ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ouo.io/8Uo4fOp
Effective URL:
https://ouo.press/8Uo4fOp
Submission: On April 05 via manual (April 5th 2024, 2:21:18 am UTC) from RU — Scanned from DE

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 31 domains to perform 79 HTTP transactions. The main IP is 2606:4700:10::6816:3afb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 287877.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2023. Valid for: a year.

This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:697	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:10:... 2606:4700:10::6816:3afb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	23.109.170.197 23.109.170.197	7979 (SERVERS-COM) (SERVERS-COM)
2	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
1	172.67.223.102 172.67.223.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.240.127.234 172.240.127.234	7979 (SERVERS-COM) (SERVERS-COM)
2 6	54.38.133.137 54.38.133.137	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	136.243.223.251 136.243.223.251	24940 (HETZNER-AS) (HETZNER-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2 5	54.38.133.136 54.38.133.136	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	172.67.193.52 172.67.193.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	2606:4700:10:... 2606:4700:10::6816:20ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.38.133.12 54.38.133.12	16276 (OVH) (OVH)
5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2 2	23.197.120.249 23.197.120.249	16625 (AKAMAI-AS) (AKAMAI-AS)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
4	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
4	172.67.68.162 172.67.68.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
2	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
4	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	172.67.138.13 172.67.138.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
79	35

1 2606:4700:10::ac43:697 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ouo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:3afb (United States)

ASN13335 (CLOUDFLARENET, US)

ouo.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.170.197 (Netherlands)

ASN7979 (SERVERS-COM, US)

cuplikenominee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.223.102 (United States)

ASN13335 (CLOUDFLARENET, US)

hhklc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)

attentionantecedentsuperb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.38.133.137 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip137.ip-54-38-133.eu

lv.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

belickitungchan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.223.251 (Eitensheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: psh5-2.1push.io

eu.can-get-some.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.38.133.136 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip136.ip-54-38-133.eu

adlv.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:20ac (United States)

ASN13335 (CLOUDFLARENET, US)

offerimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.133.12 (France)

ASN16276 (OVH, FR)
PTR: ip12.ip-54-38-133.eu

adlv.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.197.120.249 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-120-249.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.68.162 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.138.13 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	criteo.com gum.criteo.com — Cisco Umbrella Rank: 465 bidder.criteo.com — Cisco Umbrella Rank: 703	1 KB
6	adform.net adx.adform.net — Cisco Umbrella Rank: 5182 cm.adform.net — Cisco Umbrella Rank: 1159	2 KB
6	gemius.pl 2 redirects adlv.hit.gemius.pl — Cisco Umbrella Rank: 314381	22 KB
6	adocean.pl 2 redirects lv.adocean.pl — Cisco Umbrella Rank: 298056	43 KB
6	ouo.press ouo.press — Cisco Umbrella Rank: 287877	32 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 702	111 KB
4	setupad.com node.setupad.com — Cisco Umbrella Rank: 59567	961 B
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 715	811 B
4	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 49082	2 KB
4	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1011 eus.rubiconproject.com — Cisco Umbrella Rank: 593	272 B
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 2045	52 KB
4	belickitungchan.com belickitungchan.com — Cisco Umbrella Rank: 473015	34 KB
2	adxbid.info adxbid.info — Cisco Umbrella Rank: 18414
2	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 17297	4 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7270	343 B
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 719	400 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 501	881 B
2	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 50049	276 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	221 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	883 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1567	239 B
1	offerimage.com offerimage.com — Cisco Umbrella Rank: 42529	30 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 25850	479 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 27102	8 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 13449	540 B
1	can-get-some.in eu.can-get-some.in — Cisco Umbrella Rank: 287751	19 KB
1	attentionantecedentsuperb.com attentionantecedentsuperb.com — Cisco Umbrella Rank: 323679
1	hhklc.com hhklc.com — Cisco Umbrella Rank: 369366	3 KB
1	cuplikenominee.com cuplikenominee.com — Cisco Umbrella Rank: 330035	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	855 B
1	ouo.io 1 redirects ouo.io — Cisco Umbrella Rank: 103148	2 KB
79	31

	Domain	Requested by
6	adlv.hit.gemius.pl	2 redirects lv.adocean.pl ouo.press adlv.hit.gemius.pl
6	lv.adocean.pl	2 redirects ouo.press lv.adocean.pl
6	ouo.press	ouo.press
5	gum.criteo.com	stpd.cloud static.criteo.net
4	static.criteo.net	stpd.cloud static.criteo.net
4	node.setupad.com	ouo.press
4	onetag-sys.com	stpd.cloud
4	prebid-stag.setupad.net	stpd.cloud
4	adx.adform.net	stpd.cloud
4	script.4dex.io	stpd.cloud script.4dex.io
4	belickitungchan.com	hhklc.com belickitungchan.com
2	adxbid.info	stpd.cloud
2	cm.adform.net	ouo.press stpd.cloud
2	bidder.criteo.com	stpd.cloud
2	rtb.adxpremium.services	stpd.cloud
2	prebid-eu.creativecdn.com	stpd.cloud
2	prebid.a-mo.net	stpd.cloud
2	eus.rubiconproject.com	ouo.press
2	secure-assets.rubiconproject.com	2 redirects
2	id5-sync.com	stpd.cloud
2	stpd.cloud	ouo.press
2	www.google.com	ouo.press www.gstatic.com
1	cadmus.script.ac	script.4dex.io
1	offerimage.com	ouo.press
1	fleraprt.com	tzegilo.com
1	tzegilo.com	belickitungchan.com
1	fonts.gstatic.com	fonts.googleapis.com
1	my.rtmark.net	belickitungchan.com
1	eu.can-get-some.in	hhklc.com
1	www.gstatic.com	www.google.com
1	attentionantecedentsuperb.com	ouo.press
1	hhklc.com	ouo.press
1	cuplikenominee.com	ouo.press
1	fonts.googleapis.com	ouo.press
1	ouo.io	1 redirects
79	35

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cuplikenominee.com R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
hhklc.com E1	`2024-03-02` - `2024-05-31`	3 months	crt.sh
attentionantecedentsuperb.com R3	`2024-03-28` - `2024-06-26`	3 months	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2024-01-29` - `2025-02-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
belickitungchan.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
eu.can-get-some.in R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2024-03-30` - `2024-06-28`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-13`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2023-09-14` - `2024-09-25`	a year	crt.sh
stpd.cloud E1	`2024-03-09` - `2024-06-07`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-07` - `2025-04-03`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
setupad.net E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.a-mo.net R3	`2024-03-06` - `2024-06-04`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-05`	a year	crt.sh
script.ac E1	`2024-02-26` - `2024-05-26`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
node.setupad.com R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
adxbid.info E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://ouo.press/8Uo4fOp
Frame ID: F7CA077C3596B4D8B9FF99DC422CC188
Requests: 29 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 008B9BC44F4C2C6B5D9F7492E0EFF517
Requests: 18 HTTP requests in this frame

Frame: https://adlv.hit.gemius.pl/gdejs/xgde.html
Frame ID: BDFDB433FF283FDBD6FBC1A3B195D18D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 6C76EC5F54FF8AD8E8A043838DBBAB50
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 912796ECDB4B466B60723AB07230F8DE
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=ypwg21d1llfb
Frame ID: 7F85FAF5E8EB2B68ACCB7CA770BFBCC7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 1FE4CBECDD58DB12ED881667EAD28CDD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: 0764C857999DA9F1E42A3AC3592AF48D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1712283674171
Frame ID: 0A231C0755D3BEC335ECBB0C2B727CE2
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 24BD3BC019D53A421FFE242838CA689F
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 0A1DBA1E0792CC2528877F96DED630E6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1712283674170
Frame ID: E009673015C54EF4605687CFE9B9A2EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

https://ouo.io/8Uo4fOp HTTP 302
https://ouo.press/8Uo4fOp Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdOcean (Advertising) Expand

Overall confidence: 80%
Detected patterns

adocean\.pl

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

79
Requests

99 %
HTTPS

30 %
IPv6

31
Domains

35
Subdomains

35
IPs

6
Countries

866 kB
Transfer

2516 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ouo.io/8Uo4fOp HTTP 302
https://ouo.press/8Uo4fOp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://lv.adocean.pl/_1712283672692/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600 HTTP 301
https://lv.adocean.pl/__/_1712283672692/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600 HTTP 301
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712283672%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7%2Fx%3D800%2Fy%3D600 HTTP 301
https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712283672%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7%2Fx%3D800%2Fy%3D600 HTTP 301
https://lv.adocean.pl/___/_1712283672/ad.js?hclsdata=&hcudata=uKralo.pwGV8IP4.km06cfRtWGAdqNV4JZ4rtLwig1z.U7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600

Request Chain 32

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 49

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 8Uo4fOp Show response
ouo.press/
Redirect Chain

https://ouo.io/8Uo4fOp
https://ouo.press/8Uo4fOp

8 KB
5 KB

314ms
222ms

Document
text/html

2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/8Uo4fOp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2d93e8ef9db4f5af8e87f9d459a09ebcba14e7f249607e91bdd06fb5eb967a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 86f610359def37f5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 Apr 2024 02:21:12 GMT
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 86f610330a7518f1-FRA
content-type: text/html; charset=UTF-8
date: Fri, 05 Apr 2024 02:21:11 GMT
location: https://ouo.press/8Uo4fOp
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 1 KB
855 B 137ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: ouo.press
URL: https://ouo.press/8Uo4fOp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 02:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 02:20:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 02:21:12 GMT

GET
H2 200 bootstrap.css
ouo.press/css/ 107 KB
19 KB 54ms
52ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/bootstrap.css

Requested by

Host: ouo.press
URL: https://ouo.press/8Uo4fOp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/8Uo4fOp
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23219
cf-polished: origSize=109522
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Sat, 14 Feb 2015 06:58:04 GMT
server: cloudflare
etag: W/"54def1fc-1abd2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 86f610370ea137f5-FRA
expires: Fri, 05 Apr 2024 07:54:13 GMT

GET
H2 200 link-safe.css
ouo.press/css/ 6 KB
2 KB 56ms
54ms Stylesheet
text/css 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/css/link-safe.css

Requested by

Host: ouo.press
URL: https://ouo.press/8Uo4fOp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/8Uo4fOp
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10492
cf-polished: status=cannot_optimize
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 02 Oct 2019 21:46:54 GMT
server: cloudflare
etag: W/"5d951ace-1830"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 86f610370ea237f5-FRA
expires: Fri, 05 Apr 2024 11:26:20 GMT

GET
H/1.1 200
OK 48786 Show response
cuplikenominee.com/1clkn/ 6 B
1 KB 179ms
45ms Script
application/javascript 23.109.170.197
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cuplikenominee.com/1clkn/48786

Requested by

Host: ouo.press
URL: https://ouo.press/8Uo4fOp

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.197 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 02:21:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
883 B 131ms
50ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: ouo.press
URL: https://ouo.press/8Uo4fOp

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

GSE /

Resource Hash

d2955f1dd2acef625bf6655a588fa3584a4c3a7e2f74830ad2d9a1e5a9acbee8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 05 Apr 2024 02:21:12 GMT

GET
H3 200 c.js Show response
hhklc.com/ 12 KB
3 KB 161ms
54ms Script
application/javascript 172.67.223.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hhklc.com/c.js
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.223.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec4a74682b74e577b647c390bc60fe3a7fa41efb622f58a8741112e5bfa3d4f5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 09:28:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1316
etag: W/"64d5ff4f-3165"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3btXvm9kjjBALkUpwuTVC0%2BbHyIq2iK0xF0JbiNqb2r8IrLyK6IMhanZZ9MFvPi7uaYts0TWgLZRoCFyzx7yyrjPNTzauIZlkj7Rrh9A%2Fi%2FNBm93syzGwfHtuXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86f6103899f900d4-CDG
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Apr 2024 02:44:16 GMT

GET
H/1.1 403
Forbidden ed36014633829dc70a42dccaefdf3f11.js
attentionantecedentsuperb.com/ed/36/01/ 0
0 549ms
124ms Script
application/javascript 172.240.127.234
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://attentionantecedentsuperb.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 02:21:12 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 aomini.js Show response
lv.adocean.pl/files/js/ 8 KB
4 KB 174ms
55ms Script
application/x-javascript 54.38.133.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/js/aomini.js
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS: ip137.ip-54-38-133.eu
Software: GAD /
Resource Hash: 97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2024 13:26:09 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag: "00001FCFAF20B624"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, must-revalidate, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3211
expires: Fri, 05 Apr 2024 06:21:12 GMT

GET
H2 200 world.png
ouo.press/images/ 5 KB
6 KB 56ms
55ms Image
image/png 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ouo.press/images/world.png

Requested by

Host: ouo.press
URL: https://ouo.press/8Uo4fOp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4db4bac474698c5d55f46092b8d727ad156a6a0fe52cbc8326a4003859f1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/8Uo4fOp
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 638978
cf-polished: origSize=5692
content-length: 5590
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 May 2015 05:02:52 GMT
server: cloudflare
etag: "5549a07c-163c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86f610370ea437f5-FRA
expires: Sat, 27 Apr 2024 16:51:34 GMT

GET
H2 200 email-decode.min.js Show response
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
830 B 44ms
43ms Script
application/javascript 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ouo.press
URL: https://ouo.press/8Uo4fOp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/8Uo4fOp
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
server: cloudflare
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 86f610370ea537f5-FRA
expires: Sun, 07 Apr 2024 02:21:12 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 501 KB
201 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:41:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205471
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Apr 2025 17:41:59 GMT

GET
H2 200 5774619 Show response
belickitungchan.com/400/ 79 KB
31 KB 202ms
93ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://belickitungchan.com/400/5774619

Requested by

Host: hhklc.com
URL: https://hhklc.com/c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f1c071c8dc0796882048a9d52fef858c5df9f633d3f4b97daeb245df85d31a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: af7a161be1875c0430277d1afbd8d4b4
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 908325 Show response
eu.can-get-some.in/p/ 57 KB
19 KB 142ms
43ms Script
application/javascript 136.243.223.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.can-get-some.in/p/908325?c=zc_908325
Requested by: Host: hhklc.com
URL: https://hhklc.com/c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.223.251 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: psh5-2.1push.io
Software: nginx /
Resource Hash: dd4342907ff08233c8d92fb091f21a6d7b5395b17cfa1ab511f8518ef6e5e19e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
content-encoding: gzip
server: nginx
content-length: 19048
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 155ms
49ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: belickitungchan.com
URL: https://belickitungchan.com/400/5774619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b136bd32495c98d4ecbc0f093b48041d5ac8954437f4cc036eb9c1a2949dbe80

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2

200

ad.js Show response
lv.adocean.pl/___/_1712283672/
Redirect Chain

https://lv.adocean.pl/_1712283672692/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600
https://lv.adocean.pl/__/_1712283672692/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712283672%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7%2F...
https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F___%2F_1712283672%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DdQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7...
https://lv.adocean.pl/___/_1712283672/ad.js?hclsdata=&hcudata=uKralo.pwGV8IP4.km06cfRtWGAdqNV4JZ4rtLwig1z.U7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600

58 KB
18 KB

57ms
56ms

Script
application/x-javascript

54.38.133.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/___/_1712283672/ad.js?hclsdata=&hcudata=uKralo.pwGV8IP4.km06cfRtWGAdqNV4JZ4rtLwig1z.U7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Server: 54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS: ip137.ip-54-38-133.eu
Software: GAD /
Resource Hash: 6f63da1af1bde11f65555f6516789beba1619afed2b911a1bbac292082f42df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:13 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17759
expires: Thu, 04 Apr 2024 02:21:13 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:13 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://lv.adocean.pl/___/_1712283672/ad.js?hclsdata=&hcudata=uKralo.pwGV8IP4.km06cfRtWGAdqNV4JZ4rtLwig1z.U7&id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 04 Apr 2024 02:21:13 GMT

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 19 KB
19 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 13:51:16 GMT
x-content-type-options: nosniff
age: 304196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19292
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Apr 2025 13:51:16 GMT

GET
H2 200 5774619 Show response
belickitungchan.com/400/ 2 KB
1 KB 48ms
48ms XHR
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://belickitungchan.com/400/5774619?oo=1&oaid=29936a6645564cd788e9f864b64af98e&sw_version=v1.333.0

Requested by

Host: belickitungchan.com
URL: https://belickitungchan.com/400/5774619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c919ef3f66632db6ee290f25aaf6d6a921ac22bbedff5a62f20bc0816df508e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:12 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 8f3086174bafbc8635052cf877f8edcc
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/json
access-control-allow-origin: https://ouo.press
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 stattag.js Show response
tzegilo.com/ 19 KB
8 KB 172ms
55ms Script
application/javascript 172.67.193.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: belickitungchan.com
URL: https://belickitungchan.com/400/5774619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 299
etag: W/"65c37cc1-4ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWCGWqSeJIlqBh4pPO5ntyIsH8s1WaP6bZmc1HEJyPKwWA%2F0FmIJcs%2BrJj02gSwvGsovVrWbbu6BAniyiobNhQSx6lCWTbgEpoiPCsulm%2FYJw%2FoGe0jbBb%2FDyW%2FkvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86f6103c4f18009c-CDG
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
479 B 164ms
47ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=997c6054-2b5b-451a-b589-9ebb5761ebcb
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 Apr 2024 02:21:13 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ouo.press
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 5774619 Show response
belickitungchan.com/500/ 2 KB
2 KB 139ms
139ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://belickitungchan.com/500/5774619?excludes=&oaid=29936a6645564cd788e9f864b64af98e&fs=0&cf=0&sw=800&sh=600&sah=600&wx=770&wy=570&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1113&wfc=0&pl=https%3A%2F%2Fouo.press%2F8Uo4fOp&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&browser_version=123.0.6312.105&js_build=8&sw_version=v1.333.0

Requested by

Host: belickitungchan.com
URL: https://belickitungchan.com/400/5774619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a810b797ff066e79697f176591b393574e481c18670c54c0daf3cf4d31827bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Apr 2024 02:21:13 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 0b8bcb6b3a96c61032478eafffb6e3a7
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://ouo.press
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 5774619
belickitungchan.com/500/ Frame 0
0 138ms
46ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ouo.press
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ouo.press
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Fri, 05 Apr 2024 02:21:13 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 84a09920cfb8fc96bdd308ed7d0b7140.png
offerimage.com/www/images/ 30 KB
30 KB 142ms
52ms Image
image/png 2606:4700:10::6816:20ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/84a09920cfb8fc96bdd308ed7d0b7140.png
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:20ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87a6b2070219676b8743b827b49c5f5a017960eabb29ea3720a925d8ca1bad4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:13 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Mar 2023 22:57:30 GMT
server: cloudflare
age: 49711
etag: "64124d5a-7763"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86f6103f2cef1e62-FRA
content-length: 30563
expires: Fri, 05 Apr 2024 12:32:42 GMT

GET
H2 200 xgde.js Show response
adlv.hit.gemius.pl/gdejs/ 57 KB
20 KB 58ms
58ms Script
application/x-javascript 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/_1712283672692/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:13 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 10:41:21 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag: "660E83D10000E4B16AE93791"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 20487
expires: Fri, 05 Apr 2024 06:21:13 GMT

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1712283673565/redot.js/id=B8Cbu6NpbNcuC50y1IAlgJeCfbuUe_8uTCBghdA2d6..O7/stparam=unjqkqfkog/fastid=avfaazwfeurhrrmqafxzbtsecfle/sarg=660F6018EF3AF7E3;/inner=%7Cao_uniq%3Dbmzommn... 2 B
331 B 58ms
58ms Ping
application/x-javascript 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1712283673565/redot.js/id=B8Cbu6NpbNcuC50y1IAlgJeCfbuUe_8uTCBghdA2d6..O7/stparam=unjqkqfkog/fastid=avfaazwfeurhrrmqafxzbtsecfle/sarg=660F6018EF3AF7E3;/inner=%7Cao_uniq%3Dbmzommnktmknqthkdedgicfh%7C;/extra=;
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:13 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://ouo.press
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Thu, 04 Apr 2024 02:21:13 GMT

GET
H2 200 aomini.js Show response
lv.adocean.pl/files/js/ 8 KB
3 KB 56ms
55ms Script
application/x-javascript 54.38.133.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/js/aomini.js
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS: ip137.ip-54-38-133.eu
Software: GAD /
Resource Hash: 97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2024 13:26:09 GMT
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag: "00001FCFAF20B624"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: public, must-revalidate, max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 3211
expires: Fri, 05 Apr 2024 06:21:13 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 008B 480 KB
138 KB 153ms
61ms Script
application/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stpd.cloud/assets/postbid/stpd220112.js

Requested by

Host: ouo.press
URL: https://ouo.press/8Uo4fOp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1460
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"779c38b2063034c2c2b61db7ee6d9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUwvR9WsYvCNROXdp4aT1200A2ZI4bWQKtVVjuojRS8SvoZdYZQ5JmU6d9nw5WbVbuCa0xZYoVlauPjYRhLrmi2WFShKd1ueK5MQnj%2FPOiNBERrJwtmVp8fNJVvC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 86f610408c2f65d7-FRA
expires: Fri, 05 Apr 2024 02:41:13 GMT

GET
H2 200 ad.js Show response
lv.adocean.pl/_1712283673679/ 58 KB
18 KB 56ms
56ms Script
application/x-javascript 54.38.133.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/_1712283673679/ad.js?id=YbUA6N7cNz9F6GxHWqFrIIqnY82LPxH9oFpJRiL7BGf.z7/x=800/y=600
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/js/aomini.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS: ip137.ip-54-38-133.eu
Software: GAD /
Resource Hash: fcd9f50d03a702af7e312e0e1a99c57b4357fe4fa8cf8364682bf75937ebaf83

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:13 GMT
content-encoding: gzip
server: GAD
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17797
expires: Thu, 04 Apr 2024 02:21:13 GMT

GET
H2 200 xgde.html
adlv.hit.gemius.pl/gdejs/ Frame BDFD 0
0 271ms
155ms Document
text/html 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges: none
cache-control: public, max-age=14400
content-encoding: gzip
content-length: 215
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Apr 2024 02:21:13 GMT
etag: "5996D7A50000012F9178E011"
expires: Fri, 05 Apr 2024 06:21:13 GMT
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 159ms
46ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ouo.press
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 05 Apr 2024 02:21:13 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 198491
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 008B 4 KB
2 KB 140ms
55ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 02:21:14 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 19 Mar 2024 11:02:28 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 887368
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCIup%2FLqYugVfLwQeTID%2FojSiBxWBMucDQ4zzwY%2FM27Al2KPAtBR7SzXSDO7WYymthAIyxZdiN5iQWYI3mdntI03nOKkMw6%2F94rkDrCt%2Bk9OeHNr4oN0If3XbfPCOfFiczBZdGLHHhdNVqx2"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 86f610430e83bbb6-FRA

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 008B 2 B
368 B 135ms
47ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 250969
expires: 0

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ Frame 008B 251 B
441 B 126ms
40ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

14e0e8a2d0e31edc8968bb791a682699989f69d3961d491a7e6199780236587b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Fri, 05 Apr 2024 02:21:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 6C76
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

0
0

155ms
40ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Apr 2024 02:21:14 GMT
ETag: "28052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 05 Apr 2024 02:21:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1712283673993/redot.js/id=B8Cbu6NpbNcuC50y1IAlgJeCfbuUe_8uTCBghdA2d6..O7/stparam=tedffjkqmb/fastid=cvydmcccpmcfzydyqveolvtozznk/sarg=660F6018EF3AF7E3;/inner=%7Cao_uniq%3Dnmrjlgj... 2 B
339 B 58ms
58ms Ping
application/x-javascript 54.38.133.136
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1712283673993/redot.js/id=B8Cbu6NpbNcuC50y1IAlgJeCfbuUe_8uTCBghdA2d6..O7/stparam=tedffjkqmb/fastid=cvydmcccpmcfzydyqveolvtozznk/sarg=660F6018EF3AF7E3;/inner=%7Cao_uniq%3Dnmrjlgjowmmpougodedgicfh%7C;/extra=;
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.136 , France, ASN16276 (OVH, FR),
Reverse DNS: ip136.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://ouo.press
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 2
expires: Thu, 04 Apr 2024 02:21:14 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 9127 480 KB
138 KB 58ms
58ms Script
application/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stpd.cloud/assets/postbid/stpd220112.js

Requested by

Host: ouo.press
URL: https://ouo.press/8Uo4fOp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1461
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"779c38b2063034c2c2b61db7ee6d9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUwvR9WsYvCNROXdp4aT1200A2ZI4bWQKtVVjuojRS8SvoZdYZQ5JmU6d9nw5WbVbuCa0xZYoVlauPjYRhLrmi2WFShKd1ueK5MQnj%2FPOiNBERrJwtmVp8fNJVvC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 86f610429cfc65d7-FRA
expires: Fri, 05 Apr 2024 02:41:14 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 7F85 0
0 143ms
66ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=ypwg21d1llfb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6jgVFMMfsCqHaQ3oqckBSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6jgVFMMfsCqHaQ3oqckBSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 Apr 2024 02:21:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 136ms
39ms Preflight 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ouo.press
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ouo.press
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Fri, 05 Apr 2024 02:21:14 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 008B 297 B
480 B 178ms
86ms XHR
application/json 172.67.68.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159a1c5a38b86c941b92007474ff01e949ae22f18e8496452888cf10a9507c52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8G5AFCEwr93a0d9Csxj5ZH0L98dbHwK4ViRyvgaiopsDhBImBo7z2gXQh7JlQHtzaryMEuXDFAwPbjHj4D%2FbBO3Ei48Yhwvx%2F6r%2FgSfFcHuubkkdIUjp5yKfd2411pgHDYQ7e3hae5fY"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 86f610436f8868ef-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 008B 236 B
500 B 230ms
138ms XHR
application/json 172.67.68.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48861a028d751f66a47c3a58a208f14e6dcc4dc3cf52f9e273344a84178d9e56

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.259.0
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzr%2BN3QIojwWwrJHJ%2Fi%2BCreIOzWovwN0nCF3oexy1AwXsebWjGlE2cYu0dcKJ97uhHWEQVeip%2FIRmcVQGAonSf3rME0yB%2FuuNoby%2F%2BJXS3Q%2BCHc265EVbBBkzk5D1c2LJhJJJVp3DrQL"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 86f610436f8768ef-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 008B 0
270 B 149ms
43ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Fri, 05 Apr 2024 02:21:13 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 008B 0
526 B 166ms
86ms XHR
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 008B 0
172 B 136ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Fri, 05 Apr 2024 02:21:14 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 008B 15 B
406 B 128ms
40ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://ouo.press
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 008B 2 KB
2 KB 192ms
99ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 6555650189071c816aa33e481f70930c6d8a7ef106ac8df1b096e828d65ce261

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Apr 2024 02:21:14 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1836
Expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 008B 0
188 B 137ms
42ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=34843628611

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Fri, 05 Apr 2024 02:21:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 68ms
45ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ouo.press
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 05 Apr 2024 02:21:13 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 211176
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 9127 4 KB
2 KB 93ms
45ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 02:21:14 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 19 Mar 2024 11:02:28 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 887368
ETag: W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSHj6dcpXPTmdL6pBV0bfIUOc1A47hsZ381%2BdPw4CLmtjWZeJV3n1hBRVpxswBizbR59hT5SAdfXl8dRics52oph4dSbqPSonLM3slVpdEcCdNs4ZMXS2uR0z%2BCzryUET4o%2BrWVlkVrmqlbx"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 86f610436e9fbbb6-FRA

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 9127 2 B
367 B 137ms
48ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 247646
expires: 0

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ Frame 9127 251 B
440 B 40ms
40ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

d93ccfe3fc769ba3c34edb6a035720822a2e91b5e3a3538748e56666d3f9d6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Fri, 05 Apr 2024 02:21:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 1FE4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

0
0

156ms
40ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Apr 2024 02:21:14 GMT
ETag: "28052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 05 Apr 2024 02:21:14 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
239 B 131ms
49ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:14 GMT
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
server: cloudflare
age: 0
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray: 86f61043eab219a9-FRA
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 008B 77 KB
24 KB 132ms
50ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abec9675ccbcc67ee7c27ebd055e2b2fd26f7dc327aa8b0dd6bfa2518b6e1655

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 02:21:14 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 874588
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Mar 2024 11:02:27 GMT
Server: cloudflare
ETag: W/"c3fc4a39a56dcbe4b478f040dd8427cf"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Bz%2BEZfli%2BEgZfMgUtmDe2ZgbPeQt29%2BC9Fe%2Fk7wXbUr%2BcdWQBvLjd7GpBEehequ51PgUK75ICiKF8000YWxANK8aSj1wtYtdAfgC0vVTEDs3F2vHV0lxstMeoIhWNIHAHBCyfT6xbzmPfyW"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 86f61043ed475d84-FRA

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 48ms
39ms Preflight 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ouo.press
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ouo.press
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Fri, 05 Apr 2024 02:21:14 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 9127 297 B
722 B 63ms
60ms XHR
application/json 172.67.68.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159a1c5a38b86c941b92007474ff01e949ae22f18e8496452888cf10a9507c52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BkVd4wHwvrQWNGPazaeyJuJ%2Fyw37KVmTUY%2Bqog%2BpuG43fR2kgML%2BMyU9zQKeENR4pZoVHSS5S40pej61VOKY6SEWUBpjWblb26cmAGuM9EM%2FpPHTMaGSvKt1yMA4V%2Bo%2FSz8%2FK1AXWUzh"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 86f610436f8968ef-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 9127 236 B
465 B 179ms
176ms XHR
application/json 172.67.68.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9673c979e2e6898e00ff7a4dd0a10773be35405418b03da707c1184dcf7929ef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.259.0
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gjd7Q66GIqHWiIvMOD73UolwfcYG2YXYHZf%2F0jsqVUpOwe1C7BjeQsUIQ6KIyYbITcXgHTl%2BKa1yHW2i8XuSO7NhTXgzr988S%2BKxdv0lcYUcpKKAilB1DI2jvFrOV1yYUB6nuQ55qUIF"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 86f610436f8a68ef-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 9127 0
130 B 61ms
44ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Fri, 05 Apr 2024 02:21:13 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9127 0
187 B 52ms
42ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=37237869367

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Fri, 05 Apr 2024 02:21:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 9127 0
527 B 164ms
84ms XHR
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ouo.press
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9127 0
171 B 49ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
date: Fri, 05 Apr 2024 02:21:14 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 9127 2 KB
2 KB 186ms
104ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c0efac061a076db70cac7a54123c2b27537ccfe836312e835750e2085cb28546

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 05 Apr 2024 02:21:14 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1836
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 9127 15 B
405 B 41ms
40ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://ouo.press
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 9127 77 KB
24 KB 130ms
52ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abec9675ccbcc67ee7c27ebd055e2b2fd26f7dc327aa8b0dd6bfa2518b6e1655

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 02:21:14 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 874588
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 19 Mar 2024 11:02:27 GMT
Server: cloudflare
ETag: W/"c3fc4a39a56dcbe4b478f040dd8427cf"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9q99fpXBaFmxrFUOmvXyZswEvvVk1zvicI0rrSQx1C2pA1i%2Fg1AgJyZ%2FePj6hnv5BcsAXvDwYkBn6L%2FXy2sT9i2lnX8NrrGuIWGHUorj4BqHWl35xkn3IV1%2B1e%2FKsNkHUOnB8KR6F0tlnCg"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 86f610442d214d58-FRA

GET
H2 200 cookie
cm.adform.net/ Frame 9127 35 B
482 B 145ms
45ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:14 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 cookie
cm.adform.net/ Frame 008B 35 B
484 B 118ms
43ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:14 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 9127 0
240 B 132ms
41ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 9127 0
240 B 132ms
41ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 008B 0
240 B 129ms
40ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 008B 0
241 B 127ms
39ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: ouo.press
URL: https://ouo.press/8Uo4fOp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 02:21:14 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

GET
H2 200 favicon.ico
ouo.press/ 0
172 B 52ms
52ms Other
image/x-icon 2606:4700:10::6816:3afb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo.press/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/8Uo4fOp
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 14 Feb 2015 06:41:24 GMT
server: cloudflare
age: 19
etag: "54deee14-0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 86f610475e9837f5-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 008B 87 KB
28 KB 194ms
90ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 02:21:17 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 9127 87 KB
28 KB 142ms
124ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 02:21:17 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 0764 0
0 140ms
50ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 Apr 2024 02:21:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 357482
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 008B 87 KB
28 KB 168ms
85ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 02:21:17 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 9127 87 KB
28 KB 182ms
124ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 02:21:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 02:21:17 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 0A23 0
0 118ms
40ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1712283674171

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3 200 sync-all.html
adxbid.info/ Frame 24BD 0
0 123ms
63ms Document
text/html 172.67.138.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86f61058cbf222b7-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 05 Apr 2024 02:21:17 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYa0yIcx3Tkn3ZG9u5bBs79pUYR4zVA2sZVVdPLKw90VHXpeBUBpUA8ywp1PtTcUzgkAOUZFaw3aQHsPmOkvOseSMCZsz0iFTe1y6rxuhJMiVshWueRdN8MfChLQxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 sync-all.html
adxbid.info/ Frame 0A1D 0
0 144ms
85ms Document
text/html 172.67.138.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86f61058cbf322b7-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 05 Apr 2024 02:21:17 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkkPdvc5Tcur1LvyqmOGquF%2FZLtOJevig7b83Sv9ROtxGw9Xbxgsm%2BU9VAHnoQ379u1NiQc8yTiWjZS5uj47J4CcVfZaaiyZMlk9tQi3ddqKzbnxXLSG54NasEXoJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 204 /
onetag-sys.com/usync/ Frame E009 0
0 112ms
40ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1712283674170

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:57:15	Name: _GRECAPTCHA Value: 09ACaWMhxO0fzTIRQsKAO9MEqpS9snNACnhhXgME-MTPCSC05mPDONQEvnrr6h-lkGaxMG6XaiwJMxEhGc2-Lov3s
ouo.io/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6Ink3TW9xXC9QUHNSZGRFc0VvQ1o3QlpzbnkrOE5LZGFDZ25pa3VDUnFHYjFVPSIsInZhbHVlIjoiUExuXC9qTjJneHFzQU9oVUdsSWNKckl1YTZ6V1ZEc1c4akR6UStQNm9pNHZxZjhHUWVsUG9QMUNyYVdvMVRndHJmTmhMbEFXSVwvM2hDbEFyVG9ET2xGQT09IiwibWFjIjoiZDY4ZWIzYjk1OGI3ZjJhZGE0ZDlmMjhkOTU2MjAwNzlkNzM4YWI2NzQwYmNiODdiZjM1M2FmYzhjOGE2MGI5YyJ9
ouo.io/	1970-01-21 05:14:03	Name: language Value: eyJpdiI6Im9RWXdLRFhZbnRrV0ZKS0EzTGhheVNqT2V4OVl0MWFvNlltVHZQcHc3MGs9IiwidmFsdWUiOiJ4dklzSjI3clhsTUxrWHNhXC9SU0pXUkkyUDVLRUpaUmNnQ2pXYnpVTGFkST0iLCJtYWMiOiJhMmEyZjUwZmM4N2NmZmZmYjA5YjNmNDE1MTUyZDc2MDllNTAzZTdiNzU2MjJkMWEzOGMxNWVhYTRkYzg1ZTk0In0%3D
ouo.io/	1970-01-20 19:38:10	Name: f698b51f2b10fa687a293000e306a112b15685b9 Value: eyJpdiI6ImJVRWJYWHFoVXprRnIzXC9odFVkQ01PaXR2WjN0T25COHhCRFRxbzJCald3PSIsInZhbHVlIjoidXFGT09naFh5TktOWEw4d0twUmVPWWVramZCOEYrQUxjXC9CYU9GeHZYQVN5OHFUbnV5WERTdGJKWlFZMVwvczg1YVJEZjAxSlFEdEh4VUNVZnRnMkFmZXFsUFN2M1lUc0FFb3lkZjFSM0VCbzNtVTExb2FiOWhxUW5tTTArOEhuVWRkelVNRjRaUFplXC9xTUxxVHd4WU9TUkFmdGZSWlJ0T1Y4cHFLWG9LM010YWdURnhLNEJZYmk2TERjTzdMRmp4cWZwVnRGajJiM3NYcjVjM3dzZm52eHFJalNkajY3N0dlaFwvRjJzdGRRbENJcU1pWitFSmtBWjFMSDNZaXdQaHB0MEdDWnNQTFJaZEErbzRaNXJkR0NjdElkdmJvOGlzam9lNUtUVkZIbmxBOU00cUFZMzMxVzZ0dzgzT1NxSG96VjVEeGRDSUFRZm95dHYyWFFYa252QT09IiwibWFjIjoiNmMzYTJjOGRiMGIyNTNjM2RiMjYxYTk3Yzk2YzI2YjQxN2QzY2M1NDc3ZjVhZGZhZTY0NDY5OTQ1MDA4YzRlYiJ9
.ouo.io/	1970-01-20 19:38:05	Name: __cf_bm Value: 7VdRxlvZELsJu0KQ4TsRr48hmvBC8W1SImRLtflS5NM-1712283671-1.0.1.1-33h68FijMqw_ovKnEoPL46N0LrhZsfNZcnj.rJIAW5E4AzOC21mfyT7IsIhHHTw5ZySJoWrC7kv4v01LX16hUg
ouo.press/	1969-12-31 23:59:59	Name: ouoio_session Value: eyJpdiI6IlhEUjVNRmFTelZMNmhGVXFhTWhWeFcrS2VWcnBwV21ZNmU0NnlZZEVpRk09IiwidmFsdWUiOiJDOXhnWm9Hc3k5WThndkN5d29ySmdwRFhubEEyXC9tS0lscG9Gd2NWYXV4M213Mzhuc1Y3dmxGRVJ5OENOVjVzeFUzWUVJT0haSEk5bEJRNmhcL2RleTJRPT0iLCJtYWMiOiJmMzRkMDRjMDk1ZTBmMTMxMDVjN2U3MDQwOWM3N2U1NjJlZjI0NDNhNjY5MzlmYmNjNTljZWQyYzJjOTJjY2Y0In0%3D
ouo.press/	1970-01-21 05:14:03	Name: language Value: eyJpdiI6IlpQUGpXOGdGaW5rOHZNMFZXellcL3JJc29heTlcL3Noc2tvaXhoS2VNU0wxcz0iLCJ2YWx1ZSI6InhIV3laVndGOWluXC9ZUFZaOEhLVkNFSVdUM21SYisxZEtlSTdnUlR3aGMwPSIsIm1hYyI6IjA3ODBjMzVjOTYzNTVlZDEwYzk5OTA4ZWVjZGM5YzAxNDc0ZTMwYTI2YWFhZWY0ZWNlN2Y1ODA5MjFkZDZkYjMifQ%3D%3D
ouo.press/	1970-01-20 19:38:10	Name: 8ea3a60d358dfc5c86c597ccbbd234fb45e8eabc Value: eyJpdiI6IkxEcHpoOTdQbFRrSlN0RGpiWjF4VldCSDVESkhPUkMxcE5xYXhkS1R5YUk9IiwidmFsdWUiOiJGQU1nVWhDMDJ2UnZ1UjlSeHNEWlwvcVwvVDdYNXhUaDRrbW1XOVpjRkoxVFlmbDNYWEZ1elkzZkNMdWJwSktVaVg4WWxsNTJrM0FnbmsrVzRFWTAzNHluRWo2bW5pNFQwd0RHOWJGUmMyXC9qc05PUmZpQ0dxUjZMYWhiTGxwSm45OHkzNHBKRnFCMWxvQWlkR1d2c3g0UGF4XC9STWhISmVYa1B0NHVvSUVIQTVvV0VuN0V0cVwvd2ZkRHZtbzczVUVTNnlcL1dMcEJVMnlDbHVOdTl3d2VlT0NhVUd3M2xKbEEwWmpLSFlBYXpQekV2c3orbFBzdG5GaWpGRVkwNUNOSExEU0k3bWMyblZRazdjUTUwcFJYTWVIeVlXcmxTNXpOdUppdXJaeUI4XC93UW8xWTFKakM3M2hWQ0ZrOXhyUEdnN3F2K1wvdzJxU0MwQnVaS2phREQ3ZkpYUWJUeHVZVDNCSStsK2prcFVaQ1pOYmlRNUlTem9PbGJRZ1FKYTZybngzRSIsIm1hYyI6ImQ4ZGNiYzU1ZTY1ZGFkZjc2ZTQ3OGI4ZDBiMWM3YjhjMjY2YzU2MWNmNmMwODgwNTRmYzEwNzY3MjFkZmIwODIifQ%3D%3D
.ouo.press/	1970-01-20 19:38:05	Name: __cf_bm Value: P8uLny2naD.93Ni4UAkDxfEV_DD302aKUGw9AiBJPSE-1712283672-1.0.1.1-BA8UiyeZJc6PtNfHIBY0vOkk.Cl49sX5dJ5kqxR2FMVCwgUTzW1iyJIGbNL4C28EViR9ckMKWaugLIaNZnHkBQ
cuplikenominee.com/	1970-01-20 19:39:30	Name: GL_UI4 Value: eJw9jd1Og0AUhKH8tVrQSXgAHwFogPbS%2BBBekgN7pGtht1lWiG%2FvxkSv5svkm4znebv8Cf4aHxB8UY2XmtuirqqGBtHSpSVqmC819eX53Jwq0eAgl85SP7ENsV9mMraza4jjyIqNHLpBC07x7Ky%2F5qb0pkJEvSElUkSzM6YUSW%2F0trDJA4SKZkb8djXaZTTTpzYIyurkWCrHfoGdXvIge0DyLpVww%2ByIXVlkWezh8T6R%2FdBm7qSIfUSjIcHwX7EfyPKozTcSwcvN6jugJ9H9%2B7%2B%2FwVYWiAWvcnDn2l7Z%2FABDrk5k
cuplikenominee.com/	1970-01-20 19:39:30	Name: GL_GI10 Value: eJwNyE0KgzAQBtDMLFIKZvFRr9GgpaLr%2FtBzxDSIlE7CKEJvXxdv84wxXFfguaAaGn%2FpOt%2F7trmCJvDjCY6CwyvpN8gPpA6s4kBxN8Pds6bzLcTPmCWBZcFxr5I1rAlULIHXbBm8vGsD2uzpD%2BgFF8Q%3D
my.rtmark.net/	1970-01-21 04:23:39	Name: ID Value: 29936a6645564cd788e9f864b64af98e
belickitungchan.com/	1970-01-21 04:23:39	Name: OAID Value: 29936a6645564cd788e9f864b64af98e
.lv.adocean.pl/	1970-01-21 05:06:51	Name: GAD Value: KlGg3RaGQMQGE-qfVXXGToMUssGMU1LoL6PxGsRP5x7xaGQsG0gRi7yGtFftFlM2xgGWi1BpY8Xs1uLbkg6-m8cHnMBGffbG
ouo.press/	1970-01-20 20:21:15	Name: _pbjs_userid_consent_data Value: 3524755945110770
.hit.gemius.pl/	1970-01-21 05:06:51	Name: Gdyn Value: KlQVVRaGQMQG1O0AOEFGToMUssGMv1LoL6nxGsRP5x7tGKGGq16vLGl8lej2GSfPgK9oaQG.
ouo.press/	1970-01-20 19:38:05	Name: stpdOrigin Value: {"origin":"direct"}
.prebid.a-mo.net/	1970-01-21 04:23:39	Name: __amc Value: 1_1712283674_1712283674
.adform.net/	1970-01-20 21:04:27	Name: uid Value: 1609504076492904592
.hit.gemius.pl/	1970-01-21 05:06:51	Name: Gdynp Value: 700WSi.vdzsYX82zXWHz6dQLqZRAyESAy1bKlTiah7D.b7
.onaudience.com/	1970-01-21 04:23:39	Name: cookie Value: eedbaeefab6551d6
.onaudience.com/	1970-01-20 19:39:30	Name: done_redirects161 Value: 1
.exelator.com/	1970-01-20 22:30:51	Name: EE Value: "2056ca8789e39b824f72a8f2d6fdb99e"
.exelator.com/	1970-01-20 22:30:51	Name: ud Value: "eJxrXxzq6XKLQcHIwNQsOdHC3MIy1dgyycLIJM3cKNEizSjFLC0lydIydXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIeEl%252BUWb6IhfXxUUpaQyLSopPBR8P4wAAo1sp1w%253D%253D"
.onaudience.com/	1970-01-20 19:39:30	Name: done_redirects147 Value: 1
.hit.gemius.pl/	1970-01-20 19:48:08	Name: grtb_hc_data_redir_xnjrkiktyj Value: 1
.criteo.com/	1970-01-21 04:59:39	Name: uid Value: b1c4f752-ef47-49bb-877b-c03c373ab80a
.criteo.com/	1970-01-21 04:59:39	Name: receive-cookie-deprecation Value: 1

66 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://attentionantecedentsuperb.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1712283672692/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1712283672692/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://lv.adocean.pl/_1712283672692/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1712283672692/ad.js?id=dQRGEZ.S4ks.3MAoYWaIz9mhcKhgLwLIGELDWxYDOYD.j7/x=800/y=600(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1712283673679/ad.js?id=YbUA6N7cNz9F6GxHWqFrIIqnY82LPxH9oFpJRiL7BGf.z7/x=800/y=600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/files/js/aomini.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1712283673679/ad.js?id=YbUA6N7cNz9F6GxHWqFrIIqnY82LPxH9oFpJRiL7BGf.z7/x=800/y=600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://lv.adocean.pl/_1712283673679/ad.js?id=YbUA6N7cNz9F6GxHWqFrIIqnY82LPxH9oFpJRiL7BGf.z7/x=800/y=600(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lv.adocean.pl/_1712283673679/ad.js?id=YbUA6N7cNz9F6GxHWqFrIIqnY82LPxH9oFpJRiL7BGf.z7/x=800/y=600(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ouo.press/8Uo4fOp Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adlv.hit.gemius.pl
adx.adform.net
adxbid.info
attentionantecedentsuperb.com
belickitungchan.com
bidder.criteo.com
cadmus.script.ac
cm.adform.net
cuplikenominee.com
eu.can-get-some.in
eus.rubiconproject.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hhklc.com
id5-sync.com
lv.adocean.pl
my.rtmark.net
node.setupad.com
offerimage.com
onetag-sys.com
ouo.io
ouo.press
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
rtb.adxpremium.services
script.4dex.io
secure-assets.rubiconproject.com
static.criteo.net
stpd.cloud
tzegilo.com
www.google.com
www.gstatic.com
136.243.223.251
139.45.195.254
139.45.195.8
139.45.197.239
141.95.98.65
147.75.84.158
159.89.25.223
172.240.127.234
172.67.138.13
172.67.193.52
172.67.223.102
172.67.68.162
178.250.1.8
185.106.140.18
185.184.8.90
216.58.206.68
23.109.170.197
23.197.120.249
2606:4700:10::6816:20ac
2606:4700:10::6816:3afb
2606:4700:10::ac43:697
2606:4700:20::681a:8a9
2606:4700::6812:1691
2606:4700::6812:1e31
2a00:1450:4001:80b::2003
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a02:2638:3::3
2a02:2638:3::c
37.157.4.28
37.157.4.29
51.38.120.206
51.89.9.253
54.38.133.12
54.38.133.136
54.38.133.137
95.101.149.233
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
14e0e8a2d0e31edc8968bb791a682699989f69d3961d491a7e6199780236587b
159a1c5a38b86c941b92007474ff01e949ae22f18e8496452888cf10a9507c52
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48861a028d751f66a47c3a58a208f14e6dcc4dc3cf52f9e273344a84178d9e56
6555650189071c816aa33e481f70930c6d8a7ef106ac8df1b096e828d65ce261
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68cbbe8ff78a2d3639cdde172e4a5daa764ca8e675bfc783a407cce910ebf45e
6f63da1af1bde11f65555f6516789beba1619afed2b911a1bbac292082f42df4
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
9673c979e2e6898e00ff7a4dd0a10773be35405418b03da707c1184dcf7929ef
97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215
98468b617767ca2a3dd115f2db945bf8ae9fa6e5f5a0749373623209bea73f3d
a810b797ff066e79697f176591b393574e481c18670c54c0daf3cf4d31827bbd
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
abec9675ccbcc67ee7c27ebd055e2b2fd26f7dc327aa8b0dd6bfa2518b6e1655
b136bd32495c98d4ecbc0f093b48041d5ac8954437f4cc036eb9c1a2949dbe80
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
c0efac061a076db70cac7a54123c2b27537ccfe836312e835750e2085cb28546
c2d93e8ef9db4f5af8e87f9d459a09ebcba14e7f249607e91bdd06fb5eb967a3
c87a6b2070219676b8743b827b49c5f5a017960eabb29ea3720a925d8ca1bad4
c919ef3f66632db6ee290f25aaf6d6a921ac22bbedff5a62f20bc0816df508e7
d2955f1dd2acef625bf6655a588fa3584a4c3a7e2f74830ad2d9a1e5a9acbee8
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
d93ccfe3fc769ba3c34edb6a035720822a2e91b5e3a3538748e56666d3f9d6aa
dd4342907ff08233c8d92fb091f21a6d7b5395b17cfa1ab511f8518ef6e5e19e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4a74682b74e577b647c390bc60fe3a7fa41efb622f58a8741112e5bfa3d4f5
f1c071c8dc0796882048a9d52fef858c5df9f633d3f4b97daeb245df85d31a50
f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11
fcd9f50d03a702af7e312e0e1a99c57b4357fe4fa8cf8364682bf75937ebaf83
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ff4db4bac474698c5d55f46092b8d727ad156a6a0fe52cbc8326a4003859f1a6

ouo.press Open in urlscan Pro 2606:4700:10::6816:3afb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

99 %HTTPS

30 %IPv6

31 Domains

35 Subdomains

35 IPs

6 Countries

866 kBTransfer

2516 kBSize

28 Cookies

0 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

30 %
IPv6

31
Domains

35
Subdomains

35
IPs

6
Countries

866 kB
Transfer

2516 kB
Size

28
Cookies

79 HTTP transactions
0 data transactions