ouo.press Open in urlscan Pro
2606:4700:10::ac43:160f  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

• https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=0&topUrl=ouo.press&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=tMSCZnwzM2VnZTZCWEJocDBkNTI1N2Jld1ovU1dxSzVrWmdpYjJ5VmI2ZityVFU1SjZuTFpIdU5pSHMvdEJmQ0ZFWmNQYTZNRjN0ZmZZNG50bEpOSDB2YmFLdEYzeW5xMGI0NFkyaTZTYWlaMUQ2VStiWFRGZkVUTjdMUEVEMHJIR3lha1ZZK005a0dMVDdkWDFHYVdSNnkrS2I0UUxRTTROS0VieG5INy9MNTFHMVgrNk80alBvVUM3d0hNYWczK2xqd2l4RVN1elg4UjA3TVFpZjVqbk5abDE1dHB1UG1QWld6ZzVqcVZNUHRwakloNEVBTHZsUlhNRW5VTG1ZZWNpMWVlTTFZeERxN3J6L2RtVWJxUi9McFBvUT09fA&cppv=2

Request Chain 74

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/jq14QgsLB5dkJpA-rbfbXcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8438154208480086987

Request Chain 75

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L61RMLPD-1T-FC6I

Request Chain 76

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPdMzBXtXkeES63tvkPafHs&google_cver=1

Request Chain 77

• https://token.rubiconproject.com/token?pid=26594 HTTP 302
• https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L61RMLPD-1T-FC6I&sigv=1&esig=2~fe03c7650b80e09a110e60811dfbb7da6ed2b633

Request Chain 79

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYxUk1MUEQtMVQtRkM2SQ== HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYxUk1MUEQtMVQtRkM2SQ==&google_tc=

Request Chain 81

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ptLa6D63QuKWMy6KB2T3KA&rk=usync-other HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ptLa6D63QuKWMy6KB2T3KA

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request TSVn2a Show response ouo.press/	10 KB 5 KB	222ms 197ms	Document text/html	2606:4700:10::ac43:160f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2604bb50d77da548cc5ae8181a525e58a4ec47534e5138592500b7deb2f16a66 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache cf-cache-status DYNAMIC cf-ray 730ae4f18a8f9046-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 26 Jul 2022 05:56:49 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	1020 B 918 B	139ms 44ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Questrial Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 26 Jul 2022 05:50:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 26 Jul 2022 05:56:49 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 26 Jul 2022 05:56:49 GMT
GET H2	200	bootstrap.css ouo.press/css/	107 KB 18 KB	23ms 18ms	Stylesheet text/css	2606:4700:10::ac43:160f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/css/bootstrap.css Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/TSVn2a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 30372 cf-polished origSize=109522 cf-bgj minify x-xss-protection 1; mode=block last-modified Sat, 14 Feb 2015 06:58:04 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"54def1fc-1abd2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=86400 cf-ray 730ae4f2dbf89046-FRA expires Tue, 26 Jul 2022 09:30:37 GMT
GET H2	200	link-safe.css ouo.press/css/	6 KB 2 KB	20ms 16ms	Stylesheet text/css	2606:4700:10::ac43:160f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/css/link-safe.css Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/TSVn2a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 25145 cf-polished status=cannot_optimize cf-bgj minify x-xss-protection 1; mode=block last-modified Wed, 02 Oct 2019 21:46:54 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5d951ace-1830" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=86400 cf-ray 730ae4f2ebfa9046-FRA expires Tue, 26 Jul 2022 10:57:44 GMT
GET H/1.1	200 OK	16562 Show response tv.gourdycortes.com/1clkn/	6 B 1 KB	514ms 310ms	Script application/javascript	172.255.6.48 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://tv.gourdycortes.com/1clkn/16562 Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 172.255.6.48 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Tue, 26 Jul 2022 05:56:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Connection keep-alive Transfer-Encoding chunked Strict-Transport-Security max-age=1 Keep-Alive timeout=20
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 1000 B	143ms 49ms	Script text/javascript	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 8a2bcf8df6cea7decfef41bc9315171703328221ac8378bc26065b2905031b07 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:49 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 587 x-xss-protection 1; mode=block expires Tue, 26 Jul 2022 05:56:49 GMT
GET H2	200	c.js Show response hhklc.com/	9 KB 3 KB	63ms 23ms	Script application/javascript	2606:4700:3032::ac43:df66 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hhklc.com/c.js Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:df66 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55e254bcf370b1fb789c9703f99be3ff4bf22aee0d7cd53ccd72b89012804aed Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:49 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1504 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 11 Jul 2022 18:35:49 GMT server cloudflare etag W/"62cc6d85-2200" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2LsvPMKPZmRDjABik64NZMupa50gYiNFhrde%2FPD8vajuwLsqoSds%2BCXcCjR%2BnIHyFefQ42w9V4UqWz2Z%2F2WALRYUT%2F25VkGkzHIwkosh1w9XxhKPnb%2BAY28s9ruG%2FfsqPOh3jHwAuo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=14400 server-asp-net Asp Net cf-ray 730ae4f40c859baa-FRA expires Tue, 26 Jul 2022 06:16:45 GMT
GET H/1.1	403 Forbidden	ed36014633829dc70a42dccaefdf3f11.js itineraryupper.com/ed/36/01/	0 0	603ms 163ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Tue, 26 Jul 2022 05:56:50 GMT Server nginx/1.17.6 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Content-Type application/javascript Content-Length 0
GET H2	200	n.js Show response cdn.runative-syndicate.com/sdk/v1/	13 KB 5 KB	86ms 7ms	Script application/javascript	8.241.123.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://cdn.runative-syndicate.com/sdk/v1/n.js Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.241.123.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 653b2325d22c32a353ca70c93bc56b618a4af7a2294790bd639527ad0d3632ba Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:49 GMT content-encoding gzip last-modified Thu, 12 Aug 2021 08:36:05 GMT server nginx age 30057004 etag W/"6114dd75-3202" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 5220
GET H2	200	world.png ouo.press/images/	6 KB 6 KB	20ms 19ms	Image image/png	2606:4700:10::ac43:160f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ouo.press/images/world.png Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/TSVn2a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:49 GMT x-content-type-options nosniff cf-cache-status HIT age 249614 cf-polished status=not_needed content-length 5692 x-xss-protection 1; mode=block last-modified Wed, 06 May 2015 05:02:52 GMT server cloudflare x-frame-options SAMEORIGIN etag "5549a07c-163c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png expires Mon, 22 Aug 2022 08:36:35 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 730ae4f3cccd9046-FRA cf-bgj imgq:85,h2pri
GET H2	200	email-decode.min.js Show response ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 819 B	11ms 11ms	Script application/javascript	2606:4700:10::ac43:160f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/TSVn2a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:49 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 22 Jul 2022 10:43:22 GMT server cloudflare etag W/"62da7f4a-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 730ae4f3cccb9046-FRA vary Accept-Encoding expires Thu, 28 Jul 2022 05:56:49 GMT
GET H2	200	fab.js Show response ecdn.analysis.fi/static/js/	4 KB 5 KB	39ms 9ms	Script application/javascript	108.157.4.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.analysis.fi/static/js/fab.js Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-88.dus51.r.cloudfront.net Software nginx/1.20.0 / Resource Hash d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:16:57 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 14 Dec 2021 15:30:51 GMT server nginx/1.20.0 age 2393 etag "61b8b8ab-1090" x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop DUS51-P2 accept-ranges bytes content-length 4240 x-amz-cf-id pqGXc5ictVU5EMlZ9HLoric5D9pZTV7pvwVhAS0cWm78c-O2DSMRxg== expires Tue, 26 Jul 2022 06:16:56 GMT
GET H2	200	fi_client.js Show response ecdn.firstimpression.io/	347 KB 92 KB	41ms 10ms	Script application/javascript	18.66.248.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/fi_client.js Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-121.dus51.r.cloudfront.net Software nginx/1.20.0 / PHP/8.0.14 Resource Hash 7df78f0888f94874310da5d212eaaea6a50ed04cf5f862e9e96fb98896448f6f Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:33:01 GMT content-encoding br etag W/"3523193d40102ac717bab28c8de86b9e" last-modified Tue, 26 Jul 2022 05:33:01 UTC server nginx/1.20.0 age 1428 x-powered-by PHP/8.0.14 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P1 x-amz-cf-id uK3c3-iZJEUHZO-l8MthfWHReElSpMi9I2tq7TF1lvEQs0hVvXvdgA== x-xss-protection 0
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/	365 KB 145 KB	131ms 39ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ouo.press/ Origin https://ouo.press accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 22:44:01 GMT content-encoding gzip x-content-type-options nosniff age 25968 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147954 x-xss-protection 0 last-modified Mon, 18 Jul 2022 04:01:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 25 Jul 2023 22:44:01 GMT
GET H2	200	favicon.ico ad.doubleclick.net/	1 KB 664 B	104ms 29ms	Image image/x-icon	142.250.185.70 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 14:28:05 GMT content-encoding gzip x-content-type-options nosniff age 55724 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 26 Jul 2022 14:28:05 GMT
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/	3 KB 3 KB	54ms 8ms	Image image/svg+xml	104.90.105.154 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.90.105.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-90-105-154.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:49 GMT last-modified Sun, 03 Jul 2022 06:49:40 GMT server AkamaiNetStorage etag "9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 2735 expires Thu, 25 Aug 2022 05:56:49 GMT
GET H2	200	spc_fi.php Show response cdn.firstimpression.io/delivery/	25 KB 6 KB	82ms 47ms	XHR application/json	18.66.122.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FTSVn2a&charset=UTF-8&ch=5&ref=ouo.press&viewerId=null&referer=&_firid=17203684 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-109.fra60.r.cloudfront.net Software nginx/1.20.0 / PHP/8.0.14 Resource Hash bd11d599e773257de35a01c410f8116058cf6994cd86677cbf614de54ef27232 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://ouo.press/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:50 GMT content-encoding gzip x-amz-cf-pop FRA60-P2 x-powered-by PHP/8.0.14 x-cache Miss from cloudfront p3p CP="CUR ADM OUR NOR STA NID" pragma no-cache access-control-allow-origin https://ouo.press server nginx/1.20.0 vary Accept-Encoding content-type application/json; charset=UTF-8 via 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront) cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-amz-cf-id DMXB1cAd1R9mwBidmaEFRdy3j_XXUURTLA35XKPo2g580wdQNOyZJg== expires 0
GET H2	200	prebidamp.js Show response ecdn.firstimpression.io/static/js/	312 KB 97 KB	31ms 11ms	Script application/javascript	18.66.248.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/static/js/prebidamp.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-121.dus51.r.cloudfront.net Software nginx/1.20.0 / Resource Hash 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83 Request headers Referer https://ouo.press/ Origin https://ouo.press accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:41:07 GMT content-encoding gzip last-modified Tue, 14 Dec 2021 15:30:51 GMT server nginx/1.20.0 age 1418 etag W/"61b8b8ab-4e128" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop DUS51-P1 x-amz-cf-id ZVHcK0w1ByOiiYRZ26kTGYiqJIcTtsZSOrc_FZfbKPBUIU32slfMaw== via 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront) expires Tue, 26 Jul 2022 06:33:12 GMT
GET H2	200	creative.js Show response cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/	26 KB 10 KB	56ms 25ms	Script application/javascript	2606:4700::6810:5614 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ouo.press/ Origin https://ouo.press accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 27629 x-jsd-version 1.13.0 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19150-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lPB5xrcndxRokgmta5Cqbm%2FqSsXfZ%2FHR6TB7na97aqVw8EIJpnUXiC9Vliqo%2BNXeGTZU38zFbr1NtZkgSP5kwsc1ZuTc6wXWOuDGbqXKJTDIfkhCtyZLFWDBWB6BWGLh9EFZyqOZ83X9rJZCHw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 730ae4f58e329019-FRA
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	140 KB 39 KB	48ms 8ms	Script application/javascript	143.204.93.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.93.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-93-3.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 26 Jul 2022 05:13:00 GMT via 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront) last-modified Thu, 30 Jun 2022 20:51:38 GMT server AmazonS3 age 2630 etag W/"72916dde70b34122b394074010b382ce" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop FRA60-P1, FRA50-C1 content-encoding gzip x-amz-cf-id QO58mkkXkZrbJkt5mjd9vghAk6leLWiXFCgp4nV3IGtvcE0cbyTFwg==
GET H2	200	QdVUSTchPBm7nuUeVf70viFl.woff2 fonts.gstatic.com/s/questrial/v18/	19 KB 19 KB	40ms 39ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Questrial Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ouo.press accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 20 Jul 2022 19:31:27 GMT x-content-type-options nosniff age 469523 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19292 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:12:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Jul 2023 19:31:27 GMT
GET H2	200	fiamp.js Show response ecdn.firstimpression.io/static/js/ Frame 5749	110 KB 35 KB	10ms 9ms	Script application/javascript	18.66.248.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/static/js/fiamp.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-121.dus51.r.cloudfront.net Software nginx/1.20.0 / Resource Hash 3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:45:38 GMT content-encoding gzip last-modified Fri, 08 Apr 2022 08:48:22 GMT server nginx/1.20.0 age 1243 etag W/"624ff6d6-1b8e9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop DUS51-P1 x-amz-cf-id 6dIqF9iWp4uCpjwVeB1CdC2AeCXnhIs0IW-T1oYivYzjaaksb2P0Hw== via 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront) expires Tue, 26 Jul 2022 06:36:07 GMT
GET DATA	200 OK	truncated /	592 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H2	200	prebidamp.js Show response ecdn.firstimpression.io/static/js/ Frame 5749	312 KB 97 KB	10ms 10ms	Script application/javascript	18.66.248.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/static/js/prebidamp.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/fiamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-121.dus51.r.cloudfront.net Software nginx/1.20.0 / Resource Hash 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83 Request headers Referer https://ouo.press/ Origin https://ouo.press accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:41:07 GMT content-encoding gzip last-modified Tue, 14 Dec 2021 15:30:51 GMT server nginx/1.20.0 age 1418 etag W/"61b8b8ab-4e128" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop DUS51-P1 x-amz-cf-id dsaRmPZgUuBp2GXOcc71XjrdnBmhqauU3lV6bKWfv-kELicP85cQPg== via 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront) expires Tue, 26 Jul 2022 06:33:12 GMT
POST H2	200	lg.php cdn.firstimpression.io/delivery/ Frame 5749	1 B 445 B	42ms 42ms	Ping text/html	18.66.122.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/fiamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-109.fra60.r.cloudfront.net Software nginx/1.20.0 / PHP/8.0.14 Resource Hash cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 Request headers Referer https://ouo.press/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 26 Jul 2022 05:56:50 GMT content-encoding gzip server nginx/1.20.0 x-amz-cf-pop FRA60-P2 x-powered-by PHP/8.0.14 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://ouo.press cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 x-amz-cf-id oWa9jkdlhOlUNBpNnm04siQNnUmr-zI53vxrfhn8CHnlX0MMaB8ycw== via 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront) expires 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 5749	16 KB 8 KB	167ms 130ms	XHR application/json	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 5f067724054e864ebd47615bc8c94c038fa0fc83000d9943790d0441dd0efe71 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ouo.press/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers Date Tue, 26 Jul 2022 05:56:50 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 1889f31c-567c-428d-87d7-b910a0befd73 Server nginx/1.21.3 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/ Frame 5749	348 B 1 KB	144ms 99ms	XHR application/json	2602:803:c004:200::143 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FTSVn2a&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FTSVn2a&tg_i.page=https%3A%2F%2Fouo.press%2FTSVn2a&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=b3d9a45a-d7d5-4635-ad5a-d872a5c9a378&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6663512227336408 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 3631b2b28b135885ac3714d35bc7910c07ab6ab26be3f52bb6834575e3e731f7 Request headers Referer https://ouo.press/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 26 Jul 2022 05:56:50 GMT Server nginx/1.21.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://ouo.press Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 348 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	cdb Show response bidder.criteo.com/ Frame 5749	18 B 307 B	242ms 84ms	XHR application/json	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=8682731488 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ouo.press/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers date Tue, 26 Jul 2022 05:56:50 GMT content-encoding gzip server Finatra vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://ouo.press access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 44
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 5749	16 KB 8 KB	171ms 132ms	XHR application/json	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 953d376c17f950a794528742d448b2a5a9a9302a85a11a94975a3c79e7a24915 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ouo.press/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers Date Tue, 26 Jul 2022 05:56:50 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid f5f092b9-5e60-4825-8b83-6a6f7fdea2b8 Server nginx/1.21.3 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	mvo Show response tag.1rx.io/rmp/212927/0/ Frame 5749	0 157 B	55ms 17ms	XHR text/plain	213.19.147.43 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.43 Beverwijk, Netherlands, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ouo.press/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ouo.press pragma no-cache date Tue, 26 Jul 2022 05:56:50 GMT cache-control private, max-age=0, no-cache, no-store access-control-allow-credentials true
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/ Frame 5749	140 KB 39 KB	8ms 8ms	Script application/javascript	143.204.93.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/fiamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.93.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-93-3.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 26 Jul 2022 05:13:00 GMT via 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront) last-modified Thu, 30 Jun 2022 20:51:38 GMT server AmazonS3 age 2630 etag W/"72916dde70b34122b394074010b382ce" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop FRA60-P1, FRA50-C1 content-encoding gzip x-amz-cf-id zfCAupj-RDzU5aKt6qb8PJfSveDr3gZcheyzmAXDLTYCOejC5b7eng==
GET H2	200	n.css cdn.run-syndicate.com/sdk/v1/	8 KB 8 KB	192ms 7ms	Stylesheet text/css	8.241.123.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://cdn.run-syndicate.com/sdk/v1/n.css Requested by Host: cdn.runative-syndicate.com URL: https://cdn.runative-syndicate.com/sdk/v1/n.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.241.123.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:50 GMT last-modified Thu, 12 Aug 2021 08:36:05 GMT server nginx age 30056521 etag "6114dd75-2055" content-type text/css accept-ranges bytes x-robots-tag noindex, nofollow content-length 8277
GET H2	200	dynamic Show response run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/	9 KB 5 KB	55ms 14ms	Script application/javascript	78.46.40.103 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1600&h=1200&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,TSVn,&adtype=label-under&callback=callback_el90d Requested by Host: cdn.runative-syndicate.com URL: https://cdn.runative-syndicate.com/sdk/v1/n.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 78.46.40.103 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.103.40.46.78.clients.your-server.de Software nginx / Resource Hash ef4f219ec79bf9ecee3d1214ff81163e00ca00f4c7c6cb309d1de3cfdb355a68 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Tue, 26 Jul 2022 05:56:50 GMT content-encoding gzip server nginx x-api-version 2 vary Accept-Encoding, * report-to { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag none, noindex, nofollow x-request-id a037a58f542e2d02 expires 0
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame A1CB	42 KB 22 KB	55ms 54ms	Document text/html	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=8ug3iavr53bz Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 8a23adf63e6b29880c04060dbbb6f806e130f6a69c187981ccd708a7833cc454 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-7UPgoI0XcyEIh89f27Pd-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ouo.press/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22325 content-security-policy script-src 'report-sample' 'nonce-7UPgoI0XcyEIh89f27Pd-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Jul 2022 05:56:50 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/ Frame 5749	0 305 B	8ms 8ms	XHR text/plain	143.204.93.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.93.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-93-3.fra50.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 02:46:43 GMT via 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront) server Server age 11406 x-cache Hit from cloudfront access-control-allow-origin https://ouo.press cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 x-amz-cf-id cY3gabh3H2nPqGq4HedeaoLXHyk-8UafMVY_3qQFfiFFuua1USFIbw==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/ Frame 5749	23 B 486 B	47ms 46ms	XHR text/javascript	143.204.93.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FTSVn2a&pid=I6G8yu2EJODHy&cb=0&ws=728x90&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.93.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-93-3.fra50.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:50 GMT via 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA50-C1 x-amz-rid 8Y2S54ANRCJ57EMWG2A8 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ouo.press access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id qidoytMKCpnYcTDGi-1EpQjX9j0rRodMouVhOqpk0PUTJ8h8TErOAg==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5749	6 KB 3 KB	24ms 8ms	XHR application/javascript	143.204.93.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.93.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-93-3.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-version-id ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" age 79697 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Wed, 29 Jun 2022 23:14:57 GMT server AmazonS3 date Mon, 25 Jul 2022 07:48:34 GMT vary Accept-Encoding,Origin access-control-allow-methods GET content-type application/javascript via 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA50-C1 x-amz-cf-id dT9A4SZ2LLt-NGmtRr-_VkzmsC45JRLpibzjgvqUFqFOSbZV0iYM2A==
GET H2	200	300x250.webp lcdn.tsyndicate.com/images/4/7/f35ecad559296545180a972cf04a487fc2a0cb/	3 KB 3 KB	149ms 7ms	Image image/webp	8.241.80.121 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/4/7/f35ecad559296545180a972cf04a487fc2a0cb/300x250.webp Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.241.80.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash d378be3e2a37d0dc9051bba1029a72e4c873152ebb2418f875f497953a9cb7ea Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:50 GMT content-encoding gzip last-modified Wed, 30 Sep 2020 19:22:40 GMT server nginx age 30767319 etag W/"5f74db00-c96" vary Accept-Encoding content-type image/webp accept-ranges bytes x-robots-tag noindex, nofollow content-length 3245
GET H2	200	300x250.webp lcdn.tsyndicate.com/images/b/f/d13fbe69e2b843334099c4259eac92a70957b3/	9 KB 10 KB	150ms 8ms	Image image/webp	8.241.80.121 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/b/f/d13fbe69e2b843334099c4259eac92a70957b3/300x250.webp Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.241.80.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash cef6e05a22e09c43b1eaa63711b0b0ff426398b8a5e2dac633d1d4c0e37dfec5 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:50 GMT content-encoding gzip last-modified Fri, 04 Mar 2022 12:31:24 GMT server nginx age 12417198 etag W/"6222069c-2590" vary Accept-Encoding content-type image/webp accept-ranges bytes x-robots-tag noindex, nofollow content-length 9639
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame A1CB	51 KB 24 KB	117ms 40ms	Stylesheet text/css	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=8ug3iavr53bz Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:07:51 GMT content-encoding gzip x-content-type-options nosniff age 24539 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 18 Jul 2022 04:01:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 25 Jul 2023 23:07:51 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame A1CB	365 KB 145 KB	132ms 55ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=8ug3iavr53bz Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 22:44:01 GMT content-encoding gzip x-content-type-options nosniff age 25969 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147954 x-xss-protection 0 last-modified Mon, 18 Jul 2022 04:01:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 25 Jul 2023 22:44:01 GMT
POST H2	200	v1 cdn.firstimpression.io/tracking/habit/ Frame 5749	2 B 404 B	30ms 30ms	Ping text/plain	18.66.122.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.firstimpression.io/tracking/habit/v1?b=1 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-109.fra60.r.cloudfront.net Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://ouo.press/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 26 Jul 2022 05:56:50 GMT access-control-request-method * x-amz-cf-pop FRA60-P2 access-control-allow-methods OPTIONS, GET, POST content-type text/plain access-control-allow-origin https://ouo.press access-control-allow-credentials true x-cache Miss from cloudfront access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 2 via 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront) x-amz-cf-id bFm1uF79SoDAOI9jm8btp6sL6mBow-cqeanzjtm8aLgbCaXXhKLXFQ==
GET H2	200	nmedianet.js Show response contextual.media.net/ Frame 0E0E	138 KB 47 KB	196ms 24ms	Script text/javascript	88.221.168.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://contextual.media.net/nmedianet.js?cid=8CUL2446F Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b83d125349984a38e2d86febae69b23f3961eb1502dd989d6746070ecea97f44 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers timing-allow-origin * x-mnt-h 8-9 content-encoding gzip server Apache etag "8013148affc38852f3470723da757056" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control max-age=300 date Tue, 26 Jul 2022 05:56:50 GMT strict-transport-security max-age=31536000 x-mnt-w 8-35 expires Tue, 26 Jul 2022 06:01:50 GMT
GET H/1.1	200 OK	log qsearch-a.akamaihd.net/ Frame 0E0E	35 B 329 B	180ms 7ms	Image image/gif	92.123.194.140 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=19050205&other_prv=9&jar_err=&current_day=2.0&adtyp=0&req_id=5037337778013564363&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=17.4685&exp=&second_bidder=*&search_res=60&floor_bucket=0.00&gpid_format=&seat=&size=728x90&url_l1=tsvn2a&f_seg=&prdp=0.1000&ogcbdp=0.2500&dfpbd=0.1000&server=1&ogerpm_wd_bkt=0-1&model_version=202207251347_generic_appn_2-cid_1&viewability=0.7200&dmm_r=1.0650&cut=60&dmm_l=0.0380&as_cache=0&tcyerpm=&sc=NW&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ouo.press%2Ftsvn2a%2F&bidrestime=1658815010452&cc=DE&strg=harmony&ss=&current_hour=5&time_stamp=2022-07-26+05%3A56%3A50&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.2500&ct=Herford&akey=&mnckfl=0&bdp_bucket=0.25&algo=default&dc=eu_be&splid=19050205&dim4=exploration&dn=ouo.press&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F103.0.5060.134+Safari%2F537.36&buyer_id=&dmm_m10=1519695&bdp_wider_bucket=1&acid=56ccb8ee46f64c388d4e3c27f624e647&infl=&o_ver=NT+10.0&br_ver=103.0.5060.134&bdmm_m6=1.0000&bdmm_m7=1.1080&bdmm_m5=1.0000&ver=8.12.0&totalTimeBucket=3&visibility=0&totalTime=3791629&dmm_m1=2022-07-26+05%3A56%3A50.454634698&e_rpm=0.4060&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=1.1080&cid=8CU6M287B&bcrid=352460673&rawbid=0.2500&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-589f674bf7-fvmh2.BE&dfp_bucket=0.1&adblk=&itype=appnexus&pvid_seat=9&cliIP=3117783808&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=60&gpid=&iwb=1&dmm_d22=0.03&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.25 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 92.123.194.140 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-194-140.deploy.static.akamaitechnologies.com Software Jetty(9.4.35.v20201120) / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Tue, 26 Jul 2022 05:56:50 GMT Server Jetty(9.4.35.v20201120) Content-Type image/gif Access-Control-Allow-Origin * Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 35 Expires Tue, 26 Jul 2022 05:56:50 GMT
GET H2	200	adperformance.js Show response warp.media.net/rtb/resource/ Frame 0E0E	61 KB 62 KB	219ms 7ms	Script application/javascript	95.101.200.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-200-23.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=604800 server nginx date Tue, 26 Jul 2022 05:56:50 GMT content-type application/javascript;charset=ISO-8859-1 cache-control max-age=75807 access-control-allow-credentials true content-length 62892 expires Wed, 27 Jul 2022 03:00:17 GMT
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/224/ Frame 0E0E	85 KB 29 KB	180ms 6ms	Script application/x-javascript	151.101.129.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/224/trk.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AkamaiNetStorage / Resource Hash c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Tue, 26 Jul 2022 05:56:50 GMT Content-Encoding gzip Age 13121900 X-Cache HIT, HIT Connection keep-alive Content-Length 29216 X-Served-By cache-lga21929-LGA, cache-hhn4041-HHN Access-Control-Allow-Origin *, * Last-Modified Thu, 24 Feb 2022 08:58:20 GMT Server AkamaiNetStorage X-Timer S1658815011.860629,VS0,VE0 ETag "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631" Vary Accept-Encoding Content-Type application/x-javascript Via 1.1 varnish, 1.1 varnish Expires Fri, 24 Feb 2023 08:58:29 GMT Cache-Control max-age=31536000 Accept-Ranges bytes X-Cache-Hits 980508, 3436753
GET H/1.1	200 OK	it ams3-ib.adnxs.com/ Frame 0E0E	0 819 B	187ms 14ms	Image text/html	185.89.210.180 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fouo.press%252FTSVn2a&e=wqT_3QLSBIBSAgAAAwDWAAUBCKKE_pYGEIHsqIqj7K-mYxgAKjYJmpkBAVC5PxFzaJHtfD-1PxkAAABACtfzPyEREgApESQAMQEbwOF6tD8w3d2KCTjRGECVCUhgUIG_iKgBWNGXZWAAaKuAuQF43fQFgAEBigEDVVNEkgEBBvTMAZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAudD4ALDy1nqAhhodHRwczovL291by5wcmVzcy9UU1ZuMmGAAwCIAwGQAwCYAxegAwGqA0ESGDUwMzczMzc3NzgwMTM1NjQzNjNfc2JpZBoTNzE1NTMwNDMzNjQzOTUyMjgxNyIJMzUyNDYwNjczKgVNMTE3M8ADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTc2qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIG_iKgBiAUBmAUAoAXL253B0oCO9EXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi_BkAAyAfd9AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB46_AYoIAhAAlQgAAIA_mAgB&s=562f1879622aa3aa83054d2d8023391dda1bca76 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Tue, 26 Jul 2022 05:56:50 GMT X-Proxy-Origin 185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid f83e6da3-0c32-4622-9e7f-a00b08e83a0e Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame A1CB	102 B 134 B	49ms 49ms	Other text/javascript	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 613e7703528887ec639fbe5165b22ce6f72768a423ecd698f05e3ece6ce90ff4 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=8ug3iavr53bz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:50 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Tue, 26 Jul 2022 05:56:50 GMT
GET H2	200	smtr Show response contextual.media.net/ Frame 0E0E	79 KB 27 KB	222ms 221ms	Script text/javascript	88.221.168.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=211362147&size=728x90&cc=DE&chnm=HARMONY&pid=8PO15FLE3&tpid=TCOZEBG&https=1&vif=1&requrl=https%3A%2F%2Fouo.press%2FTSVn2a&nse=5&vi=1658815010505404267&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&bcpf=B4zqqB8fOnRrolnfOur8z4Be&bdrId=9&ntv=0&katpre=1&katbid=-103&pgid=p01454867668t202207260556&goent=1&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=HE Requested by Host: contextual.media.net URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-23.deploy.static.akamaitechnologies.com Software / Resource Hash aee9f41fc38e55a0f2953df7420479256e857316ed2c84d9944c35415e2205f5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Tue, 26 Jul 2022 05:56:51 GMT content-encoding gzip vary Accept-Encoding content-type text/javascript expires Tue, 26 Jul 2022 05:56:51 GMT cache-control max-age=0, no-cache, no-store x-sc-h 22-e0nc strict-transport-security max-age=31536000 timing-allow-origin * content-length 27027 x-sc-w 22-pvgm
GET H2	200	checksync.php Show response contextual.media.net/ Frame ED33	15 KB 6 KB	16ms 16ms	Document text/html	88.221.168.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 112dfb77c792ae4da0cfc3da59b441f2734fbcf0d7037393a506cb3d52f35e3f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ouo.press/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=172800 content-encoding gzip content-length 5746 content-type text/html; charset=UTF-8 date Tue, 26 Jul 2022 05:56:50 GMT expires Thu, 28 Jul 2022 05:56:50 GMT server Apache strict-transport-security max-age=31536000 vary Accept-Encoding x-mnet-hl2 E
GET H2	200	bping.php lg3.media.net/ Frame 0E0E	35 B 189 B	22ms 7ms	Image image/gif	95.101.200.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://lg3.media.net/bping.php?vgd_len=526&&vgd_cdv=764&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&vi=1658815010505404267&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886994807&r=1658815008614&requrl=https%3A%2F%2Fouo.press%2FTSVn2a&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=39351&vgd_rakh=1658815010146635382&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p01454867668t202207260556&vgd_pgids=1&vgd_uspa=0&hvsid=00001658815008610031177838081842&gdpr=1&vgd_end=1 Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-200-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9 Security Headers Name Value Strict-Transport-Security max-age=21600 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=21600 server Apache date Tue, 26 Jul 2022 05:56:50 GMT content-type image/gif cache-control max-age=0, no-cache, no-store content-length 35 expires Tue, 26 Jul 2022 05:56:50 GMT
GET H2	200	checksync.php Show response contextual.media.net/ Frame 43C9	21 KB 8 KB	15ms 15ms	Document text/html	88.221.168.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 2dce689e805563bb6b3ddc16cc214c0bb610139024cab3a22af6804cdf9072fb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ouo.press/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=172800 content-encoding gzip content-length 7842 content-type text/html; charset=UTF-8 date Tue, 26 Jul 2022 05:56:50 GMT expires Thu, 28 Jul 2022 05:56:50 GMT server Apache strict-transport-security max-age=31536000 vary Accept-Encoding x-mnet-hl2 E
GET H2	200	clog hblg.media.net/ Frame 0E0E	35 B 172 B	33ms 6ms	Image image/gif	95.101.200.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4619&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=5037337778013564363&s_city=amsterdam&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.250&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=0be5a0a4&scrid=352460673&itypeid=16&mx_SPRIG=0&viewability=72&renderer=0&be=0&rtime=3.0&adj0=0.0&tmax=150&s_ip=185.89.210.68&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=5037337778013564363&sc=NW&mowxReqId=56ccb8ee46f64c388d4e3c27f624e647_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2FTSVn2a&bidrestime=1658815010452&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-31-24&coppa_enf=true&devmodel=Unknown&bdp=0.250&ct=Herford&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=56ccb8ee46f64c388d4e3c27f624e647&actltime=26&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.1&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3153&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460673&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2316%23%2348%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1658815610707&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.1&csex=0&pvdTmax=106&ltime=25.0&epc=211362147&prvReqId=4544632096139_2100313759_856004011191&zip=32052&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&rtttime=36&apTags%3C%3E=75&mx_PC=1&wsip=mowx-78d46c6f85-8bc2k&currsrc_date=2022-07-25+00%3A00%3A00&mx_divid=19050205&geoll=false&debug_ts=2022-07-26+05%3A56%3A50&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=1.24&pvid=9&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-589f674bf7-fvmh2.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.25&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=0&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=7155304336439522817&rme=adm&bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DFRANKFURTAMMAIN~ref_cnt%3D0~r_ip%3D185.213.155.0~r_sc%3DNW~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D39351~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010001~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.038~dmm_r%3D1.065~e_rpm%3D0.406~dmm_m1%3D0.406~dmm_m2%3D0.034~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.108~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D1.108~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.997~dmm_m16%3D1.065~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D148847.831~dmm_m40%3D1820800.000~dmm_m41%3D38.481~dmm_m42%3D732.000~dmm_m44%3D0.997~dmm_m47%3D32477.000~dmm_m48%3D7673658.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.406~vbr%3D0~bid%3D0.250~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.717653%7Ecbdp%3D0.100%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.250%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D60%7Edogb%3D0-1~ibc%3D1~&utime=&sf=0&cpr=0.8610130367230389 Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-200-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma max-age=3600 date Tue, 26 Jul 2022 05:56:50 GMT server Apache content-type image/gif access-control-allow-origin * cache-control max-age=21600 content-length 35 expires Tue, 26 Jul 2022 11:56:50 GMT
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/	35 B 132 B	54ms 12ms	Image image/gif	168.119.1.208 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIsqIgVFDxo0wNFrcKJNjTAsaOW7MaKHyRowWBmeYUQkjDA4zMmSIeBimzpiMYyLSCFOmzI0WNcbYqIGSTI4yLXDUuAGjJQ4yY8jQiBGmhpkYZXhCJGNnoQwYN9Q-hFNHzMIZMho6hAgHztkaNuI-nANnoo4ZOWzAsCHDxsMxbe4CrhGDaY6eZMwsLPxQjBs3Z2lsxsH1YRs3GBnGRcsWtOgYOWDMOCyijhw2Z2_IyBGDBo6HdXbqGEiHDpw5Ol68sEMmjxk2Z9SMyYPHjRkXddykGfNGjhs4ctIcjCFjhovqbV6wcQEHDZwfcHqM0fFFDpw4bNTcyFPfhh49d2ywscOlDgwYDCOjh8G2yoGMGMhgSiccvEqwDBloomGGMfwD0LA5eghssMJssDBAG8ToQYbNbuPqQ8PE2K4HGFwAMAYUbYBjxSHSkIKNLNQIIoYm1CADDSeGWE0LKuRjgoooanBCjyboeIKKMWZoYooY0NCCCCfaeHKMO7KgAo02ekwiijjCSEKII5Sw44YgphgijxnsKEKIJpao4wYjqEgDDjeUqEKIKIJQIokhYjhjiCyOkAKOL5ZwAw8Y1oghjSqIyCE-PaqY4os6qhCDCCaQSCLGxNSbobHHYlyjjDzusG7AN-p4owQZhsiujDnmoHWIOdCwjo5d2UjDjTV0rVVYYnft9dcy3EBoVzPkMGrXKqRgQllf5aCj2WdrNULaMqi1Fltm3VAWITuoC7fWWGet9dZcd6ViCivMrTVGMmQgUAZ8Y9AQ1RpywHcGFvGlYcS84sK3hh6IKAJfG3potzxpc8X3BollpRjXOVZwIgw60rCjjBWa2I4MNsrAF4ceaBgLjjbOeugNmGUWgYw3YuZtYngVQgzkhbbgqgu25ABKhxZfZCuMPNp4gwyKALRsMqRdrEgEOexYrDTX6kgjIxzEEGO2A2VoYQwIo6JBjMFaECMGHKyKYYwYAKxhhrWZmuyhPTOCuwYX5PpuLhdiuMGGseT4om_e_g48hsFrANxwxHMLI6Mm3tAjDTbYCOMFwGEAAYUrhsX5jjlAcIIKEOp2cQcQSnfDBhpgx4P2FEAIwq6Ur9hoiTToAH2GG1xgbfQlkKCiCSZYAEHYVUE4oowx1ngj9yHQkCPnMl6o-7sWayCsRchpAGGKMMwIQ7vhi2dtrDGOFsHhsaz7Iv6M6H-IDfn1v7kMO7inDLFhCFUaU4POSA1rZ8iMDlTSmoMEUAxyWAhu_hdAp0FNBzLAgW0eQobtUWRmCtEBDYr2BjzkwWbSolpvfhOc4fCsYnN4wVju4LfBwGAsaPAbWnTIl6xlZHt0AJl1WiCd4LVgMC7ISnfGkpWMHOQLTdyJRXTmGAR2UHx1s-JusIgDLcKgblyZQWQE2JcvAI0hTAFjQ8QIg4cAMI0p0xYJt4A3okFEDH_5n_rqwIaJsIV_C4GjCMYAswDKAWRpeAMhXYCDHNTgNohBDQz6oICAAA%3D%3D&r=1&s=15b816d370927c8c50f1b451b26c08dd7a2509fddb961721e0285f5225838e3b1658815010&w=t&ir=245x208 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 168.119.1.208 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.208.1.119.168.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:50 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type image/gif; charset=utf-8
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/	35 B 133 B	53ms 11ms	Image image/gif	168.119.1.208 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIsbkCJMjxg0ZNFrMwCEmTAsaDWO0yEEGxsoZMmCQCYOjDI4YYWLMEPEwTJ0xGcdEpBGmTJkbLWqMsVEDJZkcZVrgqHEDBkscZMaQSRmmhpkYZXpCJGNnIQ2ZNyqKgFNHzMKYDR1ChANnoYwaNmI-nANnoo4ZOWzAsCHDxsMxbezqoAFDRgwYNHySMbOw8EMxbtzctZGjhmDJItq4wcgwpsyHcEaXjpEDxozDIurIYXM3h9UcOGA8rCMjIxo6dODM0fHixRwXY9ikGbPGRZjlZfDAkVNmDvIxb9q8KPPiS5A1VcIsifGDDJweQ9JIUfPkSpEaTaiMyeNkCAw9T44oQcOEShQ8nKCiCDrci-KOJqbArwk1hFgjCyrQYOMJIoxAQ74moogBhzOG2M-OG4KYYog8ZrCjCCGaYEINI44ggjk84ohCiCiCUCKJIWLoMIsjpIBDuinqkKIFI2xAgwjBwojCCTm-qKMKMYhgAokkxlLtrofeuFIHGR4iQ7uM3qjjDReos04hxML4a4uUukhNjqB0gMGFl1ILI4823iCDIhh2E0GMyuSkcy057FgMNdnqSCOjksQAqSUZWhijDBmkokGMwVoQY8OrYhgDMhhqmOHSpip7KI3FRNiwBhcem8EFuWC9wYaxmkQ1o1Vb3QnWGlj9iFbewsioiTf0SIMNNsJ4gVUYQEDhijTc-PKOOUAQEATI6NwBBGjdsIGGbfH4NgUQgqiLjTKuKEOMJdKgY9kZbnABNmeXQIIKFVkAYbk1ygDhiDKae4PcIdCQQ7vuIHt1zhoIm3MnGkCYIgwzwpAjDXjlhW2sMeIUgYgixnqjyY4zAnksNjw-2csy7PiiutoYqqqGhnBozE85zthMh9tiO8hlMeRYCAeWXc5zTy5xCo2MgynKUiHG3nwDjzywFKG6QAcKbrjiXhCTTDOve2GsO3AdDIax0MBVJrT5KjSjg-lQc-QW6nDD3RYGc0GrGHzz0uODvuDbbxHoaIOipnDAqWHILGrDN4YSX_ylyHaa7GXr4PhCTcRrULwhyn0S4y8RDqq4DjYmSi1lpzVSzWU51EzjjYXmVFwvxFiDoQ8FAgI%3D&r=1&s=b30ba01ca189574f4b9fb687a662a789ec40355210a74082013541cc4b4058951658815010&w=t&ir=245x208 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 168.119.1.208 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.208.1.119.168.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:50 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type image/gif; charset=utf-8
GET H2	200	checksync.php Show response contextual.media.net/ Frame EE3C	21 KB 8 KB	17ms 17ms	Document text/html	88.221.168.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 2dce689e805563bb6b3ddc16cc214c0bb610139024cab3a22af6804cdf9072fb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ouo.press/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=172800 content-encoding gzip content-length 7842 content-type text/html; charset=UTF-8 date Tue, 26 Jul 2022 05:56:50 GMT expires Thu, 28 Jul 2022 05:56:50 GMT server Apache strict-transport-security max-age=31536000 vary Accept-Encoding x-mnet-hl2 E
GET H/1.1	200 OK	rd_log Show response ams3-ib.adnxs.com/ Frame 0E0E	0 819 B	15ms 14ms	Script text/html	185.89.210.180 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FTSVn2a&e=wqT_3QKRBIARAgAAAwDWAAUBCKKE_pYGEIHsqIqj7K-mYxgAKjYJmpkBAVC5PxFzaJHtfD-1PxkAAABACtfzPyEREgApESQAMQEbwOF6tD8w3d2KCTjRGECVCUhgUIG_iKgBWNGXZWAAaKuAuQF43fQFgAEBigEDVVNEkgEBBvQgAZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAudD4ALDy1nqAhhodHRwczovL291by5wcmVzcy9UU1ZuMmGAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APcoKcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE3NqgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASBv4ioAYgFAZgFAKAFy9udwdKAjvRFwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAANOwEBWBAAGADgBgHyBgIIAIAHAYgHAKAHAboHAahQABgAIAAwADi_BkAAyAfd9AXSBw0JATQBAQEeDNoHBggFCWjgBwDqBwIIAPAHjr8BiggCEACVCAAAgD-YCAE.&s=404993a54cb059114ea8345ca63e0cc242fcc323&bdref=https%3A%2F%2Fouo.press%2FTSVn2a&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fouo.press%2FTSVn2a,https%3A%2F%2Fouo.press%2FTSVn2a,https%3A%2F%2Fouo.press%2FTSVn2a& Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Tue, 26 Jul 2022 05:56:50 GMT X-Proxy-Origin 185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 513ae4d0-2d6d-44e1-b854-e943923d1ee4 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	vevent ams3-ib.adnxs.com/ Frame 0E0E	0 835 B	14ms 13ms	Ping text/html	185.89.210.180 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FTSVn2a&e=wqT_3QLSBIBSAgAAAwDWAAUBCKKE_pYGEIHsqIqj7K-mYxgAKjYJmpkBAVC5PxFzaJHtfD-1PxkAAABACtfzPyEREgApESQAMQEbwOF6tD8w3d2KCTjRGECVCUhgUIG_iKgBWNGXZWAAaKuAuQF43fQFgAEBigEDVVNEkgEBBvTMAZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAudD4ALDy1nqAhhodHRwczovL291by5wcmVzcy9UU1ZuMmGAAwCIAwGQAwCYAxegAwGqA0ESGDUwMzczMzc3NzgwMTM1NjQzNjNfc2JpZBoTNzE1NTMwNDMzNjQzOTUyMjgxNyIJMzUyNDYwNjczKgVNMTE3M8ADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTc2qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIG_iKgBiAUBmAUAoAXL253B0oCO9EXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi_BkAAyAfd9AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB46_AYoIAhAAlQgAAIA_mAgB&s=562f1879622aa3aa83054d2d8023391dda1bca76&type=nv&nvt=5&jm=1003&sid=3111501071199948820&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&sw=1600&sh=1200&pw=1600&ph=1830&ww=1600&wh=1200&ft=2 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/224/trk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Tue, 26 Jul 2022 05:56:51 GMT X-Proxy-Origin 185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 17602134-2213-40e3-ba8d-c9ab7713498f Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame A1CB	32 KB 18 KB	77ms 77ms	XHR application/json	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ba22a44665b84b5a4f06baada28a51e7c4793b537be58ccc6b47370f20818c05 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=8ug3iavr53bz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-protobuffer Response headers date Tue, 26 Jul 2022 05:56:51 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18528 x-xss-protection 1; mode=block expires Tue, 26 Jul 2022 05:56:51 GMT
GET DATA	200 OK	truncated / Frame 981F	107 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 981F	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	Roboto-Bold.woff res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame 981F	24 KB 25 KB	215ms 7ms	Font application/font-woff	2.16.241.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.241.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-241-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a Request headers Referer https://ouo.press/ Origin https://ouo.press accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Tue, 26 Jul 2022 05:56:51 GMT Last-Modified Mon, 16 May 2016 10:39:41 GMT Server nginx ETag "5739a36d-60f0" Content-Type application/font-woff Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 24816
GET H2	200	bql.php Show response lg3.media.net/ Frame 981F	15 B 216 B	10ms 8ms	Script text/javascript	95.101.200.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://lg3.media.net/bql.php?vgd_len=5255&&&vgd_l2type=sca&fp=CPlwIBiT932FkZzdrHiv5lv8EL5ebwrpp9Xj29uLY8oD4K_wvnNyCRK3LE2R9ZLP5xR7YoqMIHftOJ7lQRsEsNS3-nvPA6sXVHzSwZiRRkTBzAK8j8oYZFLqjGRufut9&cme=u8xaDF09-B-r1TZBc3TK2rf-eIMTfgqlptIrG6Kij3F2v-ZH2q8nMQRQ4bSg78OhdHGHXHqeCoos_zWLmiomokWOBs4cSeO2IGaXsQpLwdi0DS181nVbj1GBn9hQ7zDp7A0w9CQ9Nh9wI2xHV5hU7aUWAkKuYoKQz9_GGcvuJQMxed1jF24dCGerjf9qxf_dNJESZlTeXJJBmeWivZptg_8JdL6-2QY0%7C%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7Ca0AmFUYXmD41Acxn9AJpoPMrvIsTs88omrOBe_2nLnoL7XHLugnnbg%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CJUrNCFIaeJ8lp--c0ygzAJPghp18qaidJfhttRVYhtbLUtthY4IIDXTp0eOCpKrxLQslTyGmfOz8Y23a7XmhJvdD4kp1UoH1d4YCkVDsknnW4-lToNfPcgGawni3Cw2w8EtH7rD-kuBQC1gjFdWZ_e1Z10jdPvZJhcecj082B-2sjgKz5LvAl1UCdSStvBxRhMxs9t__ou2f6H-fz-4e8xVHQH1fhVGT%7C&v=1&gdpr=1&geo=50.1%7C8.63&dlper=20&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170785059&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=266&fdkt=240&vgde_kbbh=ffoyxQJuO&kwd[]=Liste+der+Top+Aktien&kwt[]=240&kbc[]=1d1ed76ef9eb57b3a23b20e14c50866a.d2s&kwp[]=1&kid[]=329695013&kbc2[]=101%7C1%3D1.43%7C60%3D1.64%7C63%3D0.43%7C12%3D1.04%7C66%3D1.31%7C10%3D5.35%7C62%3D0.35%7Cps%3D0.673%7C3%3D0.29%7C4%3D4.17&ktd[]=274894749696&ktrkt[]=Liste+der+Top+Aktien&kwd[]=Ferienwohnung+in+Kroatien&kwt[]=240&kbc[]=1d1ed76ef9eb57b3a23b20e14c50866a.d2s&kwp[]=2&kid[]=10678673&kbc2[]=101%7C1%3D0.00%7C60%3D0.00%7C63%3D0.43%7C12%3D0.96%7C66%3D1.31%7C10%3D5.35%7C62%3D0.34%7Cps%3D0.673%7C3%3D0.51%7C4%3D4.38&ktd[]=274894749696&ktrkt[]=Ferienwohnung+in+Kroatien&kwd[]=Luftreiniger+f%C3%BCr+Allergiker&kwt[]=240&kbc[]=1d1ed76ef9eb57b3a23b20e14c50866a.d2s&kwp[]=3&kid[]=350651746&kbc2[]=101%7C1%3D0.74%7C60%3D0.79%7C63%3D0.43%7C12%3D0.57%7C66%3D1.31%7C10%3D5.35%7C62%3D0.65%7Cps%3D0.673%7C3%3D0.80%7C4%3D4.77&ktd[]=274894749696&ktrkt[]=Luftreiniger+f%C3%BCr+Allergiker&kwd[]=Strom-Tarife+im+Vergleich&kwt[]=240&kbc[]=1d1ed76ef9eb57b3a23b20e14c50866a.d2s&kwp[]=4&kid[]=326676410&kbc2[]=101%7C1%3D0.23%7C60%3D0.38%7C63%3D0.43%7C12%3D0.10%7C66%3D1.31%7C10%3D5.35%7C62%3D0.35%7Cps%3D0.673%7C3%3D0.81%7C4%3D4.00&ktd[]=274894749696&ktrkt[]=Strom-Tarife+im+Vergleich&cid=8CUL2446F&vwid=1658815010505404267&vi=1658815010505404267&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D39351&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=764&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785059&vgd_nrrv=57785&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&vgd_go_pid=8PO15FLE3&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1658815010146635382&sttm=1658815008610&upk=1658815009.18935&hvsid=00001658815008610031177838081842&verid=3111299&sbdrId=99&vgd_ecrid=352460673&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D39351&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8Ovui9X9f9X~Q7Ovui9X9f9X~875EJvK00I4tPb~e8Q8G8j875v9~N875vsDKICsPD_KccKVI~LJkMNz7v9~LM8EvuWX.fuA.uXX.9~LMQNvIp~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1QzvAiAXu~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHvu9~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvh9~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9A~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv99u999u~G-M8z7YOv9~G-My8zQxv9~G-MNQv9~G-MQ8lJvhfW-i9~G-Mjf1Qv9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~8w1v9~OYYMjv9.9AW~OYYMLvu.9FX~JMLEYv9.H9F~OYYMYuv9.H9F~OYYMYfv9.9AH~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhvu.u9W~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.WFi~OYYMYufvu.u9W~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iih~OYYMYuFvu.9FX~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAivuHWWHh.WAu~OYYMYH9vuWf9W99.999~OYYMYHuvAW.HWu~OYYMYHfvhAf.999~OYYMYHHv9.iih~OYYMYHhvAfHhh.999~OYYMYHWvhFhAFXW.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.H9F~eGLv9~G8Ov9.fX9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8Ovui9X9f9X~e8JB1G8j875v9.huhFXA~NGOEv9.u99~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.fX9~875EJM8OvuF~QJjjJLM71yM8Ovui9X9f9X~N1LL8JLVOv9~ONx7vF9~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=220406&vgd_scsver=273&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001658815008610031177838081842&subBdr=99&bdrid=9&rc=0&rand=1658815008856&acid=56ccb8ee46f64c388d4e3c27f624e647&matm=1658815008856&requrl=https%3A%2F%2Fouo.press%2FTSVn2a&vgd_x_pos=437&vgd_y_pos=1482&vgd_ren_page_h=1830&vgd_ltimesrc=1&vgd_ltime=702&vgd_rtime=486&vgd_etm=12&vgd_l1hcsd=A9%7C4814&vgd_l1ch=1&vgd_lhl=3031&vgd_pgid=p01454867668t202207260556&vgd_adprefflag=01&vgd_csip=rtb-common-589f674bf7-fvmh2.BE&vgd_sbSup=1&vgd_nrrs=57785&vgd_cntrdt=SL%7CDIV%7CDIV&vgd_eadm=1&vgd_end=2 Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-200-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24 Security Headers Name Value Strict-Transport-Security max-age=21600 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=21600 server Apache date Tue, 26 Jul 2022 05:56:51 GMT ntcoent-length 15 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store content-length 15 expires Tue, 26 Jul 2022 05:56:51 GMT
GET H2	200	log lg3.media.net/ Frame 0E0E	35 B 206 B	7ms 6ms	Image image/gif	95.101.200.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUL2446F&vi=1658815010505404267&hvsid=00001658815008610031177838081842&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=221&l2s_downloadTime=1&l2s_total=223&l2s_start=285&l2s_sslTime=0&l2s_nhp=h2&l1s_dnsTime=6&l1s_connectionTime=165&l1s_waitTime=196&l1s_downloadTime=7&l1s_total=203&l1s_start=52&l1s_sslTime=159&l1s_nhp=h2&gdpr=1 Requested by Host: ouo.press URL: https://ouo.press/TSVn2a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-200-23.deploy.static.akamaitechnologies.com Software Jetty(9.4.35.v20201120) / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Security Headers Name Value Strict-Transport-Security max-age=21600 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Tue, 26 Jul 2022 05:56:51 GMT server Jetty(9.4.35.v20201120) strict-transport-security max-age=21600 content-type image/gif access-control-allow-origin * cache-control max-age=0, no-cache, no-store content-length 35 expires Tue, 26 Jul 2022 05:56:51 GMT
POST H/1.1	200 OK	vevent ams3-ib.adnxs.com/ Frame 0E0E	0 835 B	15ms 14ms	Ping text/html	185.89.210.180 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FTSVn2a&e=wqT_3QLSBIBSAgAAAwDWAAUBCKKE_pYGEIHsqIqj7K-mYxgAKjYJmpkBAVC5PxFzaJHtfD-1PxkAAABACtfzPyEREgApESQAMQEbwOF6tD8w3d2KCTjRGECVCUhgUIG_iKgBWNGXZWAAaKuAuQF43fQFgAEBigEDVVNEkgEBBvTMAZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAudD4ALDy1nqAhhodHRwczovL291by5wcmVzcy9UU1ZuMmGAAwCIAwGQAwCYAxegAwGqA0ESGDUwMzczMzc3NzgwMTM1NjQzNjNfc2JpZBoTNzE1NTMwNDMzNjQzOTUyMjgxNyIJMzUyNDYwNjczKgVNMTE3M8ADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTc2qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIG_iKgBiAUBmAUAoAXL253B0oCO9EXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi_BkAAyAfd9AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB46_AYoIAhAAlQgAAIA_mAgB&s=562f1879622aa3aa83054d2d8023391dda1bca76&type=pv&jm=1003&px=436&py=1109&bw=728&bh=90&sf=1&sid=3111501071199948820&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&ft=2 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/224/trk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Tue, 26 Jul 2022 05:56:52 GMT X-Proxy-Origin 185.213.155.176; 185.213.155.176; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 7de72d36-1bf1-4f6e-befa-7a46f4318ffa Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	publishertag.prebid.113.js Show response static.criteo.net/js/ld/ Frame 5749	85 KB 27 KB	127ms 30ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.113.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:52 GMT content-encoding gzip last-modified Wed, 08 Sep 2021 12:50:31 GMT server nginx etag W/"6138b197-1532d" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 27 Jul 2022 05:56:52 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 538A	15 KB 6 KB	269ms 18ms	Document text/html	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ouo.press/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-length 6144 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 26 Jul 2022 05:56:51 GMT server-processing-duration-in-ticks 2126 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame 5749	87 KB 28 KB	48ms 17ms	XHR text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:52 GMT content-encoding gzip last-modified Fri, 08 Jul 2022 20:59:27 GMT server nginx etag W/"62c89aaf-15b76" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 27 Jul 2022 05:56:52 GMT
GET H2	200	bqi.php lg3.media.net/ Frame 0E0E	15 B 15 B	8ms 7ms	Image text/javascript	95.101.200.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://lg3.media.net/bqi.php?vgd_len=3259&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_l2type=sca&pid=8PO15FLE3&katbid=-103&katen=1&cme=u8xaDF09-B-r1TZBc3TK2rf-eIMTfgqlptIrG6Kij3F2v-ZH2q8nMQRQ4bSg78OhdHGHXHqeCoos_zWLmiomokWOBs4cSeO2IGaXsQpLwdi0DS181nVbj1GBn9hQ7zDp7A0w9CQ9Nh9wI2xHV5hU7aUWAkKuYoKQz9_GGcvuJQMxed1jF24dCGerjf9qxf_dNJESZlTeXJJBmeWivZptg_8JdL6-2QY0||u8A6SM53vAeDX2gxB2l7q9coRgBZkbzd|qW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb|a0AmFUYXmD41Acxn9AJpoPMrvIsTs88omrOBe_2nLnoL7XHLugnnbg==|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|JUrNCFIaeJ8lp--c0ygzAJPghp18qaidJfhttRVYhtbLUtthY4IIDXTp0eOCpKrxLQslTyGmfOz8Y23a7XmhJvdD4kp1UoH1d4YCkVDsknnW4-lToNfPcgGawni3Cw2w8EtH7rD-kuBQC1gjFdWZ_e1Z10jdPvZJhcecj082B-2sjgKz5LvAl1UCdSStvBxRhMxs9t__ou2f6H-fz-4e8xVHQH1fhVGT|&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&requrl=https%3A%2F%2Fouo.press%2FTSVn2a&vi=1658815010505404267&ugd=4&cc=DE&sc=HE&bdrid=9&subBdr=99&startTime=1658815008599&l2type=sca&vgd_l1rakh=1658815010146635382&l1ch=1&sttm=1658815008610&upk=1658815009.18935&hvsid=00001658815008610031177838081842&acid=56ccb8ee46f64c388d4e3c27f624e647&verid=3111299&vgd_bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DFRANKFURTAMMAIN~ref_cnt%3D0~r_ip%3D185.213.155.0~r_sc%3DNW~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D39351~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010001~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.038~dmm_r%3D1.065~e_rpm%3D0.406~dmm_m1%3D0.406~dmm_m2%3D0.034~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.108~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D1.108~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.997~dmm_m16%3D1.065~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D148847.831~dmm_m40%3D1820800.000~dmm_m41%3D38.481~dmm_m42%3D732.000~dmm_m44%3D0.997~dmm_m47%3D32477.000~dmm_m48%3D7673658.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.406~vbr%3D0~bid%3D0.250~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.717653%7Ecbdp%3D0.100%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.250%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D60%7Edogb%3D0-1~ibc%3D1~&vgd_sc=HE&infr=1&stime=1658815008383&vgd_ecrid=352460673&l1hcsd=l1!A9|4814&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22eu_be%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p01454867668t202207260556&vgd_pgids=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-200-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=21600 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=21600 server Apache date Tue, 26 Jul 2022 05:56:52 GMT ntcoent-length 15 vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control max-age=0, no-cache, no-store content-length 15 expires Tue, 26 Jul 2022 05:56:52 GMT
GET H2	200	log hblg.media.net/ Frame 0E0E	35 B 194 B	7ms 7ms	Image image/gif	95.101.200.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=5037337778013564363&s_city=amsterdam&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.250&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=0be5a0a4&scrid=352460673&itypeid=16&mx_SPRIG=0&viewability=72&renderer=0&be=0&rtime=3.0&adj0=0.0&tmax=150&s_ip=185.89.210.68&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=5037337778013564363&sc=NW&mowxReqId=56ccb8ee46f64c388d4e3c27f624e647_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2FTSVn2a&bidrestime=1658815010452&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-31-24&coppa_enf=true&devmodel=Unknown&bdp=0.250&ct=Herford&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=56ccb8ee46f64c388d4e3c27f624e647&actltime=26&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.1&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3153&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460673&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2316%23%2348%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1658815610707&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.1&csex=0&pvdTmax=106&ltime=25.0&epc=211362147&prvReqId=4544632096139_2100313759_856004011191&zip=32052&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&rtttime=36&apTags%3C%3E=75&mx_PC=1&wsip=mowx-78d46c6f85-8bc2k&currsrc_date=2022-07-25+00%3A00%3A00&mx_divid=19050205&geoll=false&debug_ts=2022-07-26+05%3A56%3A50&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&ecp=1.24&pvid=9&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-589f674bf7-fvmh2.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.25&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=0&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=7155304336439522817&rme=adm&bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DFRANKFURTAMMAIN~ref_cnt%3D0~r_ip%3D185.213.155.0~r_sc%3DNW~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D39351~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.03~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010001~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~iha%3D0~dmm_l%3D0.038~dmm_r%3D1.065~e_rpm%3D0.406~dmm_m1%3D0.406~dmm_m2%3D0.034~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.108~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D1.108~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.997~dmm_m16%3D1.065~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D148847.831~dmm_m40%3D1820800.000~dmm_m41%3D38.481~dmm_m42%3D732.000~dmm_m44%3D0.997~dmm_m47%3D32477.000~dmm_m48%3D7673658.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.406~vbr%3D0~bid%3D0.250~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.717653%7Ecbdp%3D0.100%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.250%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D60%7Edogb%3D0-1~ibc%3D1~&utime=&sf=0&cpr=0.8610130367230389&evttyp=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-200-23.deploy.static.akamaitechnologies.com Software Jetty(9.4.35.v20201120) / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Request headers accept-language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Tue, 26 Jul 2022 05:56:52 GMT server Jetty(9.4.35.v20201120) content-type image/gif access-control-allow-origin * cache-control max-age=0, no-cache, no-store content-length 35 expires Tue, 26 Jul 2022 05:56:52 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 538A Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=0&topUrl=ouo.press&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=tMSCZnwzM2VnZTZCWEJocDBkNTI1N2Jld1ovU1dxSzVrWmdpYjJ5VmI2ZityVFU1SjZuTFpIdU5pSHMvdEJmQ0ZFWmNQYTZNRjN0ZmZZNG50bEpOSDB2YmFLdEYzeW5xMGI0NFkyaTZTYWlaMUQ2VStiWFRGZkVUTjdMUE...	428 B 631 B	297ms 20ms	Fetch application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=tMSCZnwzM2VnZTZCWEJocDBkNTI1N2Jld1ovU1dxSzVrWmdpYjJ5VmI2ZityVFU1SjZuTFpIdU5pSHMvdEJmQ0ZFWmNQYTZNRjN0ZmZZNG50bEpOSDB2YmFLdEYzeW5xMGI0NFkyaTZTYWlaMUQ2VStiWFRGZkVUTjdMUEVEMHJIR3lha1ZZK005a0dMVDdkWDFHYVdSNnkrS2I0UUxRTTROS0VieG5INy9MNTFHMVgrNk80alBvVUM3d0hNYWczK2xqd2l4RVN1elg4UjA3TVFpZjVqbk5abDE1dHB1UG1QWld6ZzVqcVZNUHRwakloNEVBTHZsUlhNRW5VTG1ZZWNpMWVlTTFZeERxN3J6L2RtVWJxUi9McFBvUT09fA&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 48447b8ef290edbe16720ed26e3d0f5d63313647f39b6daecb6ae976d229f0f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Tue, 26 Jul 2022 05:56:52 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 5260 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Tue, 26 Jul 2022 05:56:52 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=tMSCZnwzM2VnZTZCWEJocDBkNTI1N2Jld1ovU1dxSzVrWmdpYjJ5VmI2ZityVFU1SjZuTFpIdU5pSHMvdEJmQ0ZFWmNQYTZNRjN0ZmZZNG50bEpOSDB2YmFLdEYzeW5xMGI0NFkyaTZTYWlaMUQ2VStiWFRGZkVUTjdMUEVEMHJIR3lha1ZZK005a0dMVDdkWDFHYVdSNnkrS2I0UUxRTTROS0VieG5INy9MNTFHMVgrNk80alBvVUM3d0hNYWczK2xqd2l4RVN1elg4UjA3TVFpZjVqbk5abDE1dHB1UG1QWld6ZzVqcVZNUHRwakloNEVBTHZsUlhNRW5VTG1ZZWNpMWVlTTFZeERxN3J6L2RtVWJxUi9McFBvUT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1337 content-length 541 expires 0
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 5681	281 B 554 B	113ms 7ms	Document text/html	23.203.77.3 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-203-77-3.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://ouo.press/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Tue, 26 Jul 2022 05:56:53 GMT ETag "40014-119-5d32342a551c0" Last-Modified Tue, 14 Dec 2021 23:07:59 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame AB6D	52 KB 17 KB	52ms 7ms	Document text/html	88.221.168.189 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-168-189.deploy.static.akamaitechnologies.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://ouo.press/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Tue, 26 Jul 2022 05:56:53 GMT ETag "623de86a-cf34" Expires Wed, 27 Jul 2022 05:56:55 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame AB6D	0 747 B	14ms 13ms	Script text/html	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Tue, 26 Jul 2022 05:56:53 GMT X-Proxy-Origin 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 37d2c11b-58dc-4d53-a14d-863c1824703d Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 5681	31 KB 10 KB	7ms 7ms	Script text/html	23.203.77.3 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-203-77-3.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Tue, 26 Jul 2022 05:56:53 GMT Content-Encoding gzip Last-Modified Tue, 12 Jul 2022 20:44:25 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=82916 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9450 Expires Wed, 27 Jul 2022 04:58:49 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 5681 Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/jq14QgsLB5dkJpA-rbfbXcn5EUdSAgOZEtemQ7w0kco?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8438154208480086987	0 239 B	45ms 10ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8438154208480086987 Protocol HTTP/1.1 Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 66ef90d06496cfd000aab8206f2b6221 Content-Type image/gif Redirect headers date Tue, 26 Jul 2022 05:56:54 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8438154208480086987 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff
GET H2	200	setuid px.ads.linkedin.com/ Frame 5681 Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L61RMLPD-1T-FC6I	0 707 B	351ms 113ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L61RMLPD-1T-FC6I Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:54 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 4CC3967DCE04415EB4050E3D988370A6 Ref B: FRAEDGE1105 Ref C: 2022-07-26T05:56:54Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAXkrver0N5VP9h5/UgtpA== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L61RMLPD-1T-FC6I Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 4b510f0cc5fcbc9800016ef543086418 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 5681 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPdMzBXtXkeES63tvkPafHs&google_cver=1	0 239 B	47ms 9ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPdMzBXtXkeES63tvkPafHs&google_cver=1 Protocol HTTP/1.1 Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 66ef90d06496cfd000aab8206f2b6221 Content-Type image/gif Redirect headers pragma no-cache date Tue, 26 Jul 2022 05:56:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPdMzBXtXkeES63tvkPafHs&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	v1 ads.yahoo.com/cms/ Frame 5681 Redirect Chain https://token.rubiconproject.com/token?pid=26594 https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L61RMLPD-1T-FC6I&sigv=1&esig=2~fe03c7650b80e09a110e60811dfbb7da6ed2b633	0 194 B	237ms 20ms	Image text/plain	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L61RMLPD-1T-FC6I&sigv=1&esig=2~fe03c7650b80e09a110e60811dfbb7da6ed2b633 Protocol H2 Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:54 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block Redirect headers Location https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L61RMLPD-1T-FC6I&sigv=1&esig=2~fe03c7650b80e09a110e60811dfbb7da6ed2b633 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 66ef90d06496cfd000aab8206f2b6221 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	451	709414.gif id.rlcdn.com/ Frame 5681	0 98 B	132ms 41ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://id.rlcdn.com/709414.gif Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 26 Jul 2022 05:56:53 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5681 Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYxUk1MUEQtMVQtRkM2SQ== https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYxUk1MUEQtMVQtRkM2SQ==&google_tc=	170 B 188 B	112ms 44ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYxUk1MUEQtMVQtRkM2SQ==&google_tc= Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Tue, 26 Jul 2022 05:56:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 26 Jul 2022 05:56:53 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYxUk1MUEQtMVQtRkM2SQ==&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 299 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rubicon match.adsrvr.org/track/cmf/ Frame 5681	70 B 265 B	119ms 32ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/rubicon Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Tue, 26 Jul 2022 05:56:53 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame 5681 Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ptLa6D63QuKWMy6KB2T3KA&rk=usync-other https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ptLa6D63QuKWMy6KB2T3KA	43 B 556 B	37ms 36ms	Image image/gif	52.95.126.160 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ptLa6D63QuKWMy6KB2T3KA Protocol HTTP/1.1 Server 52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Tue, 26 Jul 2022 05:56:54 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid D4H65GX5SWV5187RRFR2 Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ptLa6D63QuKWMy6KB2T3KA Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 66ef90d06496cfd000aab8206f2b6221 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame AB6D	0 747 B	14ms 13ms	Script text/html	185.89.210.90 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Pragma no-cache Date Tue, 26 Jul 2022 05:56:54 GMT X-Proxy-Origin 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 1450f227-06fa-4ad4-88f0-e288c97aa49c Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT