.pubmatic.com Failed cdn.adtrue.com
155 93

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
phallicuncut.com
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
your-notice.com
R3		 2022-03-06 -
2022-06-04		 3 months crt.sh
itineraryupper.com
R3		 2022-03-18 -
2022-06-16		 3 months crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-08-14		 2 years crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh

This page contains 34 frames:

Primary Page: https://ouo.press/Z0EoOZD
Frame ID: 5434B6B251E4A17DB34E68A144C2D836
Requests: 25 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 5F5814C56E5DCAC1133A98129E11F81C
Requests: 17 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FZ0EoOZD&cb=1493468682&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/Z0EoOZD
Frame ID: 8B081085627D0800255376F0744624BA
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=lu8y0xgpm5ij
Frame ID: 0F91F6875FC3995D8CCCC19FC991334E
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Frame ID: 19BE8CD10D0853EFF4CC2CEFBE5ABF22
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: DC5FF656D5D2D2BA173E98D812B0453F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C10000%2C2033%2C9&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 3023C8FF68D7720D1A3EA167E40D78C1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C10000%2C2033%2C9&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 605753FF012C62151DD6099EF5FD617D
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: E85045E553064C5862F026EF266EFBC0
Requests: 4 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 7A8A592DFD48CE4289A79584F4CFE7B4
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: 80CA54D549DE6F4D571842AC49EC5726
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: DAD058A868F5E7C45A2373E209B9E3F7
Requests: 2 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=164951376307051751412
Frame ID: 098C60ED23BE47523E1DE4C600042E8C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 88A85688DD11C52F65D326CE54A6AE70
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 93A37A924E77F98A682D5E3C8D121F71
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 8C2177FE7ACBDF7E1FA72FF14021022D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3046A962BDC402954F4BC608B71CECDE
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B418BDFAC9E7B7B9DE839B3E19A0DD9A
Requests: 20 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=37D72507-0DAA-47C1-85D8-7BBDAFEEB2F0
Frame ID: 0BE95DA1DD019F65F1A0F02E90AB1FF6
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 4DAB8931ACAC14745005CC52740C5595
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 4542ED816B771CD87E8603ED2FCA1A3B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E5DA78A6CF3AB5BE6DA48FA5E20F9990
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7084607670691887246
Frame ID: 640B6D674788BF2F8477B82539CD7D8F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 55E8BF96B134E0469C915ABB57CE13EC
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11
Frame ID: 82BF24C2E5AE5D4F106D0C2FA2F33443
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: 17F33002D4F5C4E240F5300A5303F675
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: 31F738944B17506BE7E10FADEBC14E4C
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 161085B666B7A515A05E071CD2BD5AE2
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: FAB35DA02FD523A0B51259862EBBE7C4
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm
Frame ID: 7A52E520A39D59C3AF961080A7007326
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 85FF9AB20B8CA9D2BFEF867186E7257B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 3408AD87961101225F06000182A10AFF
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Frame ID: A2E8C13BCF260FC26A1449AFAC389047
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Frame ID: B2C8A4BEBEC05F964BDAEA865402CC51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

  1. https://t.co/0c9yHNsOmR Page URL
  2. https://ouo.io/Z0EoOZD HTTP 302
    https://ouo.press/Z0EoOZD Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

155
Requests

72 %
HTTPS

35 %
IPv6

60
Domains

93
Subdomains

56
IPs

8
Countries

2015 kB
Transfer

4836 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/0c9yHNsOmR Page URL
  2. https://ouo.io/Z0EoOZD HTTP 302
    https://ouo.press/Z0EoOZD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=74dH53xYRm1xWEV4ZTVoL0YxTktIWjlqa3NDRE9uNjJyOXQzNERscmJGUDFlK2VyTTJLeW5va2kyZytpVk00YWpiQ3hTMTFZRHFPdnc1bDl5MkNPVk9NVkRFU0JJYlgwU1hrNE4yTjBzRUtJUHB5R093bzZUR3dicUlNYyswc1pEdTg3M2Y1WEgvNGVVdTlpeFg4aFd6eGNOS0NsdFlVNXFCWjV3NDVJbGozMkY0VVNFNjhsOGw2eG1BT1hMZnpreEtMUXdORWpCZHRkK1UyUWVMQVJFK1QvakJUeStVWVpDOEhYb1pHSDFjakhVSWdNPXw&cppv=2
Request Chain 85
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=DW6_ml9NamhKTkwxTE9jM1p5T3c5QlZIaCUyQlFaJTJCbmluNGpqYUVkeCUyRmV4MiUyQkM0UUJ0JTJCSDZwZW1nUjA5YTdPS2hpYktqV2RFR280dmdCdDNRd0slMkJFa0hZWUpCUnBWMEhua0xBbzNiZDljUXdjVWFKY0RycHVLWFNUNmNDcW5pQmdSQmRQaA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=SjaiMnw5Y0kzejdsSlNEa3ErT3QvT3FIYTVJOVRYTFJTM3dBSnl1amRQZ0JRNERMK0VUL0YxY3lnMTd0OHJPUHJGY0UzYkFiYnBZZ05haUpkOStyaVlnNWtrT2pMVmFSYXBuVDlNdXJ1ekc5RzBWU21SVmpzc0c3bTZ6NjIrL3d0UVRIdzh3NE1PdVhoWFFrdlN0K3p4RTJNZVJBU2pCQk1CZS9XUmJ6ZlQxbm5XdlN4c2RrL0Zzdjdmekx1MEZnK1FEeUd0NVU3NVNhU3JvZVk5Ynd3bUFndU9kdGVwL3RQb0Q2dzdLTWtOSER1NDR2VVFwVjVINFFMSkE1VVNUWTVMY2NQd21OdHJ3TjkvWlRmMnROdTJjOHRnZzZzdDRDR1k1ei9YRlJJODFhSGVCTT18&cppv=2
Request Chain 92
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=DW6_ml9NamhKTkwxTE9jM1p5T3c5QlZIaCUyQlFaJTJCbmluNGpqYUVkeCUyRmV4MiUyQkM0UUJ0JTJCSDZwZW1nUjA5YTdPS2hpYktqV2RFR280dmdCdDNRd0slMkJFa0hZWUpCUnBWMEhua0xBbzNiZDljUXdjVWFKY0RycHVLWFNUNmNDcW5pQmdSQmRQaA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=qctOuXxtYjVKdlJqNTRudkFrcUxzYkJoZjhkbFZPUTZwZ2J3bE15TDdXSURENlR5RDNld0YxOUY0VVRDazJzZmxxdk1jRUtIcjUrOUdQeGtzYnFMdWlQRGo1dW8vcXduWHp4UEJrKy9raUk3UVd5a3FkdjZLOEg3STlLMk5lelcvTGdFVXBrWmpPU0tOVFM1d0drc2YyRFFKRlE1VmJYeWUzUmp5WjdINlhZUUR1WFFVZ0NDdGdvZzRHWFhCT2k1VUR0M0RNTm03MXRZRnBEMGFLaFlQSzNwYW5CK3o5T3pvMWlwZlhIYUhheThrM1JFd1FNdWkvZEYrWFJTcWdReHhTbnpXWTlieVhrN1dyd284eExWNDE2T2hUVFg0QnVJaEhlVzUvMlZYNDFnUUYwbz18&cppv=2
Request Chain 109
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=z5kAYTTzQdWUXXH-DVgg6A&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=z5kAYTTzQdWUXXH-DVgg6A
Request Chain 111
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=A26ofPJ9TfuJ94bomitwFQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=A26ofPJ9TfuJ94bomitwFQ
Request Chain 112
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Mrwa7K7tC31X51fO06tSiw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=294499163346861775
Request Chain 113
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1RXWIEV-9-GBHI
Request Chain 114
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1RXWIEV-9-GBHI&sigv=1&esig=2~caf8a1f6a6281ff1a1186917032f201c8ca13ca8
Request Chain 115
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSWFdJRVYtOS1HQkhJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSWFdJRVYtOS1HQkhJ&google_tc=
Request Chain 127
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7084607670691887246
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N9clBw2qR8GF2Hu9r-6y8A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzdENzI1MDctMERBQS00N0MxLTg1RDgtN0JCREFGRUVCMkYw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED0IjjxUmtmmbqZ07nHM2zI&google_cver=1
Request Chain 147
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1761128858322821694&gdpr=0&gdpr_consent=

155 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0c9yHNsOmR
t.co/ 		221 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/0c9yHNsOmR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
172
content-type
text/html; charset=utf-8
date
Sat, 09 Apr 2022 14:15:57 GMT
expires
Sat, 09 Apr 2022 14:20:57 GMT
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
ea32bad83eacf07b9bbe10b9d25c7af9eca3fe4128a9b4d0714c18f50935091b
x-response-time
121
x-xss-protection
0
Primary Request Z0EoOZD
ouo.press/
Redirect Chain
  • https://ouo.io/Z0EoOZD
  • https://ouo.press/Z0EoOZD
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ouo.press/Z0EoOZD
Requested by
Host: t.co
URL: https://t.co/0c9yHNsOmR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48dde05c012fa9a9bca509ed4bcab942bcf059bf0aa5631f39bcfca263076ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.co/0c9yHNsOmR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
6f93db9dca940e26-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 09 Apr 2022 14:15:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
6f93db9b6c9e0f6a-MXP
content-type
text/html; charset=UTF-8
date
Sat, 09 Apr 2022 14:15:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ouo.press/Z0EoOZD
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		1020 B
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 09 Apr 2022 13:40:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 09 Apr 2022 14:15:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Apr 2022 14:15:58 GMT
bootstrap.css
ouo.press/css/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/bootstrap.css
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/Z0EoOZD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
16641
cf-polished
origSize=109522
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Sat, 14 Feb 2015 06:58:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"54def1fc-1abd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
6f93db9f9dc30e26-MXP
expires
Sat, 09 Apr 2022 21:38:37 GMT
link-safe.css
ouo.press/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/link-safe.css
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/Z0EoOZD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
16739
cf-polished
status=cannot_optimize
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Wed, 02 Oct 2019 21:46:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d951ace-1830"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
6f93db9f9dc80e26-MXP
expires
Sat, 09 Apr 2022 21:36:59 GMT
16562
phallicuncut.com/1clkn/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phallicuncut.com/1clkn/16562
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.82.121 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 09 Apr 2022 14:15:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Keep-Alive
timeout=20
api.js
www.google.com/recaptcha/ 		884 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6151c32b75d34ec7486fe1fdd1f3fa142f1ebcebdf378b5ec319893c50bfcb74
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Sat, 09 Apr 2022 14:15:58 GMT
html_102001.js
video.your-notice.com/ 		775 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video.your-notice.com/html_102001.js
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f89938c79873cd609d75b6112604cbedf77695f1eeed40d179bc5a450d9680b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:48 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
ed36014633829dc70a42dccaefdf3f11.js
itineraryupper.com/ed/36/01/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 09 Apr 2022 14:15:58 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type
application/javascript
Content-Length
0
async.js
cdn.adtrue.com/rtb/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20201727
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53YLuaFz%2BA%2FAJ6F5O%2BxEpPebHTWU1nYS08esQFTIc7JtvLcn9T%2B%2FUHNgdnP9xJTtnePnLF%2Bv40BWObTpkwXku92yWtIkiJp7dTD2HDIu8rfxjy70swhjEpC5KIm1ZrGEJjCsxc5SGIY66xwXaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f93dba0bb5e3754-MXP
expires
Sat, 13 Aug 2022 18:40:31 GMT
world.png
ouo.press/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouo.press/images/world.png
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/Z0EoOZD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1864088
cf-polished
status=not_needed
content-length
5692
x-xss-protection
1; mode=block
last-modified
Wed, 06 May 2015 05:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5549a07c-163c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 18 Apr 2022 00:27:50 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6f93dba02edd0e26-MXP
cf-bgj
imgq:85,h2pri
email-decode.min.js
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/Z0EoOZD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Apr 2022 16:13:31 GMT
server
cloudflare
etag
W/"624f0dab-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6f93dba01ecc0e26-MXP
vary
Accept-Encoding
expires
Mon, 11 Apr 2022 14:15:58 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-111.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:13:09 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
169
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
4240
x-amz-cf-id
7eH6URo9JuW88e8awdwVMjilvrownf6VyMSSsPgqHJ6WhVxX2puHSw==
expires
Sat, 09 Apr 2022 15:13:09 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-77.dus51.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
b1a9ca75900b5258b8c75e2e81ce53d0e782b3fdcb39dfba6c43564258d37eaf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:13:24 GMT
content-encoding
br
etag
W/"ef2a9e0dcc2802c047fc6d816bd541f9"
last-modified
Sat, 09 Apr 2022 14:13:24 UTC
server
nginx/1.20.0
age
154
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
QltK24_9BYVzHSktB7cgbhVUxJ5GjsN0qj4wl7AVxTw5Mkfc_33KSA==
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145703
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Apr 2023 14:08:17 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 18:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70750
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Apr 2022 18:36:48 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
last-modified
Wed, 30 Mar 2022 13:33:34 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1648647404.09018"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 09 May 2022 14:15:58 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		26 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FZ0EoOZD&charset=UTF-8&ch=14&ref=ouo.press&viewerId=null&referer=https://t.co/&_firid=70523708
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
96e45d64c66adf9b36b02ef02dbba4f9026e06708b9099d5fc24ef5380d06a45

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://ouo.press
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
u0YBAbxPLXKP0d845JSpt1BmSS1ejV6CanvIn-_w8DgcqJ6p7Kq-xw==
expires
0
collect
cdn.firstimpression.io/tracking/ 		2 B
406 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-id
xfeHT_gWyPAio_ZJUziaCMklW0_vQY8m1GLdKqp7wouwwSZFXhqZSg==
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-77.dus51.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:13:06 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
172
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
WKkMIlwcTUFJZOHB85u4f2Tb0wX-TEDuYPRfKSHo5Oay2F-3Wc5OBw==
via
1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
expires
Sat, 09 Apr 2022 15:13:06 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
8874
age
17612
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19175-FRA, cache-mxp6922-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pnna4yGWVQqN5WVdhXKo6VQrWisiLU4uD%2BB%2BgyKLHvn1Q%2FszWXvhcgIZ6u8cy4r2PHUpal7dLoEezfsbqaLDwnJOJTzZtouvUqi62nXdSCbxclOPHU7xU9QKhUmR9upiSrJKfcpXymYjlCDato%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f93dba1ed3a0f7a-MXP
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
.7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding
gzip
etag
4e3fad24a118a07cea7ce88b2721a583
age
851
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1KAKQHZG6BFW2WP0QXA4
date
Sat, 09 Apr 2022 14:01:50 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
jkSWsWUfjmPJVWif__M3cOiQ4h26pkBsS_-b_Iz9P9rSVbC7eNvjmQ==
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v17/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/questrial/v17/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 20:05:18 GMT
x-content-type-options
nosniff
age
238241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19292
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:15:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Apr 2023 20:05:18 GMT
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 5F58 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-77.dus51.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:13:14 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 08:48:22 GMT
server
nginx/1.20.0
age
165
etag
W/"624ff6d6-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
XJUchemYsxrzilgAraSz8aSwstvMpQZAsXy5PV7xbO09hfP7sYN0Ng==
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
expires
Sat, 09 Apr 2022 15:13:14 GMT
truncated
/ 		592 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
impress
exchange.adtrue.com/delivery/ Frame 8B08 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FZ0EoOZD&cb=1493468682&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/Z0EoOZD
Requested by
Host: t.co
URL: https://t.co/0c9yHNsOmR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.169.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-169-222.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
abff3de1810d5f1b52b5cc99b7e4b29dc850b17aaa6523b289e4240a62cf0728

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
server
nginx
x-adtrue-instance
java3
content-length
4626
content-type
application/javascript
anchor
www.google.com/recaptcha/api2/ Frame 0F91 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=lu8y0xgpm5ij
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8a7b92a4d2047ca5fe65aa3cc498dc12cc2273564124c8c0d0f3cd6932dbb3ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FVSTl7BgDbnN/cmS5IqOrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22181
content-security-policy
script-src 'report-sample' 'nonce-FVSTl7BgDbnN/cmS5IqOrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Apr 2022 14:15:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 5F58 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-77.dus51.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:13:06 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
173
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
WviliHrti45vaMQOG-P6dphTUC-KIudK6n75CRa_it5jwOrnNyhyVA==
via
1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
expires
Sat, 09 Apr 2022 15:13:06 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 0F91 		51 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=lu8y0xgpm5ij
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:37:18 GMT
x-content-type-options
nosniff
age
88721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52582
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Apr 2023 13:37:18 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 0F91 		362 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=lu8y0xgpm5ij
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145703
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Apr 2023 14:08:17 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame 5F58 		1 B
446 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C88461%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C6%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459%7C110459
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
gzip
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
gbs5UHbWz0MdEkg9199Oi5NIjVGYo6QA_x5LVx7pMUoPIyEsNQFG5Q==
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5F58 		350 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FZ0EoOZD&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FZ0EoOZD&tg_i.page=https%3A%2F%2Fouo.press%2FZ0EoOZD&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=08d0aa78-080f-42d5-b821-6426f241addb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4242425089164239
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0c8c8a3d27c4d4c8600cef79a38492fe17d524c113d0b221e301821724eb5fff

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:15:59 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
350
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/212927/0/ Frame 5F58 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
pragma
no-cache
date
Sat, 09 Apr 2022 14:15:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
/
hb.emxdgt.com/ Frame 5F58 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1649513760454&src=pbjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.231.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-231-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sat, 09 Apr 2022 14:15:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
cdb
bidder.criteo.com/ Frame 5F58 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=2665995636
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Apr 2022 14:15:58 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ Frame 5F58 		143 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cb2669943a52bf78d922e8e67341e0b1ffc1209052f6b7d514511009ccb6c4fe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:15:59 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f7a5f763-8d30-4c68-a2a0-ca963f9720ee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 5F58 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7bfbcc3dafe87b6ea134213b05889b25bbefe97fd2edee59c57f6a352ec6a574
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 09 Apr 2022 14:15:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cf00f098-1291-4802-be10-9579bb9796b5
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5F58 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
.7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding
gzip
etag
4e3fad24a118a07cea7ce88b2721a583
age
851
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1KAKQHZG6BFW2WP0QXA4
date
Sat, 09 Apr 2022 14:01:50 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
28QXnHTjBqSOsI_3_6ZNBWqX8_jXaveIWB7tzS6_LSOdRUtNyRa_Ng==
config
c.amazon-adsystem.com/cdn/prod/ Frame 5F58 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 09:08:14 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
server
Server
age
18464
x-cache
Hit from cloudfront
access-control-allow-origin
https://ouo.press
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
6iyOb48AZ3L9PgPo-rD_YORuZAazL65-d0s5I4VOykns7y2WYwJgQQ==
bid
c.amazon-adsystem.com/e/dtb/ Frame 5F58 		23 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FZ0EoOZD&pr=https%3A%2F%2Ft.co%2F&pid=f4eetaOafBgSp&cb=0&ws=728x90&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
EKCA3VP4NXTYQVXYF944
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
dstvETxjnR_TXDayuGFrq_-6J1UqgNbz4qQDGgd2BkS5ip-xtR5gEw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5F58 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
31957
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Sat, 09 Apr 2022 06:15:55 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
sfXLLLIGFWyemdaw1TzoiLtmGIn6Y2RR4bUoGTChf2JPK5STOSobNw==
webworker.js
www.google.com/recaptcha/api2/ Frame 0F91 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=lu8y0xgpm5ij
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bea0c70a9781c6017a4a666a69482c1a5a78635ce76c395f7ab74b6029571ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=lu8y0xgpm5ij
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Sat, 09 Apr 2022 14:15:59 GMT
collect
cdn.firstimpression.io/tracking/ Frame 5F58 		2 B
405 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-id
hV6If44G22U_yIveuygMbwA16HdyIHujIyluktlrZ0_GUJPPgXJbuA==
v1
cdn.firstimpression.io/tracking/habit/ Frame 5F58 		2 B
405 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/habit/v1?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-id
AxV3sXRnQ5rQPzufed9-RR9YLnWr46i3e9v9Zdov3vAtdlYEazZOJQ==
nmedianet.js
contextual.media.net/ Frame 19BE 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
137ce1cebedf37d8680adcc7d1c3c2d1c7f424d5fa0501ace0c99e4b60aaefc1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-7
content-encoding
gzip
server
Apache
etag
"f118579fb00ba7aaf5055c80a38babf9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Sat, 09 Apr 2022 14:15:59 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-32
expires
Sat, 09 Apr 2022 14:20:59 GMT
log
qsearch-a.akamaihd.net/ Frame 19BE 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=19050205&other_prv=9&jar_err=&current_day=6.0&adtyp=0&req_id=3634278050668754223&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=37.2747&exp=&second_bidder=*&search_res=52&floor_bucket=0.00&gpid_format=&seat=&size=728x90&url_l1=z0eoozd&f_seg=&prdp=0.3072&local_wr_url=0.0000&ogcbdp=0.6400&dfpbd=0.3072&server=1&ogerpm_wd_bkt=0-1&model_version=202204082010_generic_appn_2-cid_3&viewability=0.7200&dmm_r=0.9030&cut=52&dmm_l=0.1090&as_cache=0&tcyerpm=&sc=TH&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ouo.press%2Fz0eoozd%2F&bidrestime=1649513759303&cc=DE&strg=harmony&ss=&current_hour=14&time_stamp=2022-04-09+14%3A15%3A59&model_key=generic_appn_2-cid_3&rvshhon=&mul_ratio=0.0000&bdp=0.6400&ct=Erfurt&akey=&mnckfl=0&bdp_bucket=0.60&algo=&dc=eu_be&splid=19050205&dim4=exploration&dn=ouo.press&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&buyer_id=&dmm_m10=932457&bdp_wider_bucket=1&acid=28ffc2aae5924aff80b9f2b922eed1fd&infl=&o_ver=NT+10.0&br_ver=100.0.4896.75&bdmm_m6=1.0000&bdmm_m7=1.8530&bdmm_m5=1.0000&ver=8.11.0&totalTimeBucket=3&visibility=0&totalTime=3595920&dmm_m1=2022-04-09+14%3A15%3A59.305641914&e_rpm=0.9850&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=1.8530&cid=8CU6M287B&bcrid=305103290&rawbid=0.6400&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-6b6d47dcc8-p4ftv.BE&dfp_bucket=0.30&adblk=&itype=appnexus&pvid_seat=9&cliIP=3644888832&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=50&gpid=&iwb=1&dmm_d22=0.10&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.64
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-21.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:15:59 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 09 Apr 2022 14:15:59 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 19BE 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Sat, 09 Apr 2022 14:15:59 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=51276
access-control-allow-credentials
true
content-length
62892
expires
Sun, 10 Apr 2022 04:30:35 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 19BE 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 09 Apr 2022 14:15:59 GMT
Content-Encoding
gzip
Age
3820649
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21944-LGA, cache-hhn4051-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1649513760.534786,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
48360, 5629000
it
ams1-ib.adnxs.com/ Frame 19BE 		0
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fouo.press%252FZ0EoOZD&e=wqT_3QLDBOhDAgAAAwDWAAUBCJ-qxpIGEIKYjc6I_KDpIxgAKjYJ2c73U-Ol0z8RkGYsms5O0D8ZAAAAwPUo7D8hkA0SACkRJMgxAAAAgD0Ktz8w3d2KCTjRGECVCUhgULqDvpEBWNGXZWAAaKuAuQF4AIABAYoBA1VTRJIFBvD9mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCGWh0dHBzOi8vb3VvLnByZXNzL1owRW9PWkSAAwCIAwGQAwCYAxegAwGqA0ESGDM2MzQyNzgwNTA2Njg3NTQyMjNfc2JpZBoTMjU4MTI3MDUzNjg0MzkwNjA1MCIJMzA1MTAzMjkwKgVNMTE3M8ADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS45qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLohHliIBQGYBQCgBa_q8IiclOO3MsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJQBgAIAAwADjHBkAAyAcA0gcNFXUBNgjaBwYJJUTgBwDqBwIIAPAH3KIEiggCEAA.&s=c51e75c356b2ec2894afdff9b8da735f042b0c63
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:15:59 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9a0c32a7-0309-46ab-a791-14b4e68f83b8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
cdn.firstimpression.io/tracking/ Frame 5F58 		2 B
404 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-id
As3VRo1vnu3xidHc1-0hVagKl452t5FKheTXx2XbOBgH2mDpIdSXCA==
prebid.js
cdn.adtrue.com/pb/ Frame 8B08 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FZ0EoOZD&cb=1493468682&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/Z0EoOZD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1165634
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 14 Apr 2021 09:06:46 GMT
server
cloudflare
etag
W/"6076b0a6-3f06e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqqSwClxd5MUaJMMrOYWYpTj4gz8GBw3fAdg9AFOvxtJ%2BUTaKXdYvIeXhAUH8ZSRKI5wycwmzqIObRQyHrViJDvJTsDsM67jzLAqm%2FrGztHHW1ixgabnNCzQ%2BbCaRTILnq5ZO4QRJJnU8zOXkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f93dba5e8cce930-MRS
expires
Wed, 22 Mar 2023 02:28:45 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 8B08 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: t.co
URL: https://t.co/0c9yHNsOmR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:33:12 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3fca8-5cf4eee137dd8"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=129934
accept-ranges
bytes
content-type
text/javascript
content-length
80538
expires
Mon, 11 Apr 2022 02:21:33 GMT
ga.js
cdn-adtrue.com/track/ Frame 8B08 		502 B
908 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FZ0EoOZD&cb=1493468682&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14331143
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Apr 2021 11:02:09 GMT
server
cloudflare
etag
W/"6066f9b1-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1d5xi%2BMNYUWRHWSQa9wN9i18VdL1PS7zGXFuTUbbZIaQ1ELhRq%2BSUDRpOjaxYsZGH0w3wRnoa5P%2BMAlpeSUUPatJ%2BdrMqxV%2BIrteBfdzUaRrjDxt6LAhnPci91o9LKn%2BgUHMn4qdhdqPVQbWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f93dba63c350fde-MRS
expires
Thu, 20 Oct 2022 17:23:36 GMT
reload
www.google.com/recaptcha/api2/ Frame 0F91 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
72c184ac230449b2647fbf5fc0431d5276d163bfe1216002a1b5bbc2b6c54ed3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=invisible&cb=lu8y0xgpm5ij
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18272
x-xss-protection
1; mode=block
expires
Sat, 09 Apr 2022 14:15:59 GMT
smtr
contextual.media.net/ Frame 19BE 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=211362147&size=728x90&cc=DE&chnm=HARMONY&pid=8PO15FLE3&tpid=T92M8NE&https=1&vif=1&requrl=https%3A%2F%2Fouo.press%2FZ0EoOZD&nse=5&vi=1649513759203397111&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&bcpf=8fOnRrolnfOur8B4NazBN%2Fza&bdrId=9&ntv=0&katpre=1&katbid=-103&pgid=p1239191923t202204091416&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=HE
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ab6c2c53f329a2b08f23ba9a47d0e54dd18bc697ee38e642b45b7791df130ea
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Sat, 09 Apr 2022 14:15:59 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-nb7f
strict-transport-security
max-age=604800
timing-allow-origin
*
content-length
26979
x-sc-w
22-7gl1
checksync.php
contextual.media.net/ Frame DC5F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Requested by
Host: t.co
URL: https://t.co/0c9yHNsOmR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b70416a9d9363f77976d4a4d2748fa7e3f4b2a835a9e0be884bd42ecb4ef23a2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5717
content-type
text/html; charset=UTF-8
date
Sat, 09 Apr 2022 14:15:59 GMT
expires
Mon, 11 Apr 2022 14:15:59 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 19BE 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=513&&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&vi=1649513759203397111&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886995206&r=1649513760902&requrl=https%3A%2F%2Fouo.press%2FZ0EoOZD&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1649513759113423387&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p1239191923t202204091416&vgd_pgids=1&vgd_uspa=0&hvsid=00001649513760893036448888329929&gdpr=1&vgd_end=1
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Sat, 09 Apr 2022 14:15:59 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 09 Apr 2022 14:15:59 GMT
checksync.php
contextual.media.net/ Frame 3023 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C10000%2C2033%2C9&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4aaffc26ded7a75dd71645d2121d73932232a6af6570f579a4b5ca972c991bef
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7796
content-type
text/html; charset=UTF-8
date
Sat, 09 Apr 2022 14:15:59 GMT
expires
Mon, 11 Apr 2022 14:15:59 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 19BE 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3634278050668754223&s_city=amsterdam&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.640&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=5042e8a0&scrid=305103290&itypeid=16&mx_SPRIG=0&viewability=72&renderer=0&be=0&rtime=8.0&adj0=0.0&tmax=150&s_ip=185.33.222.236&adj2=0.0&adj1=0.0&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=3634278050668754223&sc=TH&mowxReqId=28ffc2aae5924aff80b9f2b922eed1fd_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2FZ0EoOZD&bidrestime=1649513759303&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-15-29&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.640&ct=Erfurt&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=9009&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=28ffc2aae5924aff80b9f2b922eed1fd&actltime=19&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.307&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&smbrid=3153&bfs=103&rfc=1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=305103290&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2316%23%2343&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1649514359558&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.307&csex=0&pvdTmax=109&ltime=18.0&epc=211362147&prvReqId=33112021261682_796584803_856004011191&zip=99097&exid=31&adl_wrapper=0&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&rtttime=26&mx_PC=1&wsip=mowx-c5d9cd699-z987d&currsrc_date=2022-04-08+00%3A00%3A00&mx_divid=19050205&geoll=false&debug_ts=2022-04-09+14%3A15%3A59&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&pid=8PR113JGC&spTo=3&ecp=0.88&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-6b6d47dcc8-p4ftv.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.64&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=2581270536843906050&rme=adm&bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DERFURT~ref_cnt%3D1~r_ip%3D217.64.151.0~r_sc%3DTH~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D9009~bx_a1%3D0~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D1000~dmm_d21%3D-1~dmm_d22%3D0.10~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D1~dmm_d29%3Dfalse~dmm_d30%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000011~bx_intmd%3D0~bx_ginsu%3D0~bx_rsp%3D%3D0~bx_size%3D728x90~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.109~dmm_r%3D0.903~e_rpm%3D0.985~dmm_m1%3D0.985~dmm_m2%3D0.059~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.853~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.928~dmm_m12%3D1.853~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.944~dmm_m16%3D0.903~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m33%3D1.000~dmm_m34%3D1.000~dmm_m35%3D1.000~dmm_m36%3D1.000~dmm_m39%3D46126.332~dmm_m40%3D450567.000~dmm_m41%3D22.142~dmm_m42%3D193.000~dmm_m43%3D1.995~dmm_m44%3D0.944~dmm_m47%3D21452.000~dmm_m48%3D4837886.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.985~vbr%3D0~bid%3D0.640~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.720212%7Ecbdp%3D0.307%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.640%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~&utime=1615&sf=0&cpr=0.23855538268946486
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
max-age=3600
date
Sat, 09 Apr 2022 14:15:59 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sat, 09 Apr 2022 20:15:59 GMT
checksync.php
contextual.media.net/ Frame 6057 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C10000%2C2033%2C9&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4aaffc26ded7a75dd71645d2121d73932232a6af6570f579a4b5ca972c991bef
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7796
content-type
text/html; charset=UTF-8
date
Sat, 09 Apr 2022 14:15:59 GMT
expires
Mon, 11 Apr 2022 14:15:59 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
rd_log
ams1-ib.adnxs.com/ Frame 19BE 		0
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FZ0EoOZD&e=wqT_3QKCBOgCAgAAAwDWAAUBCJ-qxpIGEIKYjc6I_KDpIxgAKjYJ2c73U-Ol0z8RkGYsms5O0D8ZAAAAwPUo7D8hkA0SACkRJMgxAAAAgD0Ktz8w3d2KCTjRGECVCUhgULqDvpEBWNGXZWAAaKuAuQF4AIABAYoBA1VTRJIFBvC8mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCGWh0dHBzOi8vb3VvLnByZXNzL1owRW9PWkSAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APcoKcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDIxNy42NC4xNTEuOagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6Ad1YiAUBmAUAoAWv6vCInJTjtzLABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBfWkCfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUAYACAAMAA4xwZAAMgHANIHDRV1ATYI2gcGCSVE4AcA6gcCCADwB9yiBIoIAhAA&s=1d67d605a1510d87e1e2d648a18e9a23dc490e1c&bdref=https%3A%2F%2Fouo.press%2FZ0EoOZD&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fouo.press%2FZ0EoOZD,https%3A%2F%2Fouo.press%2FZ0EoOZD,https%3A%2F%2Fouo.press%2FZ0EoOZD&
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:15:59 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
249ccadd-8825-45d7-95f4-cb40335475e9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 19BE 		0
829 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FZ0EoOZD&e=wqT_3QLDBOhDAgAAAwDWAAUBCJ-qxpIGEIKYjc6I_KDpIxgAKjYJ2c73U-Ol0z8RkGYsms5O0D8ZAAAAwPUo7D8hkA0SACkRJMgxAAAAgD0Ktz8w3d2KCTjRGECVCUhgULqDvpEBWNGXZWAAaKuAuQF4AIABAYoBA1VTRJIFBvD9mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCGWh0dHBzOi8vb3VvLnByZXNzL1owRW9PWkSAAwCIAwGQAwCYAxegAwGqA0ESGDM2MzQyNzgwNTA2Njg3NTQyMjNfc2JpZBoTMjU4MTI3MDUzNjg0MzkwNjA1MCIJMzA1MTAzMjkwKgVNMTE3M8ADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS45qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLohHliIBQGYBQCgBa_q8IiclOO3MsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJQBgAIAAwADjHBkAAyAcA0gcNFXUBNgjaBwYJJUTgBwDqBwIIAPAH3KIEiggCEAA.&s=c51e75c356b2ec2894afdff9b8da735f042b0c63&type=nv&nvt=5&jm=1003&sid=8020832431713204014&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&sw=1600&sh=1200&pw=1600&ph=1793&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:15:59 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
45be8587-0027-4e06-9eb1-861662db3f25
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ouo.press
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 09 Apr 2022 14:15:58 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1561
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 8B08
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=74dH53xYRm1xWEV4ZTVoL0YxTktIWjlqa3NDRE9uNjJyOXQzNERscmJGUDFlK2VyTTJLeW5va2kyZytpVk00YWpiQ3hTMTFZRHFPdnc1bDl5MkNPVk9NVkRFU0JJYlgwU1hrNE4yTjBzRUtJUHB5R093bzZUR3dicUlNYy...
364 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=74dH53xYRm1xWEV4ZTVoL0YxTktIWjlqa3NDRE9uNjJyOXQzNERscmJGUDFlK2VyTTJLeW5va2kyZytpVk00YWpiQ3hTMTFZRHFPdnc1bDl5MkNPVk9NVkRFU0JJYlgwU1hrNE4yTjBzRUtJUHB5R093bzZUR3dicUlNYyswc1pEdTg3M2Y1WEgvNGVVdTlpeFg4aFd6eGNOS0NsdFlVNXFCWjV3NDVJbGozMkY0VVNFNjhsOGw2eG1BT1hMZnpreEtMUXdORWpCZHRkK1UyUWVMQVJFK1QvakJUeStVWVpDOEhYb1pHSDFjakhVSWdNPXw&cppv=2
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
67a63748e4c39d42cb440278e81bac139563fdbb82a2a25c81cc26447fe4a49e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2442
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:15:59 GMT
location
https://mug.criteo.com/sid?cpp=74dH53xYRm1xWEV4ZTVoL0YxTktIWjlqa3NDRE9uNjJyOXQzNERscmJGUDFlK2VyTTJLeW5va2kyZytpVk00YWpiQ3hTMTFZRHFPdnc1bDl5MkNPVk9NVkRFU0JJYlgwU1hrNE4yTjBzRUtJUHB5R093bzZUR3dicUlNYyswc1pEdTg3M2Y1WEgvNGVVdTlpeFg4aFd6eGNOS0NsdFlVNXFCWjV3NDVJbGozMkY0VVNFNjhsOGw2eG1BT1hMZnpreEtMUXdORWpCZHRkK1UyUWVMQVJFK1QvakJUeStVWVpDOEhYb1pHSDFjakhVSWdNPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1922
content-length
482
expires
0
gtm.js
www.googletagmanager.com/ Frame 8B08 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Requested by
Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb379d10374502321f77293ca7294a1d97a6384d0212a066617f46971e5f936b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39800
x-xss-protection
0
last-modified
Sat, 09 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Apr 2022 14:15:59 GMT
translator
hbopenbid.pubmatic.com/ Frame 8B08 		0
0
cdb
bidder.criteo.com/ Frame 8B08 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=70448706141
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Apr 2022 14:15:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 8B08 		137 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cd655a2c9575d13b4afc7c21bace4d7a13e384afbd01ce47a609beae03c9ee9c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:15:59 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
58962480-6981-43c9-b45f-717ee98387cb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=74dH53xYRm1xWEV4ZTVoL0YxTktIWjlqa3NDRE9uNjJyOXQzNERscmJGUDFlK2VyTTJLeW5va2kyZytpVk00YWpiQ3hTMTFZRHFPdnc1bDl5MkNPVk9NVkRFU0JJYlgwU1hrNE4yTjBzRUtJUHB5R093bzZUR3dicUlNYyswc1pEdTg3M2Y1WEgvNGVVdTlpeFg4aFd6eGNOS0NsdFlVNXFCWjV3NDVJbGozMkY0VVNFNjhsOGw2eG1BT1hMZnpreEtMUXdORWpCZHRkK1UyUWVMQVJFK1QvakJUeStVWVpDOEhYb1pHSDFjakhVSWdNPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 09 Apr 2022 14:15:59 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
979
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame E850 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E850 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame E850 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-34.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 09 Apr 2022 14:16:00 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
collect
cdn.firstimpression.io/tracking/ 		2 B
405 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Apr 2022 14:16:00 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-id
fbNi0eQXO3NWKYKUJigZatVyf900ZShIPR3fm3HJCCWAwcnJAYd-hw==
js
www.googletagmanager.com/gtag/ Frame 8B08 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
643bc16b5e0aebadf5fcceb41be199b4180cf98fd6d49490f43e1a4c18c449e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:00 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66227
x-xss-protection
0
expires
Sat, 09 Apr 2022 14:16:00 GMT
analytics.js
www.google-analytics.com/ Frame 8B08 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
674
date
Sat, 09 Apr 2022 14:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 09 Apr 2022 16:04:46 GMT
collect
www.google-analytics.com/j/ Frame 8B08 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=620022690&t=pageview&_s=1&dl=https%3A%2F%2Fouo.press%2FZ0EoOZD&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=YEBAAEABAAAAAC~&jid=75487357&gjid=514710396&cid=1641776996.1649513761&tid=UA-177299981-5&_gid=335825254.1649513761&_r=1&gtm=2wg460NPLC9ST&z=2047798279
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ Frame 8B08 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe3u0&_p=620022690&sr=1600x1200&_z=ccd.AAB&_gaz=1&ul=en-us&cid=1641776996.1649513761&_s=1&dl=https%3A%2F%2Fouo.press%2FZ0EoOZD&dt=&sid=1649513761&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame 8B08 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0DTZ6LRDBJ&cid=1641776996.1649513761&gtm=2oe3u0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 8B08 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0DTZ6LRDBJ&cid=1641776996.1649513761&gtm=2oe3u0&aip=1&z=456783009
Requested by
Host: ouo.press
URL: https://ouo.press/Z0EoOZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bql.php
lg3.media.net/ Frame E850 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5363&&&vgd_l2type=sca&v=1&gdpr=1&geo=50.13%7C8.67&dlper=20&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170785111&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=243&fdkt=391&vgde_kbbh=ffoNu9&kwd[]=Kurkuma+gegen+Arthroseschmerzen&kwt[]=391&kbc[]=1261981624&kwp[]=1&kid[]=329496726&kbc2[]=ps%3D0.756%7C%7Crpc%3D0.40%7C%7Clvl%3D5.00&ktd[]=274894815488&ktrkt[]=Kurkuma+gegen+Arthroseschmerzen&kwd[]=Luftreiniger+f%C3%BCr+Allergiker&kwt[]=391&kbc[]=1261981624&kwp[]=2&kid[]=350651746&kbc2[]=ps%3D0.756%7C%7Crpc%3D0.41%7C%7Clvl%3D5.00&ktd[]=274894815488&ktrkt[]=Luftreiniger+f%C3%BCr+Allergiker&kwd[]=All+Inclusive+Urlaub+in+Italien&kwt[]=391&kbc[]=1261981624&kwp[]=3&kid[]=326723684&kbc2[]=ps%3D0.756%7C%7Crpc%3D0.40%7C%7Clvl%3D5.00&ktd[]=274894815488&ktrkt[]=All+Inclusive+Urlaub+in+Italien&kwd[]=Die+besten+Aktien+kaufen&kwt[]=391&kbc[]=1261981624&kwp[]=4&kid[]=326670668&kbc2[]=ps%3D0.756%7C%7Crpc%3D0.59%7C%7Clvl%3D5.00&ktd[]=274894815488&ktrkt[]=Die+besten+Aktien+kaufen&cid=8CUL2446F&vwid=1649513759203397111&vi=1649513759203397111&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785111&vgd_nrrv=42121&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1649513759113423387&sttm=1649513760893&upk=1649513761.18259&hvsid=00001649513760893036448888329929&verid=3111299&sbdrId=99&vgd_ecrid=305103290&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D9009&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8Ovui9X9f9X~Q7Ovui9X9f9X~875EJvK00I4tPb~e8Q8G8j875v9~N875v4DsPD_~LJkMNz7vu~LM8Evfuh.FH.uXu.9~LMQNv_q~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1Qzvi99i~G-M1uv9~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHvu9~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvh9~OYYMOuivu999~OYYMOfuvou~OYYMOffv9.u9~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvu~OYYMOfivk1jQJ~OYYMOA9v9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv99999uu~G-M8z7YOv9~G-My8zQxv9~G-MLQEvv9~G-MQ8lJvhfW-i9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~OYYMjv9.u9i~OYYMLv9.i9A~JMLEYv9.iWX~OYYMYuv9.iWX~OYYMYfv9.9Xi~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhvu.WXA~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.ifW~OYYMYufvu.WXA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iHH~OYYMYuFv9.i9A~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAAvu.999~OYYMYAHvu.999~OYYMYAXvu.999~OYYMYAFvu.999~OYYMYAivHFufF.AAf~OYYMYH9vHX9XFh.999~OYYMYHuvff.uHf~OYYMYHfvuiA.999~OYYMYHAvu.iiX~OYYMYHHv9.iHH~OYYMYHhvfuHXf.999~OYYMYHWvHWAhWWF.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.iWX~eGLv9~G8Ov9.FH9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8Ovui9X9f9X~e8JB1G8j875v9.hf9fuf~NGOEv9.A9h~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~LJkMNz7vu~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.FH9~875EJM8OvuF~QJjjJLM71yM8Ovui9X9f9X~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=200610&vgd_scsver=174&vgd_l2ch=0&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001649513760893036448888329929&subBdr=99&bdrid=9&fp=CPlwIBiT932FkZzdrHiv5lv8EL5ebwrpp9Xj29uLY8qhfBqWfiV0WT2iHKz9bsQmh7NVwmZU4MFoEZM-c7MvkvhBuaSB4Cyw81S57mXAMsL0pfEi43kBYYu78gcPzRJK&cme=zGWi_5rzaUCRxbnz4IezyuRgTUuX8ow1q48d9S4wcHQ3bNkq1-VNf_CCUnVbFjQwkNamjFqVhnp97Ai_XTVf8jQcvUwrjJp6_BsG5u-RiL21V2iTrvW8UyGSdJRy6_v7txZea1noXmN75oaha88spcmA32AuXWQ2190hl2zrIMXgWg0RzKZGQKRIAJMg2TdRo94K5rUZCxGtpgtCoKK-EvtF9EtOxGPBGPkTJXqzz_s%3D%7C%7CMhSffBRfuCOyCp4u_bjS9Q%3D%3D%7Cq_CdneSp_GlkLeDR302z9QiIM8iRN8k9n-nr9d4ZQOGsU6qYIlSN4oCm9BhbCmy1QbG_lZGg_sPkaiDSEwfp3D5qabiHzFpE5NjEhHgf5ccTXw44i0Lg6L9rwJbL5gOpmThpZJqZQiokH0UuZUojBDfqQsRX3FKUo94JPOvb11zJ7QBYpGDY9S4gIo5gsIV6KCcHa3KNJloTHUjrcAJzSRpvi-YDxha4Xe1x5frYL0E%3D%7CECZQquDAdXO219s_zvdUcg%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7CgNTUc7MBYV04UVzmztpDDQ%3D%3D%7Ca0AmFUYXmD41Acxn9AJpoDXiwoUinakcPiW1uTT4hcD8iEz4fKFMaA%3D%3D%7C&rc=0&rand=1649513761235&acid=28ffc2aae5924aff80b9f2b922eed1fd&matm=1649513761236&requrl=https%3A%2F%2Fouo.press%2FZ0EoOZD&vgd_x_pos=437&vgd_y_pos=1422&vgd_ren_page_h=1793&vgd_ltime=666&vgd_ltimesrc=1&vgd_l1hcsd=A7%7C2295&vgd_l1ch=1&vgd_lhl=3068&vgd_pgid=p1239191923t202204091416&vgd_adprefflag=01&vgd_csip=rtb-common-6b6d47dcc8-p4ftv.BE&vgd_sbSup=1&vgd_nrrs=42121&vgd_cntrdt=SL%7CDIV%7CDIV&oRurl=adomain%3Dhttps%253A%252F%252Fcontent.businessinfoline.com%26adt1%3D8CU6M287B%26adt2%3D856004011%26bdrId%3D9%26cb%3Dwindow._mNDetails.initAd%26cc%3DDE%26chnm%3DHARMONY%26cid%3D8CUL2446F%26cpcd%3DXwoV-NCuQXHq_FbmS-SljQ%253D%253D%26crid%3D211362147%26gdpr%3D1%26https%3D1%26katbid%3D-103%26katpre%3D1%26lw%3D1%26matchstring%3D%26nb%3D1%26nse%3D5%26ntv%3D0%26pid%3D8PO15FLE3%26requrl%3Dhttps%253A%252F%252Fouo.press%252FZ0EoOZD%26size%3D728x90%26tpid%3DT92M8NE%26ugd%3D4%26vif%3D1&vgd_end=2
Requested by
Host: t.co
URL: https://t.co/0c9yHNsOmR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Sat, 09 Apr 2022 14:16:00 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Sat, 09 Apr 2022 14:16:00 GMT
vevent
ams1-ib.adnxs.com/ Frame 19BE 		0
829 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FZ0EoOZD&e=wqT_3QLDBOhDAgAAAwDWAAUBCJ-qxpIGEIKYjc6I_KDpIxgAKjYJ2c73U-Ol0z8RkGYsms5O0D8ZAAAAwPUo7D8hkA0SACkRJMgxAAAAgD0Ktz8w3d2KCTjRGECVCUhgULqDvpEBWNGXZWAAaKuAuQF4AIABAYoBA1VTRJIFBvD9mAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCGWh0dHBzOi8vb3VvLnByZXNzL1owRW9PWkSAAwCIAwGQAwCYAxegAwGqA0ESGDM2MzQyNzgwNTA2Njg3NTQyMjNfc2JpZBoTMjU4MTI3MDUzNjg0MzkwNjA1MCIJMzA1MTAzMjkwKgVNMTE3M8ADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS45qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLohHliIBQGYBQCgBa_q8IiclOO3MsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJQBgAIAAwADjHBkAAyAcA0gcNFXUBNgjaBwYJJUTgBwDqBwIIAPAH3KIEiggCEAA.&s=c51e75c356b2ec2894afdff9b8da735f042b0c63&type=pv&jm=1003&px=436&py=1109&bw=728&bh=90&sf=1&sid=8020832431713204014&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:16:00 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
81153536-b3c6-4f48-85cc-0b31a5b90066
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
passback.js
cdn.adtrue.com/rtb/ Frame 7A8A 		753 B
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: t.co
URL: https://t.co/0c9yHNsOmR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14328530
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QorfstmK0F6Tf6Jm8%2FK%2Bgk2vWunuf41ONe2LXRa0CIo6NWrVuwr%2B96SJwWbx%2BsJ8G4O3vytp6GJ0%2BVYkDS23CB1m3pXqmBWLO0nIPJXyF9se9XL1LBGxS2vNzPRsl4%2FXylo5jhAFlNm6ERxpow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f93dbad9b6ae930-MRS
expires
Thu, 20 Oct 2022 18:07:10 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8B08 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:00 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Apr 2022 14:16:00 GMT
passback
exchange.adtrue.com/tag/ Frame 7A8A 		296 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1730446192&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.169.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-169-222.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:00 GMT
server
nginx
content-length
296
content-type
application/javascript
syncframe
gum.criteo.com/ Frame 80CA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5136
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Apr 2022 14:16:00 GMT
server-processing-duration-in-ticks
1859
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8B08 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Apr 2022 14:16:01 GMT
sid
mug.criteo.com/ Frame 80CA
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=DW6_ml9NamhKTkwxTE9jM1p5T3c5QlZIaCUyQlFaJTJCbmluNGpqYUVkeCUyRmV4MiUyQkM0UUJ0JTJC...
  • https://mug.criteo.com/sid?cpp=SjaiMnw5Y0kzejdsSlNEa3ErT3QvT3FIYTVJOVRYTFJTM3dBSnl1amRQZ0JRNERMK0VUL0YxY3lnMTd0OHJPUHJGY0UzYkFiYnBZZ05haUpkOStyaVlnNWtrT2pMVmFSYXBuVDlNdXJ1ekc5RzBWU21SVmpzc0c3bTZ6Nj...
439 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=SjaiMnw5Y0kzejdsSlNEa3ErT3QvT3FIYTVJOVRYTFJTM3dBSnl1amRQZ0JRNERMK0VUL0YxY3lnMTd0OHJPUHJGY0UzYkFiYnBZZ05haUpkOStyaVlnNWtrT2pMVmFSYXBuVDlNdXJ1ekc5RzBWU21SVmpzc0c3bTZ6NjIrL3d0UVRIdzh3NE1PdVhoWFFrdlN0K3p4RTJNZVJBU2pCQk1CZS9XUmJ6ZlQxbm5XdlN4c2RrL0Zzdjdmekx1MEZnK1FEeUd0NVU3NVNhU3JvZVk5Ynd3bUFndU9kdGVwL3RQb0Q2dzdLTWtOSER1NDR2VVFwVjVINFFMSkE1VVNUWTVMY2NQd21OdHJ3TjkvWlRmMnROdTJjOHRnZzZzdDRDR1k1ei9YRlJJODFhSGVCTT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
13f56e781e7fab86c7da99da0792b1d5017d8ec06fdb2ed047b5840439c493fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5367
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:00 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=SjaiMnw5Y0kzejdsSlNEa3ErT3QvT3FIYTVJOVRYTFJTM3dBSnl1amRQZ0JRNERMK0VUL0YxY3lnMTd0OHJPUHJGY0UzYkFiYnBZZ05haUpkOStyaVlnNWtrT2pMVmFSYXBuVDlNdXJ1ekc5RzBWU21SVmpzc0c3bTZ6NjIrL3d0UVRIdzh3NE1PdVhoWFFrdlN0K3p4RTJNZVJBU2pCQk1CZS9XUmJ6ZlQxbm5XdlN4c2RrL0Zzdjdmekx1MEZnK1FEeUd0NVU3NVNhU3JvZVk5Ynd3bUFndU9kdGVwL3RQb0Q2dzdLTWtOSER1NDR2VVFwVjVINFFMSkE1VVNUWTVMY2NQd21OdHJ3TjkvWlRmMnROdTJjOHRnZzZzdDRDR1k1ei9YRlJJODFhSGVCTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2087
content-length
567
expires
0
adtrue.ouo.press.991771.js
jsc.adskeeper.com/a/d/ Frame 7A8A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1730446192&ref=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb90a8774aa9167be826bab2c4c178495e7362c695b8af8f13b6cf038db0e20e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2605
cf-ray
6f93dbaef9805bfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
745
x-amz-id-2
30IowPiBg9cBBAxwsrqJAT4mLpzMST1FR2x4xB2UYmezcjCpnrW7mpPRsshxoE0TBKYNx3ulVzQ=
last-modified
Wed, 06 Apr 2022 13:03:40 GMT
server
cloudflare
etag
"aef0043370d859b0e8b6b8c06254bdef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
PD8AKS8S542AHH2K
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 09 Apr 2022 18:16:01 GMT
adtrue.ouo.press.991771.es6.js
jsc.adskeeper.com/a/d/ Frame 7A8A 		227 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c88146482c1645e8f415545675e0827ebdbab2ed9821fd7fdeada1adcfcf0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4976
cf-ray
6f93dbaf49655c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70363
x-amz-id-2
w6+9h9KUh+/e4h9yrGVIJkghaLXfljIxuRaVnOci+6rizFWRON/jye/VL/3x/iIEEcFp6hvQJt0=
last-modified
Wed, 06 Apr 2022 13:03:40 GMT
server
cloudflare
etag
"f26dac354c5881e094330192223d8810"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
S5Z4VJAWZ4ESMET8
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 09 Apr 2022 18:16:01 GMT
publishertag.prebid.113.js
static.criteo.net/js/ld/ Frame 5F58 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Apr 2022 14:16:01 GMT
syncframe
gum.criteo.com/ Frame DAD0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5136
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Apr 2022 14:16:00 GMT
server-processing-duration-in-ticks
4355
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bqi.php
lg3.media.net/ Frame 19BE 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3387&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_l2type=sca&pid=8PO15FLE3&katbid=-103&katen=1&cme=zGWi_5rzaUCRxbnz4IezyuRgTUuX8ow1q48d9S4wcHQ3bNkq1-VNf_CCUnVbFjQwkNamjFqVhnp97Ai_XTVf8jQcvUwrjJp6_BsG5u-RiL21V2iTrvW8UyGSdJRy6_v7txZea1noXmN75oaha88spcmA32AuXWQ2190hl2zrIMXgWg0RzKZGQKRIAJMg2TdRo94K5rUZCxGtpgtCoKK-EvtF9EtOxGPBGPkTJXqzz_s=||MhSffBRfuCOyCp4u_bjS9Q==|q_CdneSp_GlkLeDR302z9QiIM8iRN8k9n-nr9d4ZQOGsU6qYIlSN4oCm9BhbCmy1QbG_lZGg_sPkaiDSEwfp3D5qabiHzFpE5NjEhHgf5ccTXw44i0Lg6L9rwJbL5gOpmThpZJqZQiokH0UuZUojBDfqQsRX3FKUo94JPOvb11zJ7QBYpGDY9S4gIo5gsIV6KCcHa3KNJloTHUjrcAJzSRpvi-YDxha4Xe1x5frYL0E=|ECZQquDAdXO219s_zvdUcg==|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|u8A6SM53vAeDX2gxB2l7q9coRgBZkbzd|qW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb|gNTUc7MBYV04UVzmztpDDQ==|a0AmFUYXmD41Acxn9AJpoDXiwoUinakcPiW1uTT4hcD8iEz4fKFMaA==|&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&requrl=https%3A%2F%2Fouo.press%2FZ0EoOZD&vi=1649513759203397111&ugd=4&cc=DE&sc=HE&bdrid=9&subBdr=99&startTime=1649513760883&l2type=sca&vgd_l1rakh=1649513759113423387&l1ch=1&sttm=1649513760893&upk=1649513761.18259&hvsid=00001649513760893036448888329929&acid=28ffc2aae5924aff80b9f2b922eed1fd&verid=3111299&vgd_bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DERFURT~ref_cnt%3D1~r_ip%3D217.64.151.0~r_sc%3DTH~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D9009~bx_a1%3D0~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D1000~dmm_d21%3D-1~dmm_d22%3D0.10~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D1~dmm_d29%3Dfalse~dmm_d30%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000011~bx_intmd%3D0~bx_ginsu%3D0~bx_rsp%3D%3D0~bx_size%3D728x90~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.109~dmm_r%3D0.903~e_rpm%3D0.985~dmm_m1%3D0.985~dmm_m2%3D0.059~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.853~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.928~dmm_m12%3D1.853~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.944~dmm_m16%3D0.903~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m33%3D1.000~dmm_m34%3D1.000~dmm_m35%3D1.000~dmm_m36%3D1.000~dmm_m39%3D46126.332~dmm_m40%3D450567.000~dmm_m41%3D22.142~dmm_m42%3D193.000~dmm_m43%3D1.995~dmm_m44%3D0.944~dmm_m47%3D21452.000~dmm_m48%3D4837886.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.985~vbr%3D0~bid%3D0.640~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.720212%7Ecbdp%3D0.307%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.640%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~&vgd_sc=HE&infr=1&stime=1649513760734&vgd_ecrid=305103290&l1hcsd=l1!A7|2295&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22eu_be%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p1239191923t202204091416&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Sat, 09 Apr 2022 14:16:01 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Sat, 09 Apr 2022 14:16:01 GMT
log
hblg.media.net/ Frame 19BE 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3634278050668754223&s_city=amsterdam&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.640&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=5042e8a0&scrid=305103290&itypeid=16&mx_SPRIG=0&viewability=72&renderer=0&be=0&rtime=8.0&adj0=0.0&tmax=150&s_ip=185.33.222.236&adj2=0.0&adj1=0.0&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=3634278050668754223&sc=TH&mowxReqId=28ffc2aae5924aff80b9f2b922eed1fd_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2FZ0EoOZD&bidrestime=1649513759303&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-15-29&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.640&ct=Erfurt&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=9009&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=28ffc2aae5924aff80b9f2b922eed1fd&actltime=19&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.307&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&smbrid=3153&bfs=103&rfc=1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=305103290&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2316%23%2343&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1649514359558&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.307&csex=0&pvdTmax=109&ltime=18.0&epc=211362147&prvReqId=33112021261682_796584803_856004011191&zip=99097&exid=31&adl_wrapper=0&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&rtttime=26&mx_PC=1&wsip=mowx-c5d9cd699-z987d&currsrc_date=2022-04-08+00%3A00%3A00&mx_divid=19050205&geoll=false&debug_ts=2022-04-09+14%3A15%3A59&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&pid=8PR113JGC&spTo=3&ecp=0.88&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-6b6d47dcc8-p4ftv.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.64&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=2581270536843906050&rme=adm&bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DERFURT~ref_cnt%3D1~r_ip%3D217.64.151.0~r_sc%3DTH~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D9009~bx_a1%3D0~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D1000~dmm_d21%3D-1~dmm_d22%3D0.10~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D1~dmm_d29%3Dfalse~dmm_d30%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000011~bx_intmd%3D0~bx_ginsu%3D0~bx_rsp%3D%3D0~bx_size%3D728x90~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.109~dmm_r%3D0.903~e_rpm%3D0.985~dmm_m1%3D0.985~dmm_m2%3D0.059~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.853~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.928~dmm_m12%3D1.853~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.944~dmm_m16%3D0.903~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m33%3D1.000~dmm_m34%3D1.000~dmm_m35%3D1.000~dmm_m36%3D1.000~dmm_m39%3D46126.332~dmm_m40%3D450567.000~dmm_m41%3D22.142~dmm_m42%3D193.000~dmm_m43%3D1.995~dmm_m44%3D0.944~dmm_m47%3D21452.000~dmm_m48%3D4837886.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.985~vbr%3D0~bid%3D0.640~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.720212%7Ecbdp%3D0.307%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.640%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:01 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sat, 09 Apr 2022 14:16:01 GMT
sid
mug.criteo.com/ Frame DAD0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=DW6_ml9NamhKTkwxTE9jM1p5T3c5QlZIaCUyQlFaJTJCbmluNGpqYUVkeCUyRmV4MiUyQkM0UUJ0JTJC...
  • https://mug.criteo.com/sid?cpp=qctOuXxtYjVKdlJqNTRudkFrcUxzYkJoZjhkbFZPUTZwZ2J3bE15TDdXSURENlR5RDNld0YxOUY0VVRDazJzZmxxdk1jRUtIcjUrOUdQeGtzYnFMdWlQRGo1dW8vcXduWHp4UEJrKy9raUk3UVd5a3FkdjZLOEg3STlLMk...
433 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qctOuXxtYjVKdlJqNTRudkFrcUxzYkJoZjhkbFZPUTZwZ2J3bE15TDdXSURENlR5RDNld0YxOUY0VVRDazJzZmxxdk1jRUtIcjUrOUdQeGtzYnFMdWlQRGo1dW8vcXduWHp4UEJrKy9raUk3UVd5a3FkdjZLOEg3STlLMk5lelcvTGdFVXBrWmpPU0tOVFM1d0drc2YyRFFKRlE1VmJYeWUzUmp5WjdINlhZUUR1WFFVZ0NDdGdvZzRHWFhCT2k1VUR0M0RNTm03MXRZRnBEMGFLaFlQSzNwYW5CK3o5T3pvMWlwZlhIYUhheThrM1JFd1FNdWkvZEYrWFJTcWdReHhTbnpXWTlieVhrN1dyd284eExWNDE2T2hUVFg0QnVJaEhlVzUvMlZYNDFnUUYwbz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c77945871a0c2de7e4241c25e6871b9f451f56f2d44238717f6bdae22faf7331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3952
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:00 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=qctOuXxtYjVKdlJqNTRudkFrcUxzYkJoZjhkbFZPUTZwZ2J3bE15TDdXSURENlR5RDNld0YxOUY0VVRDazJzZmxxdk1jRUtIcjUrOUdQeGtzYnFMdWlQRGo1dW8vcXduWHp4UEJrKy9raUk3UVd5a3FkdjZLOEg3STlLMk5lelcvTGdFVXBrWmpPU0tOVFM1d0drc2YyRFFKRlE1VmJYeWUzUmp5WjdINlhZUUR1WFFVZ0NDdGdvZzRHWFhCT2k1VUR0M0RNTm03MXRZRnBEMGFLaFlQSzNwYW5CK3o5T3pvMWlwZlhIYUhheThrM1JFd1FNdWkvZEYrWFJTcWdReHhTbnpXWTlieVhrN1dyd284eExWNDE2T2hUVFg0QnVJaEhlVzUvMlZYNDFnUUYwbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1971
content-length
567
expires
0
/
c.adskeeper.com/pv/ Frame 7A8A 		0
44 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1649513762886146421153&uniqId=0134f&lct=1649203200&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fouo.press%2FZ0EoOZD&cxurl=https%3A%2F%2Fouo.press%2FZ0EoOZD&pr=t.co&lu=https%3A%2F%2Fouo.press%2FZ0EoOZD&sessionId=62519523-0f495&pageView=1&pvid=1800eae9047a25f496d&site=624865&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f93dbb24fd05bfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 7A8A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
content-encoding
br
cf-cache-status
HIT
age
1037
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8AR0RFRW4MY9VCQZ
x-amz-id-2
27sixfe3aDOmEZbjMs6Qtm1NMmAejRMOLAgIXRIrcRmasJnrYsoeCRXCW/fpp6HLzShvORCW2J8=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f93dbb27fd7692d-FRA
expires
Sat, 09 Apr 2022 18:16:01 GMT
1
servicer.adskeeper.com/991771/ Frame 7A8A 		1 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/991771/1?pv=5&cbuster=1649513762959751628751&uniqId=0134f&lct=1649203200&niet=4g&nisd=false&jsv=es6&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fouo.press%2FZ0EoOZD&cxurl=https%3A%2F%2Fouo.press%2FZ0EoOZD&pr=t.co&lu=https%3A%2F%2Fouo.press%2FZ0EoOZD&sessionId=62519523-0f495&pageView=1&pvid=1800eae9047a25f496d&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2786bea43299491343ed11c663735f5f565ba85c44c707d0aaf80d64251d2920

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f93dbb2a8785bfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 7A8A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
content-encoding
br
cf-cache-status
HIT
age
1037
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8AR0RFRW4MY9VCQZ
x-amz-id-2
27sixfe3aDOmEZbjMs6Qtm1NMmAejRMOLAgIXRIrcRmasJnrYsoeCRXCW/fpp6HLzShvORCW2J8=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f93dbb30970997a-FRA
expires
Sat, 09 Apr 2022 18:16:01 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9kMmY1YzZkN...
s-img.adskeeper.com/g/12581133/492x277/-/ Frame 7A8A 		394 KB
394 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/12581133/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC9kMmY1YzZkNTQ0MTJmODM2ZDNiZWFmY2RmOGRmZjBhNi5naWY.gif?v=1649513761-O6CTHk4gLMEE_az6H3v366OJ3Tz8iRDB3l3w3uls9cw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77d8952e5aaaa5b4900be103a292bede46633085647fe5d324b80d1ae4295538

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 09:24:47 GMT
x-mg-request-uuid
434f5de1-106c-42ee-92de-e7344e82eb43
age
447278
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f93dbb32db85b92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
403121
server
cloudflare
i.js
cm.adskeeper.com/ Frame 7A8A 		0
103 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1649513763044514047601
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f93dbb339855bfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
806.json
id5-sync.com/g/v2/ Frame 8B08 		213 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.186 , France, ASN16276 (OVH, FR),
Reverse DNS
p06.id5-sync.com
Software
/
Resource Hash
d77256cb75fb8e467151a0748427eaf9f3142e78a9ac4b8e13aadcd5532fd92b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ouo.press
Date
Sat, 09 Apr 2022 14:16:01 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 8B08 		44 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ Frame 8B08 		63 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7e1101fc7a0257664c92c741cc688a1563f005c9217b3194ee9e6d3710f4728a

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ouo.press
cache-control
no-cache
x-server
10.45.29.137
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame 8B08 		109 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
0f4e30e84ccdf1de4060a6df1ce2663c745b10af45c70b3fbbca9bf04c8be9db

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Apr 2022 14:16:01 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 09 May 2022 14:16:01 GMT
i-noref.js
cm.adskeeper.com/ Frame 098C 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=164951376307051751412
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f93dbb359c45bfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
usync.html
eus.rubiconproject.com/ Frame 88A8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Apr 2022 14:16:02 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 93A3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 09 Apr 2022 14:16:02 GMT
ETag
"623de86a-cf34"
Expires
Sun, 10 Apr 2022 14:16:04 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 8C21 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
6417
CF-Cache-Status
HIT
CF-RAY
6f93dbb79f965b3e-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 09 Apr 2022 14:16:02 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Sat, 09 Apr 2022 15:16:02 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
usync.js
eus.rubiconproject.com/ Frame 88A8 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
423084fc341ce4272730c0f54b954c269c0bb38fd8269857d2a6ccddb039e8a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sat, 09 Apr 2022 14:16:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58997
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Sun, 10 Apr 2022 06:39:19 GMT
async_usersync
ib.adnxs.com/ Frame 93A3 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:16:02 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b3c301c5-bd56-4c52-9d1b-6eac913ce712
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 88A8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=z5kAYTTzQdWUXXH-DVgg6A&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=z5kAYTTzQdWUXXH-DVgg6A
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=z5kAYTTzQdWUXXH-DVgg6A
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:16:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JD8C1DC02FPRM6G1V0H2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=z5kAYTTzQdWUXXH-DVgg6A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 88A8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 88A8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=A26ofPJ9TfuJ94bomitwFQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=A26ofPJ9TfuJ94bomitwFQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=A26ofPJ9TfuJ94bomitwFQ
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:16:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P6V8BQQ0F5F7TMHX3P21
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=A26ofPJ9TfuJ94bomitwFQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 88A8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Mrwa7K7tC31X51fO06tSiw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=294499163346861775
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=294499163346861775
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

date
Sat, 09 Apr 2022 14:16:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=294499163346861775
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
setuid
px.ads.linkedin.com/ Frame 88A8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1RXWIEV-9-GBHI
0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1RXWIEV-9-GBHI
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:02 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 30EB3E59116C460E92CB075FC6AB7D81 Ref B: FRAEDGE0719 Ref C: 2022-04-09T14:16:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXcOVnkBOczshfdgbBDgg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1RXWIEV-9-GBHI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 88A8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1RXWIEV-9-GBHI&sigv=1&esig=2~caf8a1f6a6281ff1a1186917032f201c8ca13ca8
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1RXWIEV-9-GBHI&sigv=1&esig=2~caf8a1f6a6281ff1a1186917032f201c8ca13ca8
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:02 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1RXWIEV-9-GBHI&sigv=1&esig=2~caf8a1f6a6281ff1a1186917032f201c8ca13ca8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 88A8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSWFdJRVYtOS1HQkhJ
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSWFdJRVYtOS1HQkhJ&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSWFdJRVYtOS1HQkhJ&google_tc=
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Apr 2022 14:16:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFSWFdJRVYtOS1HQkhJ&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 88A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
c
c.adskeeper.com/ Frame 7A8A 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=300|250|12|nj-HpAoeplGu_3hr6TWhMy5-e9WClK6Qut_eQPy_oV8-JmDqJ3O18AnWPbdoaI2w&fw=1&extjs=66044&cid=991771&h2=L_VeimGmIyuuyKT7tZS8nXkszZtBTrNS2gvUa9LL-6c*&rid=95b36597-b80f-11ec-b869-e43d1a2a53a0&tt=Social&ts=t.co&iv=11&pageImp=1&pvid=1800eae9047a25f496d&cbuster=164951376415683238556
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:02 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
522880ae-b448-4b42-898d-fc7dfe0a6376
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
6f93dbba1d095c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
server
cloudflare
async_usersync
ib.adnxs.com/ Frame 93A3 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:16:03 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9519a79a-dc6f-419d-afef-78cc64936905
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3046 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 09 Apr 2022 14:16:03 GMT
ETag
"623de86a-cf34"
Expires
Sun, 10 Apr 2022 14:16:05 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B418 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=158209
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Sat, 09 Apr 2022 14:16:03 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Mon, 11 Apr 2022 10:12:52 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame B418 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31752813&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e13ffa7157f8245a662259da32a70a8d34f3376ba39276d86b58971b9f25315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:16:04 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 3046 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Apr 2022 14:16:04 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ab9226ac-a094-48fe-86cc-76e6eeb441dd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 0BE9 		0
0
pubmatic
d5p.de17a.com/getuid/ Frame 4DAB 		0
0
img
sync.mathtag.com/sync/ Frame 4542 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame E5DA 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 640B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7084607670691887246
0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 55E8 		0
0
sync
sync.srv.stackadapt.com/ Frame 82BF 		0
0
/
csync.loopme.me/ Frame 17F3 		0
0
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 31F7 		0
0
pub
matching.truffle.bid/sync/ Frame 1610 		0
0
i.match
a.tribalfusion.com/ Frame FAB3 		0
0
cm
green.erne.co/pubmatic/ Frame 7A52 		0
0
cookiesync
core.iprom.net/ Frame 85FF 		0
0
bridge
cm.adgrx.com/ Frame 3408 		0
0
pubmatic&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame A2E8 		0
0
rtb-h
trc.taboola.com/sg/pubmatic-ssp-network/1/ Frame B2C8 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B418
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N9clBw2qR8GF2Hu9r-6y8A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
0
0
img
sync.mathtag.com/sync/ Frame B418 		0
0
/
pixel.onaudience.com/ Frame B418 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame B418
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzdENzI1MDctMERBQS00N0MxLTg1RDgtN0JCREFGRUVCMkYw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame B418
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED0IjjxUmtmmbqZ07nHM2zI&google_cver=1
0
0
pubmatic
um.simpli.fi/ Frame B418 		0
0
match
c1.adform.net/serving/cookie/ Frame B418 		0
0
generic
match.adsrvr.org/track/cmf/ Frame B418 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame B418
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1761128858322821694&gdpr=0&gdpr_consent=
0
0
p-5aWVS_roA1dVM.gif
pixel.quantserve.com/pixel/ Frame B418 		0
0
37D72507-0DAA-47C1-85D8-7BBDAFEEB2F0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B418 		0
0
sync
ups.analytics.yahoo.com/ups/58292/ Frame B418 		0
0
sync
x.bidswitch.net/ Frame B418 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame B418 		0
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame B418 		0
0
cs
ad.turn.com/r/ Frame B418 		0
0
apn
ads.playground.xyz/usersync/ Frame B418 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B418 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=37D72507-0DAA-47C1-85D8-7BBDAFEEB2F0
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7084607670691887246
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Domain
matching.truffle.bid
URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
green.erne.co
URL
https://green.erne.co/pubmatic/cm?
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Domain
trc.taboola.com
URL
https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=214&mapped=37D72507-0DAA-47C1-85D8-7BBDAFEEB2F0
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESED0IjjxUmtmmbqZ07nHM2zI&google_cver=1
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1761128858322821694&gdpr=0&gdpr_consent=
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/37D72507-0DAA-47C1-85D8-7BBDAFEEB2F0?gdpr=0&gdpr_consent=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=37D72507-0DAA-47C1-85D8-7BBDAFEEB2F0&redir=true&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=37D72507-0DAA-47C1-85D8-7BBDAFEEB2F0&gdpr=0&gdpr_consent=
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| apd_options object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _0x2a00 function| _0x205b object| a function| b boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| recaptcha object| fiUtils object| adtrue_tags function| generateCb number| adtrue_time number| adtrue_cb object| adtrue_rtb object| q object| qs string| js_code string| k function| vi_setCookie2 function| vi_getCookie2 function| dyns_load object| closure_lm_928249 object| _mNDetails number| lnt_z object| criteo_syncframe_state boolean| _mgPageViewEndPoint624865 string| _mgPvid boolean| _mgPageView624865 boolean| _mgPageImp624865

41 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGOGor-H5s6XWp6JEcaQMO9Se-_Rgt4SKIsSWuGa89dNqcv4z6fSHiwS228JcXYyP4sJg-ICgPNs-Opn2IVl7hA
.t.co/ Name: muc
Value: 3848d12c-0e8a-4422-908e-82c75d51035f
ouo.io/ Name: ouoio_session
Value: eyJpdiI6IlRzTE54QnVqS1libmFMU0xZUk9KSUkrVTJ0Q2h4eXQ3bmVlRFd6b3JpYzQ9IiwidmFsdWUiOiJNWGJhczBBaHlJZWxiNzJwRDMxSGQ4Q2pGQ3loZmtldVJXUDhabHA0ejNKczlIN1JZRUxnMUttclhaR1VhaFN0VHh2QVVHMlR6bVpqRzZsQnMwTnhUZz09IiwibWFjIjoiMDhkMzQ3YmM3Yjk3NzVlOThiYTVhOThlNGE1MWFmMDE3ZWQyZjg3NGZmYjliMWNhOGU3Y2JiZjY4ZWYyY2RjNCJ9
ouo.io/ Name: language
Value: eyJpdiI6IkdmYVhpTDFzZ3F3Z2xURk0xTDc1M3JEU053ME1aQUlHTnpwQ3lqMUVVcnM9IiwidmFsdWUiOiI5enVJQThmZVwvU0hYblVsV1wvTWVkK2Viak12XC9JVjZJSXl1WXp6TTFSVGdNPSIsIm1hYyI6IjNiMjQ5MDhiZmU4ZWMyNjkyODlmNGIwNDAwYmQxYWYyMWQ5NWUzZDc3ZGYxY2RjN2VlZDQ0ZTEzY2FkYjNjNmYifQ%3D%3D
ouo.io/ Name: fece073798ba02b1ea3a74d8cbd65bb7b2d0d7b8
Value: eyJpdiI6InVUbDd5bWJMeStXWkM5SldmVUt4YWJqbnVLT29sc3Ezb01TZEdTNHdzOGM9IiwidmFsdWUiOiJMXC9jOVVmQmFkbEJtamVVZ0JcL0FiS2UrcmJwWGlcLzN5ekhoQjlPbXJuQVpGNVwvQUVjTDRaUTRwS0pNaUtcL0RJNCt5KzI2Y2E3VmNcL3ZnRG1Ic2kwbGxFOUZDdnRYTzZiU1BRTGhRMzRsK1doMlVoV0E5Yk9YdUlEeHlqQm8wck5ucnVIVzRSOXF3ajIxN01GS0MyMjQyN3VFdWFJXC80cmt4eWxYYjNvXC9GNnZ5UWhqUFZKakRpQ21TU3lpZlhCOUlDMlNmQlhcL3Nab1ZkeXlMZWJXdllHRkFZMU9WZ1VFVlpiXC82cTVKdG55Uk1tb1RZT0UxdkEwQ1NzcHVUQ0h5RDl0UEhSUU9IQXNYZmJMVk5uN1FXZGUzWHNoVVNIXC90TXNQVForN0kxUlEyTGtMeGVicmdsTEFOaXNSSHBMTHRnaXROcXpHNWFwN2lyQTZpbFFKelwveEJWc2c9PSIsIm1hYyI6ImJiYzA0MDIzNWQzNWI5ZDVmZWQ0ZjM1M2NlMzQwMWMwNGJiMjNkODI0YWQ1NGRmMGRlNDM3MThmN2NiNTVkMGYifQ%3D%3D
ouo.press/ Name: ouoio_session
Value: eyJpdiI6Ik1aUWl1dCtsVUl1bVJVZlBBNjRlZDVDWGRCNFhDa3NUUnplNWs2QkYzOUU9IiwidmFsdWUiOiJkZ2ZJY2l0Sno5cTlyTkdqc2lVb0QzZVJCa2lxRFN3NzQyUkxvNUFyeURCMiszM3g3Z29yTUEwV215Y3JBZFJyYVlpUElXeGowNnVWeGRQSW9vXC9ZdkE9PSIsIm1hYyI6ImY0NzAwMTFmYjU3ZDY4ZTI0ZGZmMjJjZmQzODI0MDFlMTUzNGNiMzE1ZTJjNTljNjFiM2VmMGYxZTg0YTUzNjYifQ%3D%3D
ouo.press/ Name: language
Value: eyJpdiI6IjVqWjlSQTgrZEhxXC96c0E3c0JTV2srQVBsaU1ibFQ3MU02K2pVWU9ONW5JPSIsInZhbHVlIjoiaHBUYnU5SEE5Q0VDcjlxYjFmeTBudTdSRGRvQXFJS2VxWURnMGVqaERjaz0iLCJtYWMiOiIzMjMxM2JmMmZmNmU2NmUzYWI4ZTZjYzliYzVkOTA4N2EzNjhjNTBiOGFiYmNkMWI3ODhkZjZjYjAyNWM2MzMzIn0%3D
ouo.press/ Name: 6f0df0e16581291c4d97a61fee919edb76215c6f
Value: eyJpdiI6ImpITFJpeUd0aDhXYmt3ZDJHZWtsWGxpcDNJcEtneGE3RExVKzJXNGRoVjQ9IiwidmFsdWUiOiJXanNHeE4xY1wvMGt1MlZjbnFDVm9JRERrQ3d2dEZlb1BtU3k2VTl6bFhZU2F6NDF6VFwvbUthZXdvbVdVdjNDS1JMcXNDeGhXK3ByakFkeitXaGd0YUtIeThxaEQySU41K3RYVEtvUVBXeFY2ZXY4SUk0YVhMQTNVZFBVeDVQMlhGZmxqZWZycFBZd1pBbVgxNlNWdjYzK3pMV0s5anZyYUYrNHNcL2xHdWRkWW11YmI3aENcL2xFcTk5NU1MZkxlQmE1Rk5kZ2liTVBra2Z0bW9kaVpvZjlsNDYrY3dJTnJyMzFucVwvMEpQUTlEb3JDM3ROUk5FZXBIN05nOEpPcXNRZTZ2TVh0NzBYUzNqSCtjSFVnY05NQWJ3R01KWFlcL0dLSUVxdkFPWEpNRWt5UHpuelI0NjExZTh0eW1FcGRCS2lPWmNEUVlNQ1FPQk8wWmNXUjdhdmhGTW9qOEUrQ1BHYUZtazdRNEJPc1JjWXdlbzVLS1diU1V6M24xQmdNS2kxMFMiLCJtYWMiOiJiNjQyMWQwZmRjNDIwNThiMmZmZTg2N2I4ZjUwZTdhMTY2ODA4ZjFjMDQ2N2EwY2Y3ZmUyMzJkNWQ5MGM0ODM4In0%3D
.ouo.press/ Name: __cf_bm
Value: GP5ZU2Ll7i9yPirARZkvPNL0HdAtgdFDk1n6W18_anM-1649513758-0-AWRLjSf5w3XpulMIogr9zHvsY7fI9oaKZxyWbI2Ex1AQFe2u+tZKVdMIyoP9qchXZ1/uFZKP3COOS63bfY6gXx8=
phallicuncut.com/ Name: GL_UI4
Value: eJw9jd1OgzAcxYHy4TIhnoQH8BHKHHNcGh%2FCS9LSP6wO2qXUEd%2FexkSvzi%2FnIyeKoqSuEN9zBvYlWjyTPI78RchODefT63gSrVTycOiO8twq2XXY6bX3Qs7kUzxOZMjpoR%2BsohJPIfpzrsZuJkUmnTCqRLaExlyikM5uK7maITViIeTvF2eDZov4tA6s4TywNoFjjsSuNat2KD60UWFY7ZE0vCrzCPvbLPxo3dJrlcfIJicUIX7DwyA8TdZ9o1C0Xr29AXZW%2FX%2F%2F95dtDUeu6K6HcG79hdwPMfRLXQ%3D%3D
phallicuncut.com/ Name: GL_GI10
Value: eJw9i0EOgjAURKGYChEwP%2FEAnoAEghLXatzoGRoCH9IF%2FU2pxnp6RQ2reTN543ke26TApIa4yKtsX2b5Ls8OEPRIwE5niBu6K2ucUPWAsLygGWrlgBvsJakEVj8QDbXozW2SE1g00roEoin%2BQiBHDeGtKKvt1bYQKbRi1IgfPJLRZGqLkM7r98UDCOUotKGn4z6srRzwRQoFdd2IljPwH5y9ARzWOuo%3D
cdn.firstimpression.io/ Name: OAID
Value: GDPR
.rubiconproject.com/ Name: khaos
Value: L1RXWIEV-9-GBHI
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoddDVnk6BiIDpcd3HBZZ775PzI6EyVJjlVAthPpLFZy2TH88r4zGU8oVU2gxcNTeSjJyCvVaOjObzwVI85VVVJ0A+VO7RH1E0=
.adnxs.com/ Name: icu
Value: ChgIw6tREAoYASABKAEwn6rGkgY4AUABSAEQn6rGkgYYAA..
.adnxs.com/ Name: uuid2
Value: 1761128858322821694
ouo.press/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ouo.press/ Name: pbjs-pubCommonId
Value: 380fffb7-72e4-4f0c-a6a3-50a8fa97c289
ouo.press/ Name: cto_bidid
Value: 0cInOV8lMkZNZDVZYWxrM05NN2klMkYwRnlNTXFxWXlLQlJ5SHdHTXc5cExldWo0YzV1TjJnY3R2blJnQlJ1TiUyRnQlMkZRMUNHeCUyRk9xeElNNzBuSk5DRTElMkJoQ1llWGg1ZyUzRCUzRA
ouo.press/ Name: cto_bundle
Value: DW6_ml9NamhKTkwxTE9jM1p5T3c5QlZIaCUyQlFaJTJCbmluNGpqYUVkeCUyRmV4MiUyQkM0UUJ0JTJCSDZwZW1nUjA5YTdPS2hpYktqV2RFR280dmdCdDNRd0slMkJFa0hZWUpCUnBWMEhua0xBbzNiZDljUXdjVWFKY0RycHVLWFNUNmNDcW5pQmdSQmRQaA
.ouo.press/ Name: _gid
Value: GA1.2.335825254.1649513761
.ouo.press/ Name: _gat_UA-177299981-5
Value: 1
.ouo.press/ Name: _ga_0DTZ6LRDBJ
Value: GS1.1.1649513761.1.0.1649513761.60
.ouo.press/ Name: _ga
Value: GA1.1.1641776996.1649513761
.criteo.com/ Name: uid
Value: bbcba7c3-3db5-47a8-941e-99f40c0624a5
.ouo.press/ Name: cto_bundle
Value: OJJqVl9NamhKTkwxTE9jM1p5T3c5QlZIaCUyQlolMkZPMjRWb3pZTSUyQmRmZXpiNkhZRFBBRFVMT1RyeWoxWUJKUDF6WEM4MFIyeFhPYTFkbUtGbkpNQUI3b0p5ZzZkckswZHQweDY1Sm9Lc0NBN2VUZFV0ZDZMRSUyQlJMeVU5eDhEeWlQOWEyWHlxa1hzaUN0aHpDaDklMkZDTkxHanVkRlF3JTNEJTNE
ouo.press/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22bGlWzEJ3t%22%7D%2C%22C991771%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649513763014%7D%7D
ouo.press/ Name: _lr_retry_request
Value: true
ouo.press/ Name: _lr_env_src_ats
Value: false
.adsrvr.org/ Name: TDID
Value: 5cf0a901-14a1-4648-9238-9a77a47f22dc
ouo.press/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%225cf0a901-14a1-4648-9238-9a77a47f22dc%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-09T14%3A16%3A01%22%7D
ouo.press/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-04-09T14%3A16%3A01.924188Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.ouo.press/ Name: panoramaId_expiry
Value: 1649600161891
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yahoo.com/ Name: A3
Value: d=AQABBCKVUWICEHpIEpdWU1Z4vv-0Mn_g4mQFEgEBAQHmUmJbYgAAAAAA_eMAAA&S=AQAAAvJCh67dE8lcloE4Fw378WM
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c4188a6a-6919-41af-83b7-16eb6c0a7527"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDk1MTM3NjI7MjswMjEh82fh18ZfkiPknb5IFeKi0opQaGQrD4a3xL94eBR9mA==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2273:u=1:x=1:i=1649513762:t=1649600162:v=2:sig=AQGb9lsqhyi9qHrkhjIoGIpBwmuOMlfM"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A0YhqSkll0GJtt90IMXZlEw

3 Console Messages

Source Level URL
Text
network error URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ams1-ib.adnxs.com
analytics.google.com
api.rlcdn.com
bidder.criteo.com
biddr.brealtime.com
c.adskeeper.com
c.amazon-adsystem.com
c1.adform.net
cdn-adtrue.com
cdn.adnxs.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.firstimpression.io
cdn.jsdelivr.net
cm.adgrx.com
cm.adskeeper.com
cm.g.doubleclick.net
contextual.media.net
core.iprom.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
exchange.adtrue.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
gum.criteo.com
hb.emxdgt.com
hblg.media.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
itineraryupper.com
jsc.adskeeper.com
lg3.media.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
ouo.io
ouo.press
phallicuncut.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
s-img.adskeeper.com
s.amazon-adsystem.com
servicer.adskeeper.com
simage2.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
t.co
tag.1rx.io
token.rubiconproject.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
video.your-notice.com
warp.media.net
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
a.tribalfusion.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
c1.adform.net
cm.adgrx.com
core.iprom.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
green.erne.co
hbopenbid.pubmatic.com
image2.pubmatic.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
simage2.pubmatic.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
x.bidswitch.net
104.17.119.107
104.18.17.65
104.19.134.80
104.244.42.69
108.138.3.177
142.250.186.130
142.250.186.134
142.91.9.135
151.101.1.108
178.250.0.165
178.250.2.146
18.66.122.109
18.66.248.77
18.66.97.111
185.33.220.244
185.33.221.88
192.243.59.20
198.47.127.19
213.19.147.43
23.109.82.121
23.205.235.133
23.216.77.21
23.216.77.34
23.35.228.23
23.35.236.188
23.35.236.201
23.35.237.86
2602:803:c003:200::21
2606:4700:10::6816:17a2
2606:4700:10::6816:3afb
2606:4700:3033::ac43:8bcc
2606:4700:3038::6815:ead7
2606:4700::6810:5914
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:802::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9b
2a02:2638::1c
2a02:2638::3
2a05:d018:d29:3601:b73:5e1d:a8b6:5551
3.33.220.150
34.120.133.55
35.244.174.68
50.112.169.222
52.30.14.23
52.46.130.91
52.57.231.46
54.239.38.253
54.36.109.186
69.173.144.138
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8c8a3d27c4d4c8600cef79a38492fe17d524c113d0b221e301821724eb5fff
0f4e30e84ccdf1de4060a6df1ce2663c745b10af45c70b3fbbca9bf04c8be9db
137ce1cebedf37d8680adcc7d1c3c2d1c7f424d5fa0501ace0c99e4b60aaefc1
13f56e781e7fab86c7da99da0792b1d5017d8ec06fdb2ed047b5840439c493fa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2786bea43299491343ed11c663735f5f565ba85c44c707d0aaf80d64251d2920
28867b3762818bd92ff0e14909775048d6ba38b5695e152a88ee402f569f1ef5
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
423084fc341ce4272730c0f54b954c269c0bb38fd8269857d2a6ccddb039e8a6
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
4aaffc26ded7a75dd71645d2121d73932232a6af6570f579a4b5ca972c991bef
4e13ffa7157f8245a662259da32a70a8d34f3376ba39276d86b58971b9f25315
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bea0c70a9781c6017a4a666a69482c1a5a78635ce76c395f7ab74b6029571ec
6151c32b75d34ec7486fe1fdd1f3fa142f1ebcebdf378b5ec319893c50bfcb74
643bc16b5e0aebadf5fcceb41be199b4180cf98fd6d49490f43e1a4c18c449e5
67a63748e4c39d42cb440278e81bac139563fdbb82a2a25c81cc26447fe4a49e
6ab6c2c53f329a2b08f23ba9a47d0e54dd18bc697ee38e642b45b7791df130ea
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
72c184ac230449b2647fbf5fc0431d5276d163bfe1216002a1b5bbc2b6c54ed3
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77d8952e5aaaa5b4900be103a292bede46633085647fe5d324b80d1ae4295538
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bfbcc3dafe87b6ea134213b05889b25bbefe97fd2edee59c57f6a352ec6a574
7e1101fc7a0257664c92c741cc688a1563f005c9217b3194ee9e6d3710f4728a
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8a7b92a4d2047ca5fe65aa3cc498dc12cc2273564124c8c0d0f3cd6932dbb3ff
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
96e45d64c66adf9b36b02ef02dbba4f9026e06708b9099d5fc24ef5380d06a45
97c88146482c1645e8f415545675e0827ebdbab2ed9821fd7fdeada1adcfcf0f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48dde05c012fa9a9bca509ed4bcab942bcf059bf0aa5631f39bcfca263076ea
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
abff3de1810d5f1b52b5cc99b7e4b29dc850b17aaa6523b289e4240a62cf0728
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1a9ca75900b5258b8c75e2e81ce53d0e782b3fdcb39dfba6c43564258d37eaf
b70416a9d9363f77976d4a4d2748fa7e3f4b2a835a9e0be884bd42ecb4ef23a2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c77945871a0c2de7e4241c25e6871b9f451f56f2d44238717f6bdae22faf7331
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
cb2669943a52bf78d922e8e67341e0b1ffc1209052f6b7d514511009ccb6c4fe
cb379d10374502321f77293ca7294a1d97a6384d0212a066617f46971e5f936b
cb90a8774aa9167be826bab2c4c178495e7362c695b8af8f13b6cf038db0e20e
cd655a2c9575d13b4afc7c21bace4d7a13e384afbd01ce47a609beae03c9ee9c
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
d77256cb75fb8e467151a0748427eaf9f3142e78a9ac4b8e13aadcd5532fd92b
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f
ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f89938c79873cd609d75b6112604cbedf77695f1eeed40d179bc5a450d9680b3
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546