urlscan.io logo urlscan.io
SecurityTrails logo

ouo.press Open in urlscan Pro
2606:4700:10::ac43:160f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ouo.io/1NWAMz
Effective URL: https://ouo.press/1NWAMz
Submission: On March 24 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 9 countries across 46 domains to perform 135 HTTP transactions. The main IP is 2606:4700:10::ac43:160f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 198323.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.
This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.109.82.241 7979 (SERVERS-COM)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.91.9.135 7979 (SERVERS-COM)
1 192.243.59.13 39572 (ADVANCEDH...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 18.66.97.126 16509 (AMAZON-02)
7 18.66.112.104 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.134 15169 (GOOGLE)
1 2.18.234.190 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 52.222.210.175 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 50.112.169.222 16509 (AMAZON-02)
1 6 185.33.220.243 29990 (ASN-APPNEX)
1 2602:803:c003... 26667 (RUBICONPR...)
1 213.19.147.43 26120 (RHYTHMONE)
2 178.250.0.165 44788 (ASN-CRITE...)
1 35.157.98.225 16509 (AMAZON-02)
1 1 52.29.95.58 16509 (AMAZON-02)
4 37.157.2.238 198622 (ADFORM)
2 2 3.123.105.96 16509 (AMAZON-02)
2 2 37.157.4.28 198622 (ADFORM)
1 1 3.124.34.143 16509 (AMAZON-02)
2 18.195.155.181 16509 (AMAZON-02)
1 1 52.29.141.195 16509 (AMAZON-02)
3 104.17.119.107 13335 (CLOUDFLAR...)
6 2.18.235.40 16625 (AKAMAI-AS)
1 2.18.233.180 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 37.157.5.72 198622 (ADFORM)
2 2a00:1450:400... 15169 (GOOGLE)
3 6 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 84.200.5.215 31400 (ACCELERAT...)
1 88.99.63.132 24940 (HETZNER-AS)
1 104.111.239.217 16625 (AKAMAI-AS)
3 2a02:2638::3 44788 (ASN-CRITE...)
2 46.236.13.147 12703 (PULSANT-AS)
10 104.18.17.65 13335 (CLOUDFLAR...)
1 34.230.115.234 14618 (AMAZON-AES)
1 51.89.21.5 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 54.154.13.151 16509 (AMAZON-02)
2 3.33.220.150 16509 (AMAZON-02)
2 52.30.107.253 16509 (AMAZON-02)
2 104.19.130.80 13335 (CLOUDFLAR...)
2 151.101.1.108 54113 (FASTLY)
2 23.37.42.132 16625 (AKAMAI-AS)
2 3 52.94.222.140 16509 (AMAZON-02)
2 3 69.173.144.138 26667 (RUBICONPR...)
3 3 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2620:1ec:22::14 8068 (MICROSOFT...)
1 35.244.174.68 15169 (GOOGLE)
2 3 172.217.18.98 15169 (GOOGLE)
2 3 52.46.154.242 16509 (AMAZON-02)
135 58
1    2606:4700:10::ac43:697 (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.io
5    2606:4700:10::ac43:160f (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.press
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.109.82.241 (Netherlands)

ASN7979 (SERVERS-COM, US)
phallicuncut.com
4    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    142.91.9.135 (Netherlands)

ASN7979 (SERVERS-COM, US)
video.your-notice.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
itineraryupper.com
3    2606:4700:3035::6815:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
2    18.66.97.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-126.fra56.r.cloudfront.net
ecdn.analysis.fi
analytics.webgains.io
7    18.66.112.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-104.fra56.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    50.112.169.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-169-222.us-west-2.compute.amazonaws.com
exchange.adtrue.com
6    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    35.157.98.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    52.29.95.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-95-58.eu-central-1.compute.amazonaws.com
aws-fr.bidswitch.net
4    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    3.123.105.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-105-96.eu-central-1.compute.amazonaws.com
aws-fr-sync.bidswitch.net
2    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    3.124.34.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-34-143.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    52.29.141.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-141-195.eu-central-1.compute.amazonaws.com
imp-euro.emxdgt.com.
3    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
js.brealtime.com
6    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:4700:3038::6815:ead6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adtrue.com
2    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
12    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    88.99.63.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.o2online.de
1    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
10    104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
cm.adskeeper.com
1    34.230.115.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-115-234.compute-1.amazonaws.com
imp.emxdgt.com
1    51.89.21.5 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p38.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    54.154.13.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-13-151.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    52.30.107.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
api.webgains.io
2    104.19.130.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
3    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
12 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1742
as.ad4m.at — Cisco Umbrella Rank: 2174
assets.ad4m.at — Cisco Umbrella Rank: 32740
553 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 689
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
15 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
81 KB
10 adskeeper.com
jsc.adskeeper.com — Cisco Umbrella Rank: 35458
c.adskeeper.com — Cisco Umbrella Rank: 15984
servicer.adskeeper.com — Cisco Umbrella Rank: 33381
s-img.adskeeper.com — Cisco Umbrella Rank: 17514
cm.adskeeper.com — Cisco Umbrella Rank: 38489
84 KB
9 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 412
eus.rubiconproject.com — Cisco Umbrella Rank: 503
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
token.rubiconproject.com — Cisco Umbrella Rank: 595
13 KB
8 adform.net
track.adform.net — Cisco Umbrella Rank: 3334
c1.adform.net — Cisco Umbrella Rank: 524
s1.adform.net — Cisco Umbrella Rank: 8028
37 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
acdn.adnxs.com — Cisco Umbrella Rank: 523
39 KB
7 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 17735
cdn.firstimpression.io — Cisco Umbrella Rank: 17947
370 KB
6 moatads.com
z.moatads.com — Cisco Umbrella Rank: 329
px.moatads.com — Cisco Umbrella Rank: 392
102 KB
5 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 181
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
2 KB
5 adtrue.com
cdn.adtrue.com — Cisco Umbrella Rank: 47151
exchange.adtrue.com — Cisco Umbrella Rank: 30410
87 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 785
41 KB
5 ouo.press
ouo.press — Cisco Umbrella Rank: 198323
32 KB
4 bidswitch.net
aws-fr.bidswitch.net — Cisco Umbrella Rank: 11116
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 30609
x.bidswitch.net — Cisco Umbrella Rank: 257
2 KB
4 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1565
e1.emxdgt.com — Cisco Umbrella Rank: 1076
imp.emxdgt.com — Cisco Umbrella Rank: 4679
8 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
328 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18655
api.webgains.io — Cisco Umbrella Rank: 47350
51 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
90 KB
3 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2428
js.brealtime.com — Cisco Umbrella Rank: 4469
9 KB
2 adskeeper.co.uk
cdn.adskeeper.co.uk — Cisco Umbrella Rank: 27896
3 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
803 B
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 713
id.rlcdn.com — Cisco Umbrella Rank: 565
323 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 35662
13 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
102 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 434
704 B
1 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 816
194 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1648
332 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 488
527 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13937
704 B
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 51158
2 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 46354
459 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 48610
288 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6433
501 B
1 cdn-adtrue.com
cdn-adtrue.com — Cisco Umbrella Rank: 52405
909 B
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 419
hbopenbid.pubmatic.com Failed
79 KB
1 com.
imp-euro.emxdgt.com.
192 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1169
165 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
9 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1147
3 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 21599
2 KB
1 itineraryupper.com
itineraryupper.com — Cisco Umbrella Rank: 288573
1 your-notice.com
video.your-notice.com — Cisco Umbrella Rank: 69862
525 B
1 phallicuncut.com
phallicuncut.com — Cisco Umbrella Rank: 322160
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
918 B
1 ouo.io
ouo.io — Cisco Umbrella Rank: 125604
1 KB
135 46
Domain Requested by
6 assets.ad4m.at as.ad4m.at
6 gum.criteo.com 3 redirects static.criteo.net
6 ib.adnxs.com 1 redirects ecdn.firstimpression.io
cdn.adtrue.com
acdn.adnxs.com
5 px.moatads.com
5 c.amazon-adsystem.com ecdn.firstimpression.io
c.amazon-adsystem.com
5 ouo.press ouo.press
4 c.adskeeper.com jsc.adskeeper.com
4 ad4m.at s1.adform.net
ad4m.at
4 mug.criteo.com
4 track.adform.net ouo.press
s1.adform.net
4 ecdn.firstimpression.io ouo.press
ecdn.firstimpression.io
4 www.google.com ouo.press
www.gstatic.com
www.google.com
3 s.amazon-adsystem.com 2 redirects
3 cm.g.doubleclick.net 2 redirects
3 token.rubiconproject.com 3 redirects
3 pixel.rubiconproject.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 static.criteo.net cdn.adtrue.com
static.criteo.net
ecdn.firstimpression.io
3 cdn.firstimpression.io ecdn.firstimpression.io
3 www.gstatic.com www.google.com
3 cdn.adtrue.com ouo.press
exchange.adtrue.com
2 eus.rubiconproject.com ecdn.firstimpression.io
eus.rubiconproject.com
2 acdn.adnxs.com ecdn.firstimpression.io
cdn.adtrue.com
2 cm.adskeeper.com jsc.adskeeper.com
2 cdn.adskeeper.co.uk jsc.adskeeper.com
2 api.webgains.io analytics.webgains.io
2 match.adsrvr.org ads.pubmatic.com
2 jsc.adskeeper.com exchange.adtrue.com
jsc.adskeeper.com
2 track.webgains.com as.ad4m.at
2 as.ad4m.at ad4m.at
as.ad4m.at
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com cdn-adtrue.com
www.googletagmanager.com
2 s1.adform.net aws-fr.bidswitch.net
s1.adform.net
2 biddr.brealtime.com ouo.press
ecdn.firstimpression.io
2 e1.emxdgt.com ouo.press
imp-euro.emxdgt.com.
2 c1.adform.net 2 redirects
2 aws-fr-sync.bidswitch.net 2 redirects
2 bidder.criteo.com ecdn.firstimpression.io
cdn.adtrue.com
2 exchange.adtrue.com ouo.press
cdn.adtrue.com
1 id.rlcdn.com
1 px.ads.linkedin.com
1 ads.yahoo.com
1 s-img.adskeeper.com
1 servicer.adskeeper.com jsc.adskeeper.com
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 imp.emxdgt.com
1 analytics.webgains.io track.webgains.com
1 www.awin1.com as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 cdn-adtrue.com exchange.adtrue.com
1 ads.pubmatic.com ouo.press
cdn.adtrue.com
1 js.brealtime.com ecdn.firstimpression.io
1 z.moatads.com ecdn.firstimpression.io
1 imp-euro.emxdgt.com. 1 redirects
1 x.bidswitch.net 1 redirects
1 aws-fr.bidswitch.net 1 redirects
1 hb.emxdgt.com ecdn.firstimpression.io
1 tag.1rx.io ecdn.firstimpression.io
1 fastlane.rubiconproject.com ecdn.firstimpression.io
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net ecdn.firstimpression.io
1 widgets.outbrain.com ouo.press
1 ad.doubleclick.net ouo.press
1 ecdn.analysis.fi ouo.press
1 itineraryupper.com ouo.press
1 video.your-notice.com ouo.press
1 phallicuncut.com ouo.press
1 fonts.googleapis.com ouo.press
1 ouo.io 1 redirects
0 hbopenbid.pubmatic.com Failed cdn.adtrue.com
135 77

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
phallicuncut.com
R3		 2022-01-14 -
2022-04-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
your-notice.com
R3		 2022-03-06 -
2022-06-04		 3 months crt.sh
itineraryupper.com
R3		 2022-03-18 -
2022-06-16		 3 months crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-08-14		 2 years crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh

This page contains 16 frames:

Primary Page: https://ouo.press/1NWAMz
Frame ID: F5C29864C01447CF68DA6DAB4D092A69
Requests: 27 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 0972EFB86C9BFF450412833FA4E11D7C
Requests: 15 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F1NWAMz&cb=1042201521&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/1NWAMz
Frame ID: EFFFDACA594B1C58086ACFFD66CEB4AD
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=t33sw3nspyj6
Frame ID: 261D1C757745AAA716544C89D68BFB88
Requests: 5 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0;rtbdata=fGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Frame ID: 2984627B852B45A840F00AE08BE23862
Requests: 14 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: EB9502A65F0BD562C37DEA0AD8817161
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: 8EA6A67C29B253198FA0500B93549654
Requests: 14 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 9470E60A688E9FEC038AD1831F37C50D
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: E51F00281EB74CE577ADF408B14FBDDB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: 9E5552E29AF038A88ED35C0F5B3A9B09
Requests: 2 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1648122316606796961774
Frame ID: C4669E73CF3E2AF1BFCB29C8DE520525
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E7D87CE90723296372626D994D8BAE29
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 83F90132E68EE8005D98BC45FAA1327A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5E4F7BFD20717CC3751D422C01ABECA2
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ABB09835A28D985EFEE72FE9FBF9C483
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 36EF8EF54331946B543B50F5607899FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

  1. https://ouo.io/1NWAMz HTTP 302
    https://ouo.press/1NWAMz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

135
Requests

87 %
HTTPS

31 %
IPv6

46
Domains

77
Subdomains

58
IPs

9
Countries

2173 kB
Transfer

5059 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ouo.io/1NWAMz HTTP 302
    https://ouo.press/1NWAMz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://aws-fr.bidswitch.net/imp/0.05180/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104562_Qrtbwp_R_I_WAUCTION__PRICE_X-TKHz0-7hZBf-dVQMk3__g90hvvM0lGhIu0_Qrtbdata_RfGK6JC8ipFVNNoU__S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss__d1vZf7nDnMR1KCg46obM3L6yfY7__Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/JIBHZ-4zJH3AntTTAGgvoIs3e1-GRjS8pwwckiH8XOUkQjYSSnWRC-0Nf8glB1WcVis3qXROdOhOw8cJtfjIb4IphsI_Yhg2zmYBokO0lfdBIAaT2j1y5eDaI1cpjup1QWEKIb6y1lz74LCdwUKKIPZ2aW2NidMvALw292y9AUNiLVtqHjyXr08Sy3cb5zxWchlN6t8S4oie1Nsnbi_G7Vo3lE0ThCWAFn4tD_jTqjmU98UMEksyWx4C0qIDYl_lgZVyyxBL-AZCGTsgk7sVBXXVgPD6Mqx9cluDFPKmAsh1NuU9EJtO0xG3D7156C1oG8-B64cQPikH512sH-ZsYDYRubzQMi0LW_rFDv9oPuS-xZty2mM8Vfc9HOfa98BiBAKRePBVyN3c_pwFt4xDJg_9m-Q_a9JxITYEgm3m_2FMvqS5lMc2EKLNSLwbZA1-5wTr9kCzIMTZBD6Jog_Bp7m12b6SGWkYMZfYtf-CiiZEF49t_KF2zIpHi1sno88JfW0qQ97dleScEX_dHVXE75EODMqWdrls1AdPwEk-s4iQhq3TJ1WT69Sc0Ze-o-iQNKEBWrGomKsUtTeMYPaJyxwJpAO_awvBYn6D4e59lO3e2pu8Ukwg8hVkWaz3TVHt73clJOP3mtfZMLz9QoofJdgkp4KKsidbXpYrHk1MSm0FuPTvAFurRNuvjL9U6pbZB4JtdBQRsuj7tZWjPlskdChoglZIShxG-jVWdF8BSYA4zJUV_aSvf6V-TxCzwfFJRx1-j_bhXvMIppL96epaf4PFut5YPBxXKsZg5Nxc/$%7BCLICK_URL_ENC%7D HTTP 302
  • https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0;rtbdata=fGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Request Chain 42
  • https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1925522695292248615&ssp=emxdigital HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=7cc0ef50-2625-4a07-a37c-4204481bb9aa&gdpr=&gdpr_consent=
Request Chain 43
  • https://imp-euro.emxdgt.com./imp/?cp=0.05180&ts=1648122314&adom=ad4m.at&seat=70&w=728&h=90&pb=0.04144&sid=9316&tid=122081&pid=1312&uid=13121648122313796363f1&wid=21&dom=ouo.press&tp=0.05180&mt=1&dt=2&st=1&os=&ip=217.64.151.9&sz=&country=SE&region=AB&city=Stockholm&zip=&dma=&agency_id=0&cluster=hb&browser=chrome&rf=ouo.press&data_fee_type=&data_fee=0&cat=3&crid=70_37104562&burl=https://ghent-aws-fr.bidswitch.net/win_notice/emxdigital_bid?rid=JIBHZ-4zJH3AntTTAGgvoIs3e1-GRjS8pwwckiH8XOUkQjYSSnWRC-0Nf8glB1WcVis3qXROdOhOw8cJtfjIb4IphsI_Yhg2zmYBokO0lfdBIAaT2j1y5eDaI1cpjup1QWEKIb6y1lz74LCdwUKKIPZ2aW2NidMvALw292y9AUNiLVtqHjyXr08Sy3cb5zxWchlN6t8S4oie1Nsnbi_G7Vo3lE0ThCWAFn4tD_jTqjmU98UMEksyWx4C0qIDYl_lgZVyyxBL-AZCGTsgk7sVBXXVgPD6Mqx9cluDFPKmAsh1NuU9EJtO0xG3D7156C1oG8-B64cQPikH512sH-ZsYDYRubzQMi0LW_rFDv9oPuS-xZty2mM8Vfc9HOfa98BiBAKRePBVyN3c_pwFt4xDJg_9m-Q_a9JxITYEgm3m_2FMvqS5lMc2EKLNSLwbZA1-5wTr9kCzIMTZBD6Jog_Bp7m12b6SGWkYMZfYtf-CiiZEF49t_KF2zIpHi1sno88JfW0qQ97dleScEX_dHVXE75EODMqWdrls1AdPwEk-s4iQhq3TJ1WT69Sc0Ze-o-iQNKEBWrGomKsUtTeMYPaJyxwJpAO_awvBYn6D4e59lO3e2pu8Ukwg8hVkWaz3TVHt73clJOP3mtfZMLz9QoofJdgkp4KKsidbXpYrHk1MSm0FuPTvAFurRNuvjL9U6pbZB4JtdBQRsuj7tZWjPlskdChoglZIShxG-jVWdF8BSYA4zJUV_aSvf6V-TxCzwfFJRx1-j_bhXvMIppL96epaf4PFut5YPBxXKsZg5Nxc&p=${EMX_BURL}&aid=&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzREpJQkhaLTR6SkgzQW50VFRBR2d2b0lzM2UxLUdSalM4cHd3Y2tpSDhYT1VrUWpZU1NuV1JDLTBOZjhnbEIxV2NWaXMzcVhST2RPaE93OGNKdGZqSWI0SXBoc0lfWWhnMnptWUJva08wbGZkQklBYVQyajF5NWVEYUkxY3BqdXAxUVdFS0liNnkxbHo3NExDZHdVS0tJUFoyYVcyTmlkTXZBTHcyOTJ5OUFVTmlMVnRxSGp5WHIwOFN5M2NiNXp4V2NobE42dDhTNG9pZTFOc25iaV9HN1ZvM2xFMFRoQ1dBRm40dERfalRxam1VOThVTUVrc3lXeDRDMHFJRFlsX2xnWlZ5eXhCTC1BWkNHVHNnazdzVkJYWFZnUEQ2TXF4OWNsdURGUEttQXNoMU51VTlFSnRPMHhHM0Q3MTU2QzFvRzgtQjY0Y1FQaWtINTEyc0gtWnNZRFlSdWJ6UU1pMExXX3JGRHY5b1B1Uy14WnR5Mm1NOFZmYzlIT2ZhOThCaUJBS1JlUEJWeU4zY19wd0Z0NHhESmdfOW0tUV9hOUp4SVRZRWdtM21fMkZNdnFTNWxNYzJFS0xOU0x3YlpBMS01d1RyOWtDeklNVFpCRDZKb2dfQnA3bTEyYjZTR1drWU1aZll0Zi1DaWlaRUY0OXRfS0YyeklwSGkxc25vODhKZlcwcVE5N2RsZVNjRVhfZEhWWEU3NUVPRE1xV2RybHMxQWRQd0VrLXM0aVFocTNUSjFXVDY5U2MwWmUtby1pUU5LRUJXckdvbUtzVXRUZU1ZUGFKeXh3SnBBT19hd3ZCWW42RDRlNTlsTzNlMnB1OFVrd2c4aFZrV2F6M1RWSHQ3M2NsSk9QM210ZlpNTHo5UW9vZkpkZ2twNEtLc2lkYlhwWXJIazFNU20wRnVQVHZBRnVyUk51dmpMOVU2cGJaQjRKdGRCUVJzdWo3dFpXalBsc2tkQ2hvZ2xaSVNoeEctalZXZEY4QlNZQTR6SlVWX2FTdmY2Vi1UeEN6d2ZGSlJ4MS1qX2JoWHZNSXBwTDk2ZXBhZjRQRnV0NVlQQnhYS3NaZzVOeGMlMjZwJTNEJTI0JTdCRU1YX0JVUkwlN0QlMjZhaWQlM0Q= HTTP 302
  • https://biddr.brealtime.com/check_gdpr.js
Request Chain 52
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pBdFh3xENVlaU3ByUDVSa1pJTXpYTjA3TWtCbmVLT0Zxa1BNOURqRVYwNTdUeWRHT3FJc0FoVzN6cTRUNjBROHpRaGJSemRKQ3JMMUVxOXc4bnM1RHJiVFlQZ2RWZ0cweEpkUzR6RHFNUkJlWFNhY3EyS0ZJRmNYK1ZCL0g1MnU1MlJqeS9KVU5SWjdxb0VSdHgrSytwVUFyRS80dEk5elFZcDhETVRjbFpEeXFmVEJMMk5nZTh6Tkd3bThxeW5MMkhZMTl4czdTOEQ3ZHB1QmNiTVhQOG9LaGtDVzMrTFFVUGZBNE0vci9kdzFweTVnPXw&cppv=2
Request Chain 76
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022032412451566135638639X117679V1226132702MSoneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&spid=2022032412451566135638639X117679V1226132702MSoneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&wfid=117679
Request Chain 89
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=lB5efl9iT2RiNXRKN1RuZkg3Q0VWZktoZmJOWnRvY0locXBkNWpCNzEzekxCSkpvWkh3VEJVSjlBMXdpbXNtNk11NkJDTjN0a3F6dSUyQnJTWTJFN1dzJTJGYjBZc1I3TDZrajlFaVVnaDhJcXIzcGdXNXVMZ0UlMkZnVUFvYnozNHVsTjBMc0FVSw&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=RU8r5XwyS1lEN2RuYUZ3Q2F2Mjcvd1hLMFBLZjVYQlRBczYrOE9SOElFN3RqOTgwTnFVRHpsTW44S25Hbll6eUpKZG94OWxVcE92VXN0QzQ0ZzJrOUpXSk1iR1BuZVB4RityKzFNUjhyMjE1aHRPZlhLMTFZNlUyMXRDT3dZcWI3RmF0L0RSb2lCdXhISGtoY3ZIcTJ6OUpzSER5eUZoTU5CbjBqMDluWWp4dFlRQUlvSmRrUjhpNmZMTldhdEttRlRqWTFtdEpQVG53aEtzeUwvUzZOL0pESDl4Q1NUbXlhdkFScWVRSm05TkdlQkNVUlRIY2xTZ29uQ0V5WlBaV3dtTE9vMGpiUFgwOEdVaTl6U2M4ZzlIVloyM1pySWJvUFhRNjR2MWRlNWFURDZMZz18&cppv=2
Request Chain 96
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=lB5efl9iT2RiNXRKN1RuZkg3Q0VWZktoZmJOWnRvY0locXBkNWpCNzEzekxCSkpvWkh3VEJVSjlBMXdpbXNtNk11NkJDTjN0a3F6dSUyQnJTWTJFN1dzJTJGYjBZc1I3TDZrajlFaVVnaDhJcXIzcGdXNXVMZ0UlMkZnVUFvYnozNHVsTjBMc0FVSw&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=iZJmcXxxaE9qSnZaaGl2SS9yL1dZeGY3c2p4NDQ4NmlsNXdteGRUYkY0a3AvTWZlSnI5bGZRV1RJSyt3NkdkeHNLN2gwZE5vTU9pUkNyNzhKbzNKbEk0Zmp1R2lsTjZHNlVxR1RrNEM5QVpzY3dlNm9MNjZwdFhXbVdJWGVFYWQrMHhnK0JaOW5PL2pJVTlRaFhPTHZLQSszZ1doOUpQT3h1VXRHOTlRNGt2MHRocXZRa1g4NlpyNVJrUXdTenVQOW80RjZRSDFjQk81YXg5MDNFZTY1K0M2VHFFRWhORWJGdVpIdnpkNnlsaUpPRzN1bDQrSWdwSjJ3cFJJWk0yREJlaVRmOGtoL2todGFDOWp6QU02NlU1RGg5TjZLemRQMlBwNFlvRVB5enVHWkRmND18&cppv=2
Request Chain 121
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 122
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=J03lNPryTAaJLeC4whga5A&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=J03lNPryTAaJLeC4whga5A
Request Chain 123
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L14XH08H-1H-F5N7&sigv=1&esig=2~c458bda0cd5602e2a01d4326ea39f87bc9b18a26
Request Chain 124
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L14XH08H-1H-F5N7
Request Chain 127
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGzCtFetrxElCApJwQ5RXCU&google_cver=1
Request Chain 128
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QQDb9CJAR4i2jzvlqAS0dQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QQDb9CJAR4i2jzvlqAS0dQ
Request Chain 129
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcxN2Q4Mjg3MDM5OWVmZGRhMWU5MGQ2YTEwZTkwOWZiOWQzZDNkZQ

135 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1NWAMz
ouo.press/
Redirect Chain
  • https://ouo.io/1NWAMz
  • https://ouo.press/1NWAMz
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97cd4e3da54e23bee70cc7a743ac4391111b921bc53bc26a63fe4776561f0bde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6f0f28c90d900200-ZRH
content-encoding
br

Redirect headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-type
text/html; charset=UTF-8
location
https://ouo.press/1NWAMz
cache-control
no-cache
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6f0f28c75adccc4e-ZRH
css
fonts.googleapis.com/ 		1020 B
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 10:13:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 24 Mar 2022 11:45:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Mar 2022 11:45:13 GMT
bootstrap.css
ouo.press/css/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/bootstrap.css
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/1NWAMz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
14933
cf-polished
origSize=109522
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Sat, 14 Feb 2015 06:58:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"54def1fc-1abd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
6f0f28ca6f8e0200-ZRH
expires
Thu, 24 Mar 2022 19:36:20 GMT
link-safe.css
ouo.press/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/link-safe.css
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/1NWAMz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
40919
cf-polished
status=cannot_optimize
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Wed, 02 Oct 2019 21:46:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5d951ace-1830"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
6f0f28ca6f920200-ZRH
expires
Thu, 24 Mar 2022 12:23:14 GMT
16562
phallicuncut.com/1clkn/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://phallicuncut.com/1clkn/16562
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.82.241 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:45:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Keep-Alive
timeout=20
api.js
www.google.com/recaptcha/ 		884 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8e816624d5e7301ffcbd4f64b8926054fe83ec27c68148e496cf8f492b4d26da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Thu, 24 Mar 2022 11:45:13 GMT
html_102001.js
video.your-notice.com/ 		775 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video.your-notice.com/html_102001.js
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f89938c79873cd609d75b6112604cbedf77695f1eeed40d179bc5a450d9680b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:05 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
ed36014633829dc70a42dccaefdf3f11.js
itineraryupper.com/ed/36/01/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 24 Mar 2022 11:45:13 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
async.js
cdn.adtrue.com/rtb/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18810282
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyGPliPYrROGQmunZtv%2BA3gb6w5T%2B7BiFsdC3Cc2PwKMrN%2FZR8LnlJYYxsu4aw9Pa03wLVlzkmOqNpzJy48cK256YPuUPF%2BMgMD6gldw%2FfZ6ibB1rRKheKAOWr97wKu8WBXKkXmN8F1ahqp0Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f0f28cb1c7c5a0d-MXP
expires
Sat, 13 Aug 2022 18:40:31 GMT
world.png
ouo.press/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouo.press/images/world.png
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/1NWAMz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
113777
cf-polished
status=not_needed
content-length
5692
x-xss-protection
1; mode=block
last-modified
Wed, 06 May 2015 05:02:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5549a07c-163c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Fri, 22 Apr 2022 04:08:56 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6f0f28cac80c0200-ZRH
cf-bgj
imgq:85,h2pri
email-decode.min.js
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:160f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/1NWAMz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 14:13:59 GMT
server
cloudflare
etag
W/"62388827-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6f0f28cabff60200-ZRH
vary
Accept-Encoding
expires
Sat, 26 Mar 2022 11:45:13 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-126.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:31:14 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 20:54:43 GMT
server
nginx/1.18.0
age
839
etag
W/"623b8913-1090"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
AJsrICTbkhhz_jzG7mC_eKWqc1dtmXSc-Z53jisEdeYr0S1npWwOaA==
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
expires
Thu, 24 Mar 2022 12:31:14 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-104.fra56.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
493b9538f939989d85eb2ccfa1a469c85e42e82dd5666b8ad819d24175df1eef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 10:51:40 GMT
content-encoding
br
age
3213
x-powered-by
PHP/7.3.23
x-cache
Hit from cloudfront
x-xss-protection
0
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 10:51:40 UTC
server
nginx/1.18.0
etag
W/"ac6f7a0be543945a0d87219785e24cf1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
6kdY6r6X9h50L8VwYmuAwpovtYCt9DgVvJ9GyrNidC4TgE_NeaIlug==
expires
Thu, 24 Mar 2022 11:51:40 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ 		360 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Mar 2023 11:39:54 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 16:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 24 Mar 2022 16:08:28 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
last-modified
Tue, 08 Mar 2022 10:17:27 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1646735198.653837"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 23 Apr 2022 11:45:13 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		26 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2F1NWAMz&charset=UTF-8&ch=11&ref=ouo.press&viewerId=null&referer=&_firid=94664012
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-104.fra56.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
31e216171adb2f5bb3c4b0823f85ce065cd286889dcfd9afcf5f578f53ba0dda

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-P5
x-powered-by
PHP/7.3.23
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://ouo.press
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
SF_ZAQ02DcQAUOfYix_WVQHhHkBeb42z9G2sAJShRSNKVPjbX9AqAg==
expires
0
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-104.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:38:29 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 12:14:47 GMT
server
nginx/1.18.0
age
404
etag
W/"623b0f37-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
gig_XoRoIXUWVdAMdRNrPcZSyedVrxgJhN7Jr1O4p0mwSc0vOpeGVg==
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
expires
Thu, 24 Mar 2022 12:38:29 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8609
x-jsd-version
1.13.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f0f28cbfe310225-ZRH
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
.7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding
gzip
etag
4e3fad24a118a07cea7ce88b2721a583
age
351
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0H2TFSVFM0NJ9QKHA5XG
date
Thu, 24 Mar 2022 11:39:21 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gxBbEHI1R55Pxg7czCLgLWrs8mEK_yonZUjWtrWIZmetiqD6oEh-gg==
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v17/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/questrial/v17/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:05:17 GMT
x-content-type-options
nosniff
age
56396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19292
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:15:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 20:05:17 GMT
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 0972 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-104.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:38:30 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 12:14:47 GMT
server
nginx/1.18.0
age
403
etag
W/"623b0f37-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
ntWHUFudMB4u-ygGKfwJogeavTM3DvlUYVp_33oATfIxQxLsN-BgHA==
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
expires
Thu, 24 Mar 2022 12:38:30 GMT
truncated
/ 		592 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
impress
exchange.adtrue.com/delivery/ Frame EFFF 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F1NWAMz&cb=1042201521&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/1NWAMz
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.169.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-169-222.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
abff3de1810d5f1b52b5cc99b7e4b29dc850b17aaa6523b289e4240a62cf0728

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
server
nginx
x-adtrue-instance
java2
content-length
4626
content-type
application/javascript
anchor
www.google.com/recaptcha/api2/ Frame 261D 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=t33sw3nspyj6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9fa2e0f156d0224d3259d8bf649a49e31f944d48df0eb36aae5cebb063716e44
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RO8rCljg7/e0ZKSaBXfTxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 24 Mar 2022 11:45:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-RO8rCljg7/e0ZKSaBXfTxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21977
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 0972 		312 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-104.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:38:29 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 12:14:47 GMT
server
nginx/1.18.0
age
404
etag
W/"623b0f37-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
blVMzVxr4HnLt8DnvzFIEvdnG3SgP0d-1iIFCZ0_PHaHEVtTISDb1A==
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
expires
Thu, 24 Mar 2022 12:38:29 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 261D 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=t33sw3nspyj6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Mar 2023 11:39:55 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 261D 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=t33sw3nspyj6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Mar 2023 11:39:54 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame 0972 		1 B
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C88461%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C6%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459%7C110459
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-104.fra56.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
gzip
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P5
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
Np74RiD0h0yE0-qc0NiuBl1fcOcA1pkJv3Egckc0nBhU-4_Rspcm3A==
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 0972 		138 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b6001d57e0dd994bdfad3cc9380062f3f7dbd6755978695e6ec8cd25505b8b2f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:13 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
311642e1-4df6-4bff-90ec-61d01a4c1299
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0972 		348 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F1NWAMz&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F1NWAMz&tg_i.page=https%3A%2F%2Fouo.press%2F1NWAMz&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=425011a3-294f-425c-a04b-b01d17bb7e8f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04880645854688548
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
49bbf59f8f184c1a47b1868c0af75528448fe3190b266f8537b519a472423c08

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:14 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
348
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/212927/0/ Frame 0972 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
pragma
no-cache
date
Thu, 24 Mar 2022 11:45:13 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ Frame 0972 		138 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7d01236c8696faa4aaf59f794981c1c25bdf89163ca688cf52c183c500d32c1a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:13 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
63293537-8708-40cc-844e-e83af035ce73
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 0972 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=40046118087
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
/
hb.emxdgt.com/ Frame 0972 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=2000&ts=1648122313760&src=pbjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.98.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-98-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a9a7a8db72cfcbca4bcbaf5e23e5a4b3f96e5ea9153cd4e445058ab4c433d637

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Thu, 24 Mar 2022 11:45:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
content-length
7913
content-type
application/json
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0972 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
.7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding
gzip
etag
4e3fad24a118a07cea7ce88b2721a583
age
351
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0H2TFSVFM0NJ9QKHA5XG
date
Thu, 24 Mar 2022 11:39:21 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
zbXt4ehD3xTynGXNXw-D30drqYxRpbuqs3wNEcbb_cdn62HisuMztA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 0972 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 08:58:12 GMT
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
server
Server
age
10020
x-cache
Hit from cloudfront
access-control-allow-origin
https://ouo.press
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
FStlZ6JrW2lYPvmCBVW2BK-TJ8AZ99QCyQodz_HjF0XFTCW5zi0N4Q==
bid
c.amazon-adsystem.com/e/dtb/ Frame 0972 		23 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F1NWAMz&pid=bNqIRve7kFQU2&cb=0&ws=728x90&v=7.74.0&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
Q28X9QE6N25H2ET1RY5C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
YXrGjYwJgDxTHgLTbOjf9Dia6QHTtGad-SwwIMScWcwErPpWfXqxJA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0972 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
33799
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Thu, 24 Mar 2022 07:04:16 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
86CpAIC0LBn3r5KxeUdCPXzXraXUioQsTqM7aPZERZkI4UBgNa9pjA==
webworker.js
www.google.com/recaptcha/api2/ Frame 261D 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=t33sw3nspyj6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=t33sw3nspyj6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 24 Mar 2022 11:45:13 GMT
reload
www.google.com/recaptcha/api2/ Frame 261D 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7c6dbd8dbb19515ea516f69bb157986f1c4dc7afe93b866b90494a7b9bb67dcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=t33sw3nspyj6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 24 Mar 2022 11:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18028
x-xss-protection
1; mode=block
expires
Thu, 24 Mar 2022 11:45:13 GMT
v1
cdn.firstimpression.io/tracking/habit/ Frame 0972 		2 B
405 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/habit/v1?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-104.fra56.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
access-control-request-method
*
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-id
kNnXdFX8fAgpkbvOaxqIkmm_PY7YhQVIA0VpSEs0yuJAe1-5MLqlqw==
/
track.adform.net/adfscript/ Frame 2984
Redirect Chain
  • https://aws-fr.bidswitch.net/imp/0.05180/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104562_Qrtbwp_R_I_WAUCTION__PRICE_X-TKHz0-7hZBf-dVQMk3__g90hvvM0lGhIu0_Qrtbdata_RfGK6JC8ipFVNNoU__S6LdyLH...
  • https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0;rtbdata=fGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1...
948 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0;rtbdata=fGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4f8fb8fd5dfbe5672ed5a3cfd35c274187af31a2e099a5a3cdd2f3e4f414a5de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
808
expires
-1

Redirect headers

location
https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0;rtbdata=fGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1;OOBClickTrack=$%7BCLICK_URL_ENC%7D
date
Thu, 24 Mar 2022 11:45:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
put
e1.emxdgt.com/ Frame 2984
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1925522695292248615&ssp=emxdigital
  • https://e1.emxdgt.com/put?d=d21&uid=7cc0ef50-2625-4a07-a37c-4204481bb9aa&gdpr=&gdpr_consent=
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d21&uid=7cc0ef50-2625-4a07-a37c-4204481bb9aa&gdpr=&gdpr_consent=
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-length
0
content-type
text/html

Redirect headers

Location
//e1.emxdgt.com/put?d=d21&uid=7cc0ef50-2625-4a07-a37c-4204481bb9aa&gdpr=&gdpr_consent=
Date
Thu, 24 Mar 2022 11:45:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
check_gdpr.js
biddr.brealtime.com/ Frame 2984
Redirect Chain
  • https://imp-euro.emxdgt.com./imp/?cp=0.05180&ts=1648122314&adom=ad4m.at&seat=70&w=728&h=90&pb=0.04144&sid=9316&tid=122081&pid=1312&uid=13121648122313796363f1&wid=21&dom=ouo.press&tp=0.05180&mt=1&dt...
  • https://biddr.brealtime.com/check_gdpr.js
704 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check_gdpr.js
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
HTTP/1.1
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:45:14 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
3220
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-request-id
XJ7YKAGBBCJYHMVC
x-amz-id-2
ezJTylm0W7bvu1hWle24rXbVT9ndllxEvy8MXp2KvYQfQg03k4w8rCfI4aHqyEUjclnGdXimm0I=
Last-Modified
Wed, 19 Aug 2020 01:11:27 GMT
Server
cloudflare
ETag
W/"45fc2df97a85ec1dbd37c6e43e5da119"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
CF-RAY
6f0f28d02fb29124-FRA
Expires
Thu, 24 Mar 2022 12:45:14 GMT

Redirect headers

Location
https://biddr.brealtime.com/check_gdpr.js
Date
Thu, 24 Mar 2022 11:45:13 GMT
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html
moatad.js
z.moatads.com/emxsspdisplay905071498485/ Frame 2984 		297 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/emxsspdisplay905071498485/moatad.js?moatClientLevel1=1312&moatClientLevel2=9316&moatClientLevel3=122081&moatClientSlicer1=ouo.press&moatClientSlicer2=&moatClientSlicer3=
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3ddab5e9b793d8ea924db245405898c13465522468cc0d867297f31079009db3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:17:06 GMT
server
AmazonS3
x-amz-request-id
AZVJ3MWHG7BEQ7P2
etag
"7cbea6a6b64a76836a9403fcae92ad9e"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=8684
accept-ranges
bytes
content-length
102994
x-amz-id-2
JBow8/PFMd8r0Eb118EyinRtYaP2CGSIkF1KEaivj4PqI4/iNl4WQryjq8aetPwhwB3WGrJ8IWk=
openvv.js
js.brealtime.com/ Frame 2984 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.brealtime.com/openvv.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:45:14 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
1668
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-request-id
ERCBPK6FYYZ085N7
x-amz-id-2
LfvK16OMLhxMNpYFuEXMONEqQTcjyGyapkISVW1sG4TTe0xlfpZaY4bOORGAPfZ6eAc9pz/D3Ps=
Last-Modified
Mon, 28 Jan 2019 20:39:00 GMT
Server
cloudflare
ETag
W/"a3f3c6d66a408f8552e62ced6abc6fb4"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
CF-RAY
6f0f28cf49349b25-FRA
Expires
Thu, 24 Mar 2022 12:45:14 GMT
prebid.js
cdn.adtrue.com/pb/ Frame EFFF 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F1NWAMz&cb=1042201521&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/1NWAMz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9622046
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 14 Apr 2021 09:06:46 GMT
server
cloudflare
etag
W/"6076b0a6-3f06e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2giytPjEcTb299hQ3gqDykmJcXLX7PGmuF2EGb6b1Jv84p7JdXNczCVf%2BAxZ%2FFBgdIMBWf0dUHjojQdGPeZnBQDHiHME07g4kv100Qd%2By2%2BEvdi%2BETsIR9PZ%2Fxj8PSl02hl%2BcS5e6QWv%2FeW9Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f0f28cfdf26375d-MXP
expires
Mon, 28 Nov 2022 02:57:47 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame EFFF 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:33:12 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3fca8-5cf4eee137dd8"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=122068
accept-ranges
bytes
content-type
text/javascript
content-length
80538
expires
Fri, 25 Mar 2022 21:39:42 GMT
ga.js
cdn-adtrue.com/track/ Frame EFFF 		502 B
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2F1NWAMz&cb=1042201521&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/1NWAMz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12939698
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Apr 2021 11:02:09 GMT
server
cloudflare
etag
W/"6066f9b1-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtVZWjtLS7GYNrQj9NFlcqoqSKRbSjOYjuYRJStmcdebH9B0rtzSUSHuN5%2BI1MXr6nPOeS04SxUQ%2Fdz9bu6LVawAYUO4%2BAgEN%2Bq%2BpC7rJDXkbMr6EVakfITQEus2dRL8YseN4l79%2BWZ8KG7AWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f0f28d00ece5fe3-MRS
expires
Thu, 20 Oct 2022 17:23:36 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 2984 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: aws-fr.bidswitch.net
URL: https://aws-fr.bidswitch.net/imp/0.05180/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104562_Qrtbwp_R_I_WAUCTION__PRICE_X-TKHz0-7hZBf-dVQMk3__g90hvvM0lGhIu0_Qrtbdata_RfGK6JC8ipFVNNoU__S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss__d1vZf7nDnMR1KCg46obM3L6yfY7__Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/JIBHZ-4zJH3AntTTAGgvoIs3e1-GRjS8pwwckiH8XOUkQjYSSnWRC-0Nf8glB1WcVis3qXROdOhOw8cJtfjIb4IphsI_Yhg2zmYBokO0lfdBIAaT2j1y5eDaI1cpjup1QWEKIb6y1lz74LCdwUKKIPZ2aW2NidMvALw292y9AUNiLVtqHjyXr08Sy3cb5zxWchlN6t8S4oie1Nsnbi_G7Vo3lE0ThCWAFn4tD_jTqjmU98UMEksyWx4C0qIDYl_lgZVyyxBL-AZCGTsgk7sVBXXVgPD6Mqx9cluDFPKmAsh1NuU9EJtO0xG3D7156C1oG8-B64cQPikH512sH-ZsYDYRubzQMi0LW_rFDv9oPuS-xZty2mM8Vfc9HOfa98BiBAKRePBVyN3c_pwFt4xDJg_9m-Q_a9JxITYEgm3m_2FMvqS5lMc2EKLNSLwbZA1-5wTr9kCzIMTZBD6Jog_Bp7m12b6SGWkYMZfYtf-CiiZEF49t_KF2zIpHi1sno88JfW0qQ97dleScEX_dHVXE75EODMqWdrls1AdPwEk-s4iQhq3TJ1WT69Sc0Ze-o-iQNKEBWrGomKsUtTeMYPaJyxwJpAO_awvBYn6D4e59lO3e2pu8Ukwg8hVkWaz3TVHt73clJOP3mtfZMLz9QoofJdgkp4KKsidbXpYrHk1MSm0FuPTvAFurRNuvjL9U6pbZB4JtdBQRsuj7tZWjPlskdChoglZIShxG-jVWdF8BSYA4zJUV_aSvf6V-TxCzwfFJRx1-j_bhXvMIppL96epaf4PFut5YPBxXKsZg5Nxc/$%7BCLICK_URL_ENC%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 25 Mar 2022 14:59:17 GMT
gtm.js
www.googletagmanager.com/ Frame EFFF 		99 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Requested by
Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ea6063470d4096a263c077609678ba7ab6ca696d19ba11af6bb601ed06eaa2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38869
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Mar 2022 11:45:14 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ouo.press
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://ouo.press
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1454
date
Thu, 24 Mar 2022 11:45:13 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame EFFF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pBdFh3xENVlaU3ByUDVSa1pJTXpYTjA3TWtCbmVLT0Zxa1BNOURqRVYwNTdUeWRHT3FJc0FoVzN6cTRUNjBROHpRaGJSemRKQ3JMMUVxOXc4bnM1RHJiVFlQZ2RWZ0cweEpkUzR6RHFNUkJlWFNhY3EyS0ZJRmNYK1ZCL0...
345 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pBdFh3xENVlaU3ByUDVSa1pJTXpYTjA3TWtCbmVLT0Zxa1BNOURqRVYwNTdUeWRHT3FJc0FoVzN6cTRUNjBROHpRaGJSemRKQ3JMMUVxOXc4bnM1RHJiVFlQZ2RWZ0cweEpkUzR6RHFNUkJlWFNhY3EyS0ZJRmNYK1ZCL0g1MnU1MlJqeS9KVU5SWjdxb0VSdHgrSytwVUFyRS80dEk5elFZcDhETVRjbFpEeXFmVEJMMk5nZTh6Tkd3bThxeW5MMkhZMTl4czdTOEQ3ZHB1QmNiTVhQOG9LaGtDVzMrTFFVUGZBNE0vci9kdzFweTVnPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ab33563b91fda42bce39480d64f0b71fa546878cd2dd6a64ec154ff4ab780562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2674
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:13 GMT
location
https://mug.criteo.com/sid?cpp=pBdFh3xENVlaU3ByUDVSa1pJTXpYTjA3TWtCbmVLT0Zxa1BNOURqRVYwNTdUeWRHT3FJc0FoVzN6cTRUNjBROHpRaGJSemRKQ3JMMUVxOXc4bnM1RHJiVFlQZ2RWZ0cweEpkUzR6RHFNUkJlWFNhY3EyS0ZJRmNYK1ZCL0g1MnU1MlJqeS9KVU5SWjdxb0VSdHgrSytwVUFyRS80dEk5elFZcDhETVRjbFpEeXFmVEJMMk5nZTh6Tkd3bThxeW5MMkhZMTl4czdTOEQ3ZHB1QmNiTVhQOG9LaGtDVzMrTFFVUGZBNE0vci9kdzFweTVnPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2856
content-length
482
expires
0
cdb
bidder.criteo.com/ Frame EFFF 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=85834264917
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame EFFF 		138 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d626e15a713885008c3a94f619790fb5cc8b06a783282075734f7d7ff042bd14
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:14 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cf7ed2f3-e92b-4976-99bd-6da7f8d688b7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EFFF 		0
0
/
track.adform.net/adfserve/ Frame 2984 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=37104562;rtbwp=0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0;rtbdata=fGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1;oobclicktrack=%24%257BCLICK_URL_ENC%257D;js=1;adfxid=1x;6241;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fouo.press%2F1NWAMz
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
848c6865ce57d1290c1d98687482afe0eacdd4d51004b8d69637801c5224df03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2508
expires
-1
js
www.googletagmanager.com/gtag/ Frame EFFF 		172 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3fa949faa5d2b3b0af4ef67353aaf16387aa451dc13785b252a9dee521bd5d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64644
x-xss-protection
0
expires
Thu, 24 Mar 2022 11:45:14 GMT
analytics.js
www.google-analytics.com/ Frame EFFF 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6028
date
Thu, 24 Mar 2022 10:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 24 Mar 2022 12:04:46 GMT
r62eglto.js
ad4m.at/ Frame 2984 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=i40RNw==, md5=nlnmslSy2ZaL7/XdQ+Tixw==
date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72961
x-guploader-uploadid
ADPycduPpGbywM8crEVhV0S3UwNp88qS57Xy9B1TDxXsH0BxIJc7QH927tRc6_moDQdGoDOjSD7MAO4D1y1Ek7iWPIU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Mar 2022 15:28:50 GMT
server
cloudflare
etag
W/"9e59e6b254b2d9968beff5dd43e4e2c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daBATGwhXJkb8dD5E9O%2FVUX3PcJ2b%2Fv4lJBPD78ApRmUTyTdNgNI5dhnm%2B6H2bEYll5FC0E33UMdoyw%2BLfw%2B1ePFb%2BXYx2dB%2Fh%2FRvgpitDR5wyZGfb6YHjbXyITJdW%2FbqKtaoKo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647358130172556
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11881
cf-ray
6f0f28d3582d83a9-MXP
expires
Wed, 23 Mar 2022 15:29:13 GMT
/
track.adform.net/csimpr/ Frame 2984 		35 B
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=37104562&csi=i5y4G7ymxc8pMJ-6m0bXTYybLBVVQqLBi3mLmmJrvwkJDwKV3Zer3D7X4Ov21FoFFvu1YOVeCjkwdd0rulUU32QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
collect
analytics.google.com/g/ Frame EFFF 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe3e0&_p=1659948825&sr=1600x1200&_gaz=1&ul=en-us&cid=1933543945.1648122314&_s=1&dl=https%3A%2F%2Fouo.press%2F1NWAMz&dt=&sid=1648122314&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame EFFF 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0DTZ6LRDBJ&cid=1933543945.1648122314&gtm=2oe3e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame EFFF 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0DTZ6LRDBJ&cid=1933543945.1648122314&gtm=2oe3e0&aip=1&z=847134791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 2984 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d80c5e589d01a4960b7737680fe9bd09293cab9db77fcfb7de2d64a1f0361037

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 25 Mar 2022 15:04:24 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pBdFh3xENVlaU3ByUDVSa1pJTXpYTjA3TWtCbmVLT0Zxa1BNOURqRVYwNTdUeWRHT3FJc0FoVzN6cTRUNjBROHpRaGJSemRKQ3JMMUVxOXc4bnM1RHJiVFlQZ2RWZ0cweEpkUzR6RHFNUkJlWFNhY3EyS0ZJRmNYK1ZCL0g1MnU1MlJqeS9KVU5SWjdxb0VSdHgrSytwVUFyRS80dEk5elFZcDhETVRjbFpEeXFmVEJMMk5nZTh6Tkd3bThxeW5MMkhZMTl4czdTOEQ3ZHB1QmNiTVhQOG9LaGtDVzMrTFFVUGZBNE0vci9kdzFweTVnPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1165
date
Thu, 24 Mar 2022 11:45:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
collect
www.google-analytics.com/j/ Frame EFFF 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1659948825&t=pageview&_s=1&dl=https%3A%2F%2Fouo.press%2F1NWAMz&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=YADAAEABAAAAAC~&jid=1551953430&gjid=705484072&cid=1933543945.1648122314&tid=UA-177299981-5&_gid=1764175044.1648122315&_r=1&gtm=2wg3e0NPLC9ST&z=1312373833
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
e1.emxdgt.com/sync/ Frame 2984 		0
22 B 		Script
General
Check archive.org
Download Go to
Full URL
https://e1.emxdgt.com/sync/
Requested by
Host: imp-euro.emxdgt.com.
URL: https://imp-euro.emxdgt.com./imp/?cp=0.05180&ts=1648122314&adom=ad4m.at&seat=70&w=728&h=90&pb=0.04144&sid=9316&tid=122081&pid=1312&uid=13121648122313796363f1&wid=21&dom=ouo.press&tp=0.05180&mt=1&dt=2&st=1&os=&ip=217.64.151.9&sz=&country=SE&region=AB&city=Stockholm&zip=&dma=&agency_id=0&cluster=hb&browser=chrome&rf=ouo.press&data_fee_type=&data_fee=0&cat=3&crid=70_37104562&burl=https://ghent-aws-fr.bidswitch.net/win_notice/emxdigital_bid?rid=JIBHZ-4zJH3AntTTAGgvoIs3e1-GRjS8pwwckiH8XOUkQjYSSnWRC-0Nf8glB1WcVis3qXROdOhOw8cJtfjIb4IphsI_Yhg2zmYBokO0lfdBIAaT2j1y5eDaI1cpjup1QWEKIb6y1lz74LCdwUKKIPZ2aW2NidMvALw292y9AUNiLVtqHjyXr08Sy3cb5zxWchlN6t8S4oie1Nsnbi_G7Vo3lE0ThCWAFn4tD_jTqjmU98UMEksyWx4C0qIDYl_lgZVyyxBL-AZCGTsgk7sVBXXVgPD6Mqx9cluDFPKmAsh1NuU9EJtO0xG3D7156C1oG8-B64cQPikH512sH-ZsYDYRubzQMi0LW_rFDv9oPuS-xZty2mM8Vfc9HOfa98BiBAKRePBVyN3c_pwFt4xDJg_9m-Q_a9JxITYEgm3m_2FMvqS5lMc2EKLNSLwbZA1-5wTr9kCzIMTZBD6Jog_Bp7m12b6SGWkYMZfYtf-CiiZEF49t_KF2zIpHi1sno88JfW0qQ97dleScEX_dHVXE75EODMqWdrls1AdPwEk-s4iQhq3TJ1WT69Sc0Ze-o-iQNKEBWrGomKsUtTeMYPaJyxwJpAO_awvBYn6D4e59lO3e2pu8Ukwg8hVkWaz3TVHt73clJOP3mtfZMLz9QoofJdgkp4KKsidbXpYrHk1MSm0FuPTvAFurRNuvjL9U6pbZB4JtdBQRsuj7tZWjPlskdChoglZIShxG-jVWdF8BSYA4zJUV_aSvf6V-TxCzwfFJRx1-j_bhXvMIppL96epaf4PFut5YPBxXKsZg5Nxc&p=${EMX_BURL}&aid=&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzREpJQkhaLTR6SkgzQW50VFRBR2d2b0lzM2UxLUdSalM4cHd3Y2tpSDhYT1VrUWpZU1NuV1JDLTBOZjhnbEIxV2NWaXMzcVhST2RPaE93OGNKdGZqSWI0SXBoc0lfWWhnMnptWUJva08wbGZkQklBYVQyajF5NWVEYUkxY3BqdXAxUVdFS0liNnkxbHo3NExDZHdVS0tJUFoyYVcyTmlkTXZBTHcyOTJ5OUFVTmlMVnRxSGp5WHIwOFN5M2NiNXp4V2NobE42dDhTNG9pZTFOc25iaV9HN1ZvM2xFMFRoQ1dBRm40dERfalRxam1VOThVTUVrc3lXeDRDMHFJRFlsX2xnWlZ5eXhCTC1BWkNHVHNnazdzVkJYWFZnUEQ2TXF4OWNsdURGUEttQXNoMU51VTlFSnRPMHhHM0Q3MTU2QzFvRzgtQjY0Y1FQaWtINTEyc0gtWnNZRFlSdWJ6UU1pMExXX3JGRHY5b1B1Uy14WnR5Mm1NOFZmYzlIT2ZhOThCaUJBS1JlUEJWeU4zY19wd0Z0NHhESmdfOW0tUV9hOUp4SVRZRWdtM21fMkZNdnFTNWxNYzJFS0xOU0x3YlpBMS01d1RyOWtDeklNVFpCRDZKb2dfQnA3bTEyYjZTR1drWU1aZll0Zi1DaWlaRUY0OXRfS0YyeklwSGkxc25vODhKZlcwcVE5N2RsZVNjRVhfZEhWWEU3NUVPRE1xV2RybHMxQWRQd0VrLXM0aVFocTNUSjFXVDY5U2MwWmUtby1pUU5LRUJXckdvbUtzVXRUZU1ZUGFKeXh3SnBBT19hd3ZCWW42RDRlNTlsTzNlMnB1OFVrd2c4aFZrV2F6M1RWSHQ3M2NsSk9QM210ZlpNTHo5UW9vZkpkZ2twNEtLc2lkYlhwWXJIazFNU20wRnVQVHZBRnVyUk51dmpMOVU2cGJaQjRKdGRCUVJzdWo3dFpXalBsc2tkQ2hvZ2xaSVNoeEctalZXZEY4QlNZQTR6SlVWX2FTdmY2Vi1UeEN6d2ZGSlJ4MS1qX2JoWHZNSXBwTDk2ZXBhZjRQRnV0NVlQQnhYS3NaZzVOeGMlMjZwJTNEJTI0JTdCRU1YX0JVUkwlN0QlMjZhaWQlM0Q=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:14 GMT
content-length
0
content-type
text/html
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1648122314873&de=343798015499&m=0&ar=359f21c1e97-clean&iw=33c6e96&q=2&cb=0&ym=0&cu=1648122314873&ll=2&lm=0&ln=1&em=0&en=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F1NWAMz&id=1&ii=4&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&gw=emxsspdisplay905071498485&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A600%3A903%3A1556%3A875&fs=197273&na=1956675831&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 24 Mar 2022 11:45:14 GMT
frame.html
ad4m.at/ Frame EB95 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires
Thu, 24 Mar 2022 12:45:15 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
1589927
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCcxf3q%2FuLqHgsBnvnJ71YTM%2BBL1KpPjeM8WPs3Y3OEmzm1dth2%2FOBB1rw%2B7K6%2FdIbClSJHxSUwAeiyIBqNjBd%2FASlM5EfzTuMqeSngt3P%2BGW6LcwFhry5iSlAwv3lROguvRMyQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6f0f28d4a9e05a43-MXP
content-encoding
br
rs
ad4m.at/ Frame 2984 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82769cac35a0d08631eb1b2d7ba2a8b98657f52dffd7b56a4f97cd099b45815b

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6f0f28d5c92e5a31-MXP
date
Thu, 24 Mar 2022 11:45:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9gThYibCOy23wuIMWu5HGl%2BFvS%2BQxO4plZedIsM3D%2BhXwa04xc3hEUDb5Q3UTw1nUbSejhfDWvrrCZ5zrWCgRZj6ddtUCR5nbe3Y958s0wqpkEHdm8IiQw%2FWPuQ%2B389wk4UpnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ouo.press
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-xx29
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ouo.press
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-xx29
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sT8BReyOUKkqYUPLIHy60OR5lko0g5RjhAXEcJBK1DntPYbladdIPIKuFMq6%2Bw8ucpKu0KGLLVgPD8RGont3oB7yQ2UffEG32kOGmyNfrx%2FzwG5ntROELe4otls%2FdVsJUx84Qk0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6f0f28d53f615a31-MXP
rar
as.ad4m.at/ad/ Frame 8EA6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcee9ee868f50e7cece5aaebce8a2c8c5397148ad82e68904c486a7b369558d0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
content-type
text/html; charset=utf-8
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
x-download-options
noopen
strict-transport-security
max-age=86400; includeSubDomains; preload
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
cross-origin-embedder-policy
unsafe-none
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
cross-origin-opener-policy
unsafe-none
surrogate-control
no-store
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vary
accept-encoding
cross-origin-resource-policy
cross-origin
pragma
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6f0f28d6480083a9-MXP
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 8EA6 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
69605
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Wed, 23 Mar 2022 16:25:10 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6f0f28d6bfe05a43-MXP
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 8EA6 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 24 Mar 2022 11:45:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60015
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdvL7Hfa3W6ohI6HcCSz6g5ar-iOOKqYjfjU7WEX9AP8uiYy2Epsc2PbKdOaGotxRywW2Plgy2eXbZpKVFdhdQI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imlimxfnhwJ%2BVjAagsEnopbFoEzfli%2FyTVEFwLdOtr944cC%2BTNzEQUQQ1E3rHBAb2CvwwW4X%2BgKYivnsKV6R71le247Nv26yb9Lybr%2F4gLoxqA2qOVx%2BT7cmZMsJQG1DcfdmBeqhHy%2BfX0T6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 25 Mar 2022 11:45:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6f0f28d6d96083a9-MXP
cf-bgj
imgq:85,h2pri
1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
assets.ad4m.at/product_image/ Frame 8EA6 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=dV1e1g==, md5=OdUvFkjawxXrzJxPpO1XKA==
date
Thu, 24 Mar 2022 11:45:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61964
cf-polished
qual=85, origFmt=jpeg, origSize=60655
x-guploader-uploadid
ADPycdsCSwHFVqRwO9chPBXTd1HqK8tBueF2jQ9iQb7IkcmycGPUwyIVzYLSfmyiCyex3tVL0mbnLFVrx8rna4GzQJ4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21982
last-modified
Fri, 11 Dec 2020 13:58:13 GMT
server
cloudflare
etag
"39d52f1648dac315ebcc9c4fa4ed5728"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5Qr9Yh4Dpv1ACMMW69QlvKz7PRoc3wrkWFIvpbmJJzR0JmvFDZSWhEWHNtgk1hV4dYB5bserstq4Uj2g6erWpXXH7bC5%2F6QHcmFH9QvKOBZEVYyCvcvzQ7nlTa%2BAbc00udW%2BwWCkvrElyMa"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1607695093714344
content-type
image/webp
expires
Fri, 25 Mar 2022 11:45:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
60655
accept-ranges
bytes
cf-ray
6f0f28d6d96483a9-MXP
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 8EA6
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&gdpr_con...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022032412451566135638639X117679V1226132702MSoneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIh...
49 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022032412451566135638639X117679V1226132702MSoneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&spid=2022032412451566135638639X117679V1226132702MSoneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&wfid=117679
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:45:15 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022032412451566135638639X117679V1226132702MSoneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&spid=2022032412451566135638639X117679V1226132702MSoneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&wfid=117679
date
Thu, 24 Mar 2022 11:45:15 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 8EA6 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Thu, 24 Mar 2022 11:45:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61356
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ADPycdtZAOTTKUc3IdQNGhwdmuAuRKsOAdZR__gZmP7H1qK8OpCVWeWwcWSCSsqF5FIdfgYbsgo9rkkNvAl4OXtvwcs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EWPgj%2FvpPNWPAtxQzmmV92uLQpT%2BRuiLIzSLLHyeLnw6gsplhBptZGogMpcGP0k6jWh%2BMZwhxOGZeM0C7qNuhoAZg1Y2ltVQGcxnH%2Ftmhm31%2FgEpIQF4JHVOSdhuOeOz%2Fb7KamQKm5I4qk%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Fri, 25 Mar 2022 11:45:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
6f0f28d6d96983a9-MXP
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 8EA6 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Thu, 24 Mar 2022 11:45:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54264
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ADPycdvII_FFk3_8iRJg9xbcU194m8uMdp94nzaKdHeUgJz6CoHSe1IrkM8qx98osxHDsWpGsWkRTJKYpuOpp6i5vcU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FsF%2F%2FkIlJdWuNb7O2HweGerFTS89rXu5ctAgFpyRB7BYBklS%2Fh3uNK0Uy2YNKY%2FjzWyjOiIHiTd7dBjCD%2Fps0%2B0cKkNt6mwFIndTOAk23eLWVE6BPgEGSLEmI%2Fmy5a9jU76vtYVm8tWNtjj"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Fri, 25 Mar 2022 11:45:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
6f0f28d6d96c83a9-MXP
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 8EA6 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:15 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
assets.ad4m.at/logo/ Frame 8EA6 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/28955936A185107CE60DF2585A63B3B86CCC4B7A6593F99CF47D770EC5D0A33C82C6A9B67E144703653DB452E4551C62791722409DB6346D6D48A000139D8F04
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=DuGJng==, md5=RwAuGSlkHvNUgba84nxt2g==
date
Thu, 24 Mar 2022 11:45:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54820
cf-polished
qual=85, origFmt=jpeg, origSize=27926
x-guploader-uploadid
ADPycduXfa-YQglAANXvwGF80u0XdzzBQDN7qTsDpWT7-PMA8iP0ph9GXpBMf6fU8CL0KV7VNxLDYIrh9cNwTCWXN0o
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9624
last-modified
Fri, 04 Dec 2020 11:16:28 GMT
server
cloudflare
etag
"47002e1929641ef35481b6bce27c6dda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZrV7VSs8hG3ihyyCMnQCR0WROK3RCiQozClh0KYmabELCFgifiSZIpTF4Io3I7MPdiFM7j%2BZxxQCENnmzbYf50ktGixsRkaEtpU%2BgX0YM87JWPqA0gYgpcHf58TJzbO4WqN8mBJfv0SGI7i"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1607080588818548
content-type
image/webp
expires
Fri, 25 Mar 2022 11:45:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
27926
accept-ranges
bytes
cf-ray
6f0f28d6d96f83a9-MXP
cf-bgj
imgq:85,h2pri
FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
assets.ad4m.at/product_image/ Frame 8EA6 		283 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FECCE304185C1438795F6CFAE6B9B1E43CAE4BEF881C07F340D064682278609596ABCD52DD6AC9BB2F361B9C4B020BB847724EC6671823EA7A116895AD4BEA2E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash
crc32c=ilt+Ow==, md5=8j+5NXW+OS1SycKXxzIzaA==
date
Thu, 24 Mar 2022 11:45:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54977
cf-polished
origFmt=png, origSize=446787
x-guploader-uploadid
ADPycdslTUIx16_k4p4Wytou8ZcmawCoc6dgYMpF8zyC8h4wwrT437VE5ctyeKyIPA8a9Mkw820y809lToApmla0dJM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
289896
last-modified
Fri, 04 Dec 2020 12:36:47 GMT
server
cloudflare
etag
"f23fb93575be392d52c9c297c7323368"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttHbNxXKVSTJK%2BPop3mQjnbDv7yAN%2B1rCG6wsORwOPA%2FvvguP%2B3dHfBPiNn9vdPqfIAlowo%2FMU1w%2FMap09K8lKRB5xpKPzH5PHxp9kRaOFCQpLO7B7D1B4419ZGG9sD%2FByqFxXClcnfwHWKh"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1607085407473969
content-type
image/webp
expires
Fri, 25 Mar 2022 11:45:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
446787
accept-ranges
bytes
cf-ray
6f0f28d6d97183a9-MXP
cf-bgj
imgq:85,h2pri
passback.js
cdn.adtrue.com/rtb/ Frame 9470 		753 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: ouo.press
URL: https://ouo.press/1NWAMz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18807086
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaUEuwJ8XGqkwLx9I51GfAmMoytAmjrrtdl3usUHaT5mn7FVyLYbT8hvcdRBquCqynbOr3nlLZx01og7noJF%2FWazQaucloej9RiRLiG4HHIGmynMHmPIsZXafOviJ7SIfcylzMBEJ9fOS7voLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f0f28d6eefc375d-MXP
expires
Sat, 13 Aug 2022 19:33:49 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame EFFF 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Mar 2022 11:45:15 GMT
link.html
track.webgains.com/ Frame 8EA6 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3354045&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ken41pmjd39y3pa75nkc1qf5ra91zq7rj8zk691wnbbfkre8xv3v8z9bk4hnyfzx8ar6z59t48t7651cj4xsbhk1dzz7axkrp47t37jhhfpy9bje0ye5xr1hzc8cbpks0nrk049wy41t7mmwa0p5mhrb0fs2t3khme8yf8fywxe151kbm45772hk31waq4pj6pa8vgsnmvb5weyt6yvwp3sswyv2dbvhtqact8ngpw485rne75njftet52zzkpxhx4hyhcvx4bbdxw7bk5eeznchtzc8qkrc6zyzam4s2k4ffrye7zb3ag%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104562%253Bcrtbwp%253D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%253Bcrtbdata%253DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%253Badfibeg%253D0%253Bcdata%253DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fouo.press%25252f1NWAMz%253BC%253D1%253Bcpdir%253D&clickref=oneid9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Udoneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJoneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
a11fc70b70678c4971f72bc1c990d022e8b437c769cb467730f87c12a4879d99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:15 GMT
Last-Modified
Thu, 24 Mar 2022 11:45:15 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1475
Expires
Mon, 26 Jul 1997 05:00:00 GMT
passback
exchange.adtrue.com/tag/ Frame 9470 		296 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1203159792&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.169.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-169-222.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
server
nginx
content-length
296
content-type
application/javascript
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fas.ad4m.at%2Fad%2Frar%3Fa%3D19458%252C823%252C61651%26b%3DM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%252CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%252CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ%26f%3D6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%252CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%252C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud%26c%3D728%26d%3D90%26e%3DCMRWocIhJZkyVm-KnuwMbD69vEFkponm%26g%3Dfa46719c49bd58c70b4839b856729151%252F11990888666141970374%26i%3D20774%252C9719%252C24905%26j%3D14%252C16%252C21%26k%3D0%26l%3D0%26m%3D0%26n%3D%26p%3D%26q%3D%26o%3Dadf_Netmix_Reach09_Mweb_KreiselDeal%26r%3D1648122315201%26h%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104562%253Bcrtbwp%253D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%253Bcrtbdata%253DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%253Badfibeg%253D0%253Bcdata%253DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fouo.press%25252f1NWAMz%253BC%253D1%253Bcpdir%253D%26y%3D1%26z%3D0&i=EMX_SSP_DISPLAY1&ol=3876742770&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVruwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-H141M1%2F1Kg7M0g%3D%3D&sc=1&os=1-oA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F1NWAMz&id=1&ii=4&f=0&j=&t=1648122314873&de=343798015499&cu=1648122314873&m=582&ar=359f21c1e97-clean&iw=33c6e96&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1793&le=1&gm=1&io=1&fx=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A600%3A903%3A1556%3A875&as=0&ag=84&an=0&gf=84&gg=0&ix=84&ic=84&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=84&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=168&cd=0&ah=168&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=955966060&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 24 Mar 2022 11:45:15 GMT
syncframe
gum.criteo.com/ Frame E51F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2057
date
Thu, 24 Mar 2022 11:45:14 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame EFFF 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Mar 2022 11:45:15 GMT
sid
mug.criteo.com/ Frame E51F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=lB5efl9iT2RiNXRKN1RuZkg3Q0VWZktoZmJOWnRvY0locXBkNWpCNzEzekxCSkpvWkh3VEJVSjlBMXdp...
  • https://mug.criteo.com/sid?cpp=RU8r5XwyS1lEN2RuYUZ3Q2F2Mjcvd1hLMFBLZjVYQlRBczYrOE9SOElFN3RqOTgwTnFVRHpsTW44S25Hbll6eUpKZG94OWxVcE92VXN0QzQ0ZzJrOUpXSk1iR1BuZVB4RityKzFNUjhyMjE1aHRPZlhLMTFZNlUyMXRDT3...
425 B
626 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RU8r5XwyS1lEN2RuYUZ3Q2F2Mjcvd1hLMFBLZjVYQlRBczYrOE9SOElFN3RqOTgwTnFVRHpsTW44S25Hbll6eUpKZG94OWxVcE92VXN0QzQ0ZzJrOUpXSk1iR1BuZVB4RityKzFNUjhyMjE1aHRPZlhLMTFZNlUyMXRDT3dZcWI3RmF0L0RSb2lCdXhISGtoY3ZIcTJ6OUpzSER5eUZoTU5CbjBqMDluWWp4dFlRQUlvSmRrUjhpNmZMTldhdEttRlRqWTFtdEpQVG53aEtzeUwvUzZOL0pESDl4Q1NUbXlhdkFScWVRSm05TkdlQkNVUlRIY2xTZ29uQ0V5WlBaV3dtTE9vMGpiUFgwOEdVaTl6U2M4ZzlIVloyM1pySWJvUFhRNjR2MWRlNWFURDZMZz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
14b83e69306c9e3378f23a07af42c42b25190da033de2e104d4cdd1c55a78369
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:15 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4681
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:15 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=RU8r5XwyS1lEN2RuYUZ3Q2F2Mjcvd1hLMFBLZjVYQlRBczYrOE9SOElFN3RqOTgwTnFVRHpsTW44S25Hbll6eUpKZG94OWxVcE92VXN0QzQ0ZzJrOUpXSk1iR1BuZVB4RityKzFNUjhyMjE1aHRPZlhLMTFZNlUyMXRDT3dZcWI3RmF0L0RSb2lCdXhISGtoY3ZIcTJ6OUpzSER5eUZoTU5CbjBqMDluWWp4dFlRQUlvSmRrUjhpNmZMTldhdEttRlRqWTFtdEpQVG53aEtzeUwvUzZOL0pESDl4Q1NUbXlhdkFScWVRSm05TkdlQkNVUlRIY2xTZ29uQ0V5WlBaV3dtTE9vMGpiUFgwOEdVaTl6U2M4ZzlIVloyM1pySWJvUFhRNjR2MWRlNWFURDZMZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2047
content-length
567
expires
0
adtrue.ouo.press.991771.js
jsc.adskeeper.com/a/d/ Frame 9470 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=1203159792&ref=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024a10192fb40763344a77507780eb72f07073757d1c31c4d618836af7b55081

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
content-encoding
gzip
cf-cache-status
HIT
age
520
cf-ray
6f0f28d92a659128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
745
x-amz-id-2
voBlPd+FyiG8T6kygho9CVhn5vn9+X/pxjWs6bLPV82phhuSRlRG/f/p0HjKmgqPOlElz0aCstk=
last-modified
Fri, 11 Mar 2022 14:35:13 GMT
server
cloudflare
etag
"d2f0097e0b106febc2c8317e8371b90c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
34YWB78PA0RVST9X
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 24 Mar 2022 15:45:15 GMT
pvClk.min.js
analytics.webgains.io/ Frame 8EA6 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3354045&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ken41pmjd39y3pa75nkc1qf5ra91zq7rj8zk691wnbbfkre8xv3v8z9bk4hnyfzx8ar6z59t48t7651cj4xsbhk1dzz7axkrp47t37jhhfpy9bje0ye5xr1hzc8cbpks0nrk049wy41t7mmwa0p5mhrb0fs2t3khme8yf8fywxe151kbm45772hk31waq4pj6pa8vgsnmvb5weyt6yvwp3sswyv2dbvhtqact8ngpw485rne75njftet52zzkpxhx4hyhcvx4bbdxw7bk5eeznchtzc8qkrc6zyzam4s2k4ffrye7zb3ag%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104562%253Bcrtbwp%253D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%253Bcrtbdata%253DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%253Badfibeg%253D0%253Bcdata%253DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fouo.press%25252f1NWAMz%253BC%253D1%253Bcpdir%253D&clickref=oneid9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Udoneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJoneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-126.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 11:22:01 GMT
server
AmazonS3
age
772
etag
"101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 24 Mar 2022 11:32:24 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
52083
x-amz-cf-id
AcWlnAgt2FEJQ2t1Rajen5Lgyk9d9FUMJzX8CUWaEixviQer7EDMeQ==
link.html
track.webgains.com/ Frame 8EA6 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidmQqEfefGfxbe5CECZHZtztEg6UKSJtX5EtAoneid__asuid56z2H834ygExJBOiqQBxiwqS7yU60UTKasuid__adalliance_mobile_advancedad_300x250&wglinkid=3354045
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C823%2C61651&b=M4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3%2CA7WsYfqf1jTAHRH4tktY9XuRS4T8Qu9%2CZ6mHwfBfJQA5amHDHDt3t6YkT6SXTMqSJ&f=6e6cef3fDZbTeHmHYtECWW8aYS1T4JT7%2CM4jCzfrfz6UWHEHGtQCQJgSBS4T9ks3%2C9KXUMfmf1bKASKHBH2tzCVpGF9SmTr2Ud&c=728&d=90&e=CMRWocIhJZkyVm-KnuwMbD69vEFkponm&g=fa46719c49bd58c70b4839b856729151%2F11990888666141970374&i=20774%2C9719%2C24905&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1648122315201&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.055561-TKHz0-7hZBf-dVQMk3_g90hvvM0lGhIu0%3Bcrtbdata%3DfGK6JC8ipFVNNoU_S6LdyLH9a2KMsY8XvV5DyB6viCEsDCwpbpuI6M95ggvqxQDddfbojnNZZ6Fd9ss_d1vZf7nDnMR1KCg46obM3L6yfY7_Cc-oBcx91KlFKlVRN0rsuTqCX4BP8jMVAsxVvZrpaJJmr5EhvEEgKl-w2PoZl4GFLkQEhGcNZxjPIArMzBlQaHTsXNgn3UM1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dIBPa44pR0fzK0q822OZ2T7w3wj8D8SiaZxqbaS_ZE8NMKRRaJqFbbLb0q9QxUuhcyTPNsKkTEk9PFwKoweVoVfdzJlMbr9AHC7by61Ail0EeeDeVBo7flNcbGxxgVoLNcwXA0RiCsbwpnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252fouo.press%252f1NWAMz%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:15 GMT
Last-Modified
Thu, 24 Mar 2022 11:45:15 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adtrue.ouo.press.991771.es6.js
jsc.adskeeper.com/a/d/ Frame 9470 		230 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c18befd6a4372ee6d2507acd3c377f913bb1d56155950440190b27c0dd0ded1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
content-encoding
gzip
cf-cache-status
HIT
age
235
cf-ray
6f0f28d96eeb9113-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70866
x-amz-id-2
ZWliNEuXY1IiwQriB8/SZO9yMGNEFPkwx9V1g2an5uhl3P6hIwsbgIXzZcRoNNGkPvAI2i1l1OQ=
last-modified
Fri, 11 Mar 2022 14:35:13 GMT
server
cloudflare
etag
"d08cf72bec622f36f90f6ffc26a77fed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
WMA1YG3AFYK9PSRM
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 24 Mar 2022 15:45:15 GMT
publishertag.prebid.113.js
static.criteo.net/js/ld/ Frame 0972 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:15 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 25 Mar 2022 11:45:15 GMT
syncframe
gum.criteo.com/ Frame 9E55 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3977
date
Thu, 24 Mar 2022 11:45:15 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
sid
mug.criteo.com/ Frame 9E55
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=lB5efl9iT2RiNXRKN1RuZkg3Q0VWZktoZmJOWnRvY0locXBkNWpCNzEzekxCSkpvWkh3VEJVSjlBMXdp...
  • https://mug.criteo.com/sid?cpp=iZJmcXxxaE9qSnZaaGl2SS9yL1dZeGY3c2p4NDQ4NmlsNXdteGRUYkY0a3AvTWZlSnI5bGZRV1RJSyt3NkdkeHNLN2gwZE5vTU9pUkNyNzhKbzNKbEk0Zmp1R2lsTjZHNlVxR1RrNEM5QVpzY3dlNm9MNjZwdFhXbVdJWG...
423 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iZJmcXxxaE9qSnZaaGl2SS9yL1dZeGY3c2p4NDQ4NmlsNXdteGRUYkY0a3AvTWZlSnI5bGZRV1RJSyt3NkdkeHNLN2gwZE5vTU9pUkNyNzhKbzNKbEk0Zmp1R2lsTjZHNlVxR1RrNEM5QVpzY3dlNm9MNjZwdFhXbVdJWGVFYWQrMHhnK0JaOW5PL2pJVTlRaFhPTHZLQSszZ1doOUpQT3h1VXRHOTlRNGt2MHRocXZRa1g4NlpyNVJrUXdTenVQOW80RjZRSDFjQk81YXg5MDNFZTY1K0M2VHFFRWhORWJGdVpIdnpkNnlsaUpPRzN1bDQrSWdwSjJ3cFJJWk0yREJlaVRmOGtoL2todGFDOWp6QU02NlU1RGg5TjZLemRQMlBwNFlvRVB5enVHWkRmND18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6214cfff67eac2f72780fe9b5a5a18118ac44677c15916131a972a307ef065cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:15 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3743
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:15 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=iZJmcXxxaE9qSnZaaGl2SS9yL1dZeGY3c2p4NDQ4NmlsNXdteGRUYkY0a3AvTWZlSnI5bGZRV1RJSyt3NkdkeHNLN2gwZE5vTU9pUkNyNzhKbzNKbEk0Zmp1R2lsTjZHNlVxR1RrNEM5QVpzY3dlNm9MNjZwdFhXbVdJWGVFYWQrMHhnK0JaOW5PL2pJVTlRaFhPTHZLQSszZ1doOUpQT3h1VXRHOTlRNGt2MHRocXZRa1g4NlpyNVJrUXdTenVQOW80RjZRSDFjQk81YXg5MDNFZTY1K0M2VHFFRWhORWJGdVpIdnpkNnlsaUpPRzN1bDQrSWdwSjJ3cFJJWk0yREJlaVRmOGtoL2todGFDOWp6QU02NlU1RGg5TjZLemRQMlBwNFlvRVB5enVHWkRmND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1717
content-length
567
expires
0
/
imp.emxdgt.com/view/ Frame 2984 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imp.emxdgt.com/view/?cp=0.05180&ts=1648122314&adom=ad4m.at&seat=70&w=728&h=90&pb=0.04144&sid=9316&tid=122081&pid=1312&uid=13121648122313796363f1&wid=21&dom=ouo.press&tp=0.05180&mt=1&dt=2&st=1&os=&ip=217.64.151.9&sz=&country=SE&region=AB&city=Stockholm&zip=&dma=&agency_id=0&cluster=hb&browser=chrome&rf=ouo.press&data_fee_type=&data_fee=0&cat=3&crid=70_37104562&burl=https://ghent-aws-fr.bidswitch.net/win_notice/emxdigital_bid?rid=JIBHZ-4zJH3AntTTAGgvoIs3e1-GRjS8pwwckiH8XOUkQjYSSnWRC-0Nf8glB1WcVis3qXROdOhOw8cJtfjIb4IphsI_Yhg2zmYBokO0lfdBIAaT2j1y5eDaI1cpjup1QWEKIb6y1lz74LCdwUKKIPZ2aW2NidMvALw292y9AUNiLVtqHjyXr08Sy3cb5zxWchlN6t8S4oie1Nsnbi_G7Vo3lE0ThCWAFn4tD_jTqjmU98UMEksyWx4C0qIDYl_lgZVyyxBL-AZCGTsgk7sVBXXVgPD6Mqx9cluDFPKmAsh1NuU9EJtO0xG3D7156C1oG8-B64cQPikH512sH-ZsYDYRubzQMi0LW_rFDv9oPuS-xZty2mM8Vfc9HOfa98BiBAKRePBVyN3c_pwFt4xDJg_9m-Q_a9JxITYEgm3m_2FMvqS5lMc2EKLNSLwbZA1-5wTr9kCzIMTZBD6Jog_Bp7m12b6SGWkYMZfYtf-CiiZEF49t_KF2zIpHi1sno88JfW0qQ97dleScEX_dHVXE75EODMqWdrls1AdPwEk-s4iQhq3TJ1WT69Sc0Ze-o-iQNKEBWrGomKsUtTeMYPaJyxwJpAO_awvBYn6D4e59lO3e2pu8Ukwg8hVkWaz3TVHt73clJOP3mtfZMLz9QoofJdgkp4KKsidbXpYrHk1MSm0FuPTvAFurRNuvjL9U6pbZB4JtdBQRsuj7tZWjPlskdChoglZIShxG-jVWdF8BSYA4zJUV_aSvf6V-TxCzwfFJRx1-j_bhXvMIppL96epaf4PFut5YPBxXKsZg5Nxc&p=${EMX_BURL}&aid=&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzREpJQkhaLTR6SkgzQW50VFRBR2d2b0lzM2UxLUdSalM4cHd3Y2tpSDhYT1VrUWpZU1NuV1JDLTBOZjhnbEIxV2NWaXMzcVhST2RPaE93OGNKdGZqSWI0SXBoc0lfWWhnMnptWUJva08wbGZkQklBYVQyajF5NWVEYUkxY3BqdXAxUVdFS0liNnkxbHo3NExDZHdVS0tJUFoyYVcyTmlkTXZBTHcyOTJ5OUFVTmlMVnRxSGp5WHIwOFN5M2NiNXp4V2NobE42dDhTNG9pZTFOc25iaV9HN1ZvM2xFMFRoQ1dBRm40dERfalRxam1VOThVTUVrc3lXeDRDMHFJRFlsX2xnWlZ5eXhCTC1BWkNHVHNnazdzVkJYWFZnUEQ2TXF4OWNsdURGUEttQXNoMU51VTlFSnRPMHhHM0Q3MTU2QzFvRzgtQjY0Y1FQaWtINTEyc0gtWnNZRFlSdWJ6UU1pMExXX3JGRHY5b1B1Uy14WnR5Mm1NOFZmYzlIT2ZhOThCaUJBS1JlUEJWeU4zY19wd0Z0NHhESmdfOW0tUV9hOUp4SVRZRWdtM21fMkZNdnFTNWxNYzJFS0xOU0x3YlpBMS01d1RyOWtDeklNVFpCRDZKb2dfQnA3bTEyYjZTR1drWU1aZll0Zi1DaWlaRUY0OXRfS0YyeklwSGkxc25vODhKZlcwcVE5N2RsZVNjRVhfZEhWWEU3NUVPRE1xV2RybHMxQWRQd0VrLXM0aVFocTNUSjFXVDY5U2MwWmUtby1pUU5LRUJXckdvbUtzVXRUZU1ZUGFKeXh3SnBBT19hd3ZCWW42RDRlNTlsTzNlMnB1OFVrd2c4aFZrV2F6M1RWSHQ3M2NsSk9QM210ZlpNTHo5UW9vZkpkZ2twNEtLc2lkYlhwWXJIazFNU20wRnVQVHZBRnVyUk51dmpMOVU2cGJaQjRKdGRCUVJzdWo3dFpXalBsc2tkQ2hvZ2xaSVNoeEctalZXZEY4QlNZQTR6SlVWX2FTdmY2Vi1UeEN6d2ZGSlJ4MS1qX2JoWHZNSXBwTDk2ZXBhZjRQRnV0NVlQQnhYS3NaZzVOeGMlMjZwJTNEJTI0JTdCRU1YX0JVUkwlN0QlMjZhaWQlM0Q=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.230.115.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-115-234.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:45:15 GMT
Connection
Keep-Alive
Content-Length
0
Content-Type
text/javscript
/
c.adskeeper.com/pv/ Frame 9470 		0
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1648122316338380175119&uniqId=13cd5&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fouo.press%2F1NWAMz&cxurl=https%3A%2F%2Fouo.press%2F1NWAMz&lu=https%3A%2F%2Fouo.press%2F1NWAMz&sessionId=623c59cc-0f9e0&pageView=1&pvid=17fbbbec63395cb0edf&site=624865&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6f0f28dd3a2d9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
806.json
id5-sync.com/g/v2/ Frame EFFF 		213 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p38.id5-sync.com
Software
/
Resource Hash
28d64d6fe7bbd4d532032e963308766a69e3c452ed0d3deaaa1478c5f86e3e9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ouo.press
Date
Thu, 24 Mar 2022 11:45:15 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame EFFF 		44 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Mar 2022 11:45:16 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ Frame EFFF 		63 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.13.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-13-151.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
868bbf740fc6835fba0a6f50ceaed987b2aacdb66bb7b63ae9a07a126d534834

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ouo.press
cache-control
no-cache
x-server
10.45.12.65
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame EFFF 		109 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
b7223514fb0def0832de18a30c937df227fc3dbe6a1fff5c9209b7d92039947b

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 24 Mar 2022 11:45:16 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 23 Apr 2022 11:45:16 GMT
widget-ssp-performance
c.adskeeper.com/ Frame 9470 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/widget-ssp-performance?time=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f0f28dddf2a9113-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tracking-event
api.webgains.io/ Frame 8EA6 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Mar 2022 11:45:16 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 24 Mar 2022 11:45:16 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 9470 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:16 GMT
content-encoding
br
cf-cache-status
HIT
age
7062
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
PQQY40JG1BTA00NB
x-amz-id-2
jn8iFc6HIZ78ziSodiCEP66Q9ApPuT2TQqxEag+8wBEQ/l8XxqONp5qtUsNtHzGMPfbkonGCXqs=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f0f28de199d9a2f-FRA
expires
Thu, 24 Mar 2022 15:45:16 GMT
1
servicer.adskeeper.com/991771/ Frame 9470 		1008 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/991771/1?pv=5&cbuster=1648122316517927030573&uniqId=13cd5&niet=4g&nisd=false&jsv=es6&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fouo.press%2F1NWAMz&cxurl=https%3A%2F%2Fouo.press%2F1NWAMz&lu=https%3A%2F%2Fouo.press%2F1NWAMz&sessionId=623c59cc-0f9e0&pageView=1&pvid=17fbbbec63395cb0edf&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d78d81bec3ff9dc5c78ab5c5f9b1db3986d61690f7c46ad21271760d7dcdb6de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f0f28de5c5b9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=3876742770&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVruwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-H141M1%2F1Kg7M0g%3D%3D&sc=1&os=1-oA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F1NWAMz&id=1&ii=4&f=0&j=&t=1648122314873&de=343798015499&cu=1648122314873&m=1669&ar=359f21c1e97-clean&iw=33c6e96&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1793&le=1&gm=1&io=1&fx=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A600%3A903%3A1556%3A875&as=1&ag=1178&an=84&gi=1&gf=1178&gg=84&ix=1178&ic=1178&ez=1&ck=1178&kw=1062&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1178&bx=84&ci=1178&jz=1062&dj=1&aa=1&ad=1078&cn=0&gn=1&gk=1078&gl=0&ik=1078&co=1078&cp=1062&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1062&cd=168&ah=1062&am=168&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1339350603&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 24 Mar 2022 11:45:16 GMT
widget-ssp-performance
c.adskeeper.com/ Frame 9470 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/widget-ssp-performance?time=34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f0f28de78369113-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 9470 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:16 GMT
content-encoding
br
cf-cache-status
HIT
age
3914
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DGZAVNEE5HRN1W6Y
x-amz-id-2
qdlMD0TyftLQtjLlK3CTObfZUSaHdRDM2V4qsLa2gsO0wcUO3icv0mfZUMGMa3ENQf/HcC1tmzI=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f0f28de9cdf8ff5-FRA
expires
Thu, 24 Mar 2022 15:45:16 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzlmMDk2MzA4NWRjOThmZGY2MGYyYmU1M2U5MmJkYTRlLmpwZWc.webp
s-img.adskeeper.com/g/4027710/492x277/0x42x640x426/ Frame 9470 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/4027710/492x277/0x42x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzlmMDk2MzA4NWRjOThmZGY2MGYyYmU1M2U5MmJkYTRlLmpwZWc.webp?v=1648122316--canu-MWHNKO0pykjjC8b4UgBlAnitfOBxAO-BT6nN8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f610246b1c72166031d74a057da090ee1e44789a8d82d833ddddeaf083bf600

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:16 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:21 GMT
x-mg-request-uuid
b5f231ea-a1db-4c51-8b0f-fff8f9b8cf97
age
2056464
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f0f28debbb06973-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10374
server
cloudflare
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=3876742770&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVruwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-H141M1%2F1Kg7M0g%3D%3D&sc=1&os=1-oA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F1NWAMz&id=1&ii=4&f=0&j=&t=1648122314873&de=343798015499&cu=1648122314873&m=1670&ar=359f21c1e97-clean&iw=33c6e96&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1793&le=1&gm=1&io=1&fx=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A600%3A903%3A1556%3A875&as=1&ag=1178&an=1178&gi=1&gf=1178&gg=1178&ix=1178&ic=1178&ez=1&ck=1178&kw=1062&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1178&bx=1178&ci=1178&jz=1062&dj=1&aa=1&ad=1078&cn=1078&gn=1&gk=1078&gl=1078&ik=1078&co=1078&cp=1062&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1062&cd=1062&ah=1062&am=1062&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=631609590&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 24 Mar 2022 11:45:16 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=3876742770&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CVruwVF0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-H141M1%2F1Kg7M0g%3D%3D&sc=1&os=1-oA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fouo.press%2F1NWAMz&id=1&ii=4&f=0&j=&t=1648122314873&de=343798015499&cu=1648122314873&m=1671&ar=359f21c1e97-clean&iw=33c6e96&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1793&le=1&gm=1&io=1&fx=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A600%3A903%3A1556%3A875&as=1&ag=1178&an=1178&gi=1&gf=1178&gg=1178&ix=1178&ic=1178&ez=1&ck=1178&kw=1062&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1178&bx=1178&ci=1178&jz=1062&dj=1&aa=1&ad=1078&cn=1078&gn=1&gk=1078&gl=1078&ik=1078&co=1078&cp=1062&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1062&cd=1062&ah=1062&am=1062&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1312%3A9316%3A122081%3Aundefined&bo=ouo.press&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=ouo.press&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=566034122&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 24 Mar 2022 11:45:16 GMT
i.js
cm.adskeeper.com/ Frame 9470 		0
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1648122316590786657152
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f0f28decd4f9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.adskeeper.com/ Frame C466 		0
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1648122316606796961774
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f0f28decd5e9128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
track.adform.net/serving/unload/ Frame 2984 		35 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1925522695292248615@@37104562,8509520812806634865,100|1190|0|0|0|0|0|0|0||41|0|2639|f3d1cd16-d10b-35f0-a170-c14b5129416a_1|||1|0|0|sf_Z6kZLdR648M5tcwHHbb75TS0hTF9e3Mh8srCOiSIfkp8Afhzx-RhpnBRkvb3lA7z_uuw_WOM1|||11|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ouo.press/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
async_usersync.html
acdn.adnxs.com/dmp/ Frame E7D8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 24 Mar 2022 11:45:17 GMT
Age
19558
X-Served-By
cache-lga21955-LGA, cache-hhn4021-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 417492
X-Timer
S1648122317.107091,VS0,VE0
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 83F9 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/

Response headers

Date
Thu, 24 Mar 2022 11:45:17 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
3206
Expires
Thu, 24 Mar 2022 12:45:17 GMT
Cache-Control
public, max-age=3600
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6f0f28e1cd3f9124-FRA
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 5E4F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 24 Mar 2022 11:45:17 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 5E4F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4716c7dcbd527a74fd28a8537820d006a1d3889fd2fc349936ca5268a5d54a83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 24 Mar 2022 11:45:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:27:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69901
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Fri, 25 Mar 2022 07:10:18 GMT
bounce
ib.adnxs.com/ Frame E7D8
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:17 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e5b9fa11-1429-468f-9102-5658f0c12bcf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:17 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7f9f936f-4379-442c-a946-457e13a6867e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5E4F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=J03lNPryTAaJLeC4whga5A&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=J03lNPryTAaJLeC4whga5A
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=J03lNPryTAaJLeC4whga5A
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N37F8TXV6TCH2SYMVW8J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=J03lNPryTAaJLeC4whga5A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 5E4F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L14XH08H-1H-F5N7&sigv=1&esig=2~c458bda0cd5602e2a01d4326ea39f87bc9b18a26
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L14XH08H-1H-F5N7&sigv=1&esig=2~c458bda0cd5602e2a01d4326ea39f87bc9b18a26
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:17 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L14XH08H-1H-F5N7&sigv=1&esig=2~c458bda0cd5602e2a01d4326ea39f87bc9b18a26
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 5E4F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L14XH08H-1H-F5N7
0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L14XH08H-1H-F5N7
Protocol
H2
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 11:45:17 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 0E5004A360D6420CAA4365BD0C7AC0AF Ref B: VIEEDGE2507 Ref C: 2022-03-24T11:45:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXa9WFG5jhZ0ObN0eFH+g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L14XH08H-1H-F5N7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 5E4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rubicon
match.adsrvr.org/track/cmf/ Frame 5E4F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 5E4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGzCtFetrxElCApJwQ5RXCU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGzCtFetrxElCApJwQ5RXCU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGzCtFetrxElCApJwQ5RXCU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 5E4F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QQDb9CJAR4i2jzvlqAS0dQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QQDb9CJAR4i2jzvlqAS0dQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QQDb9CJAR4i2jzvlqAS0dQ
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:17 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2B3PNBQY12Z6RZK0EPBG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QQDb9CJAR4i2jzvlqAS0dQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5E4F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcxN2Q4Mjg3MDM5OWVmZGRhMWU5MGQ2YTEwZTkwOWZiOWQzZDNkZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcxN2Q4Mjg3MDM5OWVmZGRhMWU5MGQ2YTEwZTkwOWZiOWQzZDNkZQ
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcxN2Q4Mjg3MDM5OWVmZGRhMWU5MGQ2YTEwZTkwOWZiOWQzZDNkZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
c
c.adskeeper.com/ Frame 9470 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=300|250|12|3KB5lqpjIurgOkviGAGR5z_NnsxuXOosPXdMLF0dJNdmZc0nSDFRnOTRtBv6mOtR&fw=1&extjs=66044&cid=991771&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=dfbe6101-ab67-11ec-ab0e-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=17fbbbec63395cb0edf&cbuster=1648122317709113057507&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Mar 2022 11:45:17 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
8a3c3f9f-9f51-4474-b5bd-96712f34636a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6f0f28e5bd2a9113-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
async_usersync
ib.adnxs.com/ Frame E7D8 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Mar 2022 11:45:18 GMT
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
50c866c2-9bac-4a7f-bfa3-9bee6f906c2d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame ABB0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ouo.press/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 24 Mar 2022 11:45:18 GMT
Age
19559
X-Served-By
cache-lga21955-LGA, cache-hhn4021-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 417513
X-Timer
S1648122318.342634,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 36EF 		0
0
async_usersync
ib.adnxs.com/ Frame ABB0 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/showad.js
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| oncontextlost object| oncontextrestored object| apd_options object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _0x2a00 function| _0x205b object| a function| b boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| recaptcha object| fiUtils object| adtrue_tags function| generateCb number| adtrue_time number| adtrue_cb object| adtrue_rtb object| q object| qs string| js_code string| k function| vi_setCookie2 function| vi_getCookie2 function| dyns_load object| closure_lm_491051 object| Adform object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| criteo_syncframe_state boolean| _mgPageViewEndPoint624865 string| _mgPvid boolean| _mgPageView624865 boolean| _mgPageImp624865

51 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AFskoQ3tpuiBGiEksSGENaoGDr0UdoT0gRBtHxwMPnsxkgkULLqbbdEvvsIc1nKf5H4l2361CGs51S5QU2LIFlA
ouo.io/ Name: ouoio_session
Value: eyJpdiI6Inc3elBIUzdkanUweXAzQjAydm40MXIxR3NuNkNLanNvZ2ZxWWhENVFpSGM9IiwidmFsdWUiOiJiZ0VVbE5kVGxqMDljUHM3KzBOWUIzV3RmSlRnQzFDaEF2amNVSXNvcndaMUNVYmZNTHI0VDFCdXVcLzdEelBxQUZiWHhLZ0pPREZRRSs1WVhVRkluMHc9PSIsIm1hYyI6ImY3ZGVkZmIzNTc1OTdhZDkwZTUwNTE0Y2E3NGUxZTBiZTkwYTljY2I0OTUyOTQwNWQxNDdiYzdmYTMxZDBjZDIifQ%3D%3D
ouo.io/ Name: language
Value: eyJpdiI6Im5laGlLV0J6Ynp0VGpBK0FQREJDXC9jdmpESXRlU050M0ZDejBFTUhnalwvUT0iLCJ2YWx1ZSI6InJCd0hyMkhJTFFqTUh5WGpcL1pWTm14blhuSzBMQXlqV2QrZFNcL3dBZnZRWT0iLCJtYWMiOiJhNjRjMjEzMGQzMzE4YzBiYzEwNWY5YTYwMDJlZGNjOGI5ZDI2NDU5ZGFhYTZiYzNkYjdiMzg4MDRkYzI5ODVhIn0%3D
ouo.io/ Name: 8687f4079a741d41719f92685396f6ccb742d258
Value: eyJpdiI6Ik9HR3VDXC9ZaFRBall3R2dJMXFcL1RhQlNnTTdlQnBUd1pxNEUrTXhHdkRRTT0iLCJ2YWx1ZSI6Ikc5TXUzeFY5Z3g4TVplTk05YnR6UE1sQjRUN3QzZDhZTnZlYkYzUXY0NGtHT2Z2ckdOS2RPbk9CcTZHZVNQUWphbkw1YzBmcnZlNis0eHpyRzFiSFU5dEM1OTVjb0x5YkVvMWpMSkhxYk1IREh4d3V3Y01KQ3FCN1pzdVhCWWZFbThLSEJseSs4TWh3M3c2aEdlMVRKTkQwdXoxSjZaRjB3YndORGp5TzFcL0xXeDdpd3ZodU8xYkgxSDJVamExb0hDUEFQd2NTMmJDakNUNEVQaHZ2R1Z2Vk04c29xSGtlbG5IMDVyMUNHZ3loZVN1UVwvKzJsR2ZxbXczYXRlK0IyUWxrNitGYmwxUjFHQzhiRHBXeEJsRXJ4aHhHcVZwbE4xR1VcL0N0MTk2N3k0VjhDd2RUd0UxWTRpYXkxd0tTdjFlXC9XbU54U29GTXlqTGZRMStmUUwrMHc9PSIsIm1hYyI6IjFiMGFjM2NkY2I0YjhjY2Q3NGUxYTg3YTBkNTI1NjIxODQ2MTJlODI0YTAwNDJmZWFlYTg1YjcxZjdmNDBhYjYifQ%3D%3D
ouo.press/ Name: ouoio_session
Value: eyJpdiI6IjQ1SEdrbEp4MWJGWXg2ejY5b042V0RmNkpMbURwbkNQaURvaHJYOEc2dDg9IiwidmFsdWUiOiJlNVwvQTRNenZlU2xaS3FyejZsU2tVU0dYMXh3TEZCVmdQYk1UMDlwK1JWb2haQjI1T3E3VjNORXdDQ0lpbGh3UnQzU3ZQV2hDaitqMm1UcE1Pd1NZUWc9PSIsIm1hYyI6ImRkNmM4M2U0NTExMzE5ZjIyMTJhZjcxZjZjZGM2NzNiM2E4OTc4NjQ1OTUyNDAxZTUzODc3MjA2ZGI4YzQwNGUifQ%3D%3D
ouo.press/ Name: language
Value: eyJpdiI6IlNzWUllVTBFdURcL0hVV0dQTHJmXC9oQWtkN2RRNnVFR1BEQUhzSXVcL0FaZEU9IiwidmFsdWUiOiJVNHZFOGNSb1J1M0Nlc29OS2ZGUkw2dVVDU3BJdnhpUElmYmxrcUFBWVNNPSIsIm1hYyI6IjczYWVkM2Q2YjM3OTE0MTIxNDNhMDRjN2NiNDMzNDk2MmM3ODljMjk0YmFlMjI1NTM5ZDlhZGFlMmM5NWVkMmEifQ%3D%3D
ouo.press/ Name: c38492bd0597984737218dfd04697f90c0b0eeb8
Value: eyJpdiI6Im5xV1NDaytXZlpNQmsxS0V6TWFOVFFSUEUrdDFnQVZ5NW50R3dDdW1cL2o4PSIsInZhbHVlIjoiaXpRSDRtbEdETkZ0cG5pQTRsOEh5d1JtenNnTlJEdlpzT1RXZ3lUNFpOQ1pncVdKZFBiWmpkbHZ3d1RTaENJVERxQUxTWFVIdEV5Z2VKbG9jVmdsdDVGdVwvckQyaXIzUlYwTXdQdjdBeFVENVBjUHdEUHNob1RieTB2MXRsemdocXRuRDBYR1hibmZOSEVoSlNoVlJBWnBJTjBPazhJTk84TDFmWEF6Z1hZcFQ3NmJKSU5cL0RJK3hVdDJNdTNnd1BcL2tyNGY3RnRXUkR5Q1ZBcFNxTm5rcGN4Q3J0SGdnaHpFQklNR0Q2Q0lMc0V1ajFQR2xjZjBkTjl4UmMzdWFBQnIycmVaUUd4bjRxNlhKVXduRTdReGw5cGN1R1dMSU9MZWZTNkFYTFhLdTNhWGNWY1dvQXNETVNPVWFSeWR4a2hVUGZpSmxXbFdOUW9pZG9NaXV3Z3poR3g0NVRPOEJsVmUyVEJRc3NlQTVGQ2JlOGJNSW5PMytzMEwrbG9cL3ZLWCIsIm1hYyI6IjU0NmI5YjAyMzM0NTBlMjQzNmYwZWY0ZDExM2Q0ODQ2ODQxYjJiNzVkMDVjYTNlZDM2N2ZkMDc2ZTA4NjRmNmEifQ%3D%3D
.ouo.press/ Name: __cf_bm
Value: TPUxIODruKBBM4pIQU0VUH6DRdkxJmvuBwcSnshwY1g-1648122313-0-AeVn3+Y3PxZL4UubQdjXgZmNShjcSJgQ2riFVOJV/M4SyJaZP7mWjTKFxS4IKPqBemF1RSb0ItCbgDb6nqOsR0g=
phallicuncut.com/ Name: GL_UI4
Value: eJw9jVtOhDAYhYFycTJCPAkLcAlFZJRH4yJ8JH9pYepAOyl1iLu3MdGn8%2BVccqIoSuoK8S1nYF%2FU4fEkeuK87dtJNCf%2BIjhJatruiU%2BvzTOJDge9DZ7EonyK%2B1kZ5fQ4jFaqEg8h%2BnMuxu4mRSYcGVkiW0NjKVEIZ%2FdNuZohNbQq5O9nZ4NmK31ah6TvA2oTMOZI7Faz6oDiQxsZdtURScOrMo9wvC7kJ%2BvWQcs8RjY7kgrxG%2B5G8mq27huFVNvF2ytgFzn8939v2d5w5FLd9Bi%2BrT8r9wMevUpU
phallicuncut.com/ Name: GL_GI10
Value: eJw9i00OgjAUhPkxFSJgXuIBPAEJBCWu1bjRMzQEHqQL%2Bpq2GuvpBTWu5psvM57nBZsMAqEgKYs631d5sSvyA4QDEgSnMyQt3aXVjstmRFheUI%2BNdMA0DoJkCqsv8JY69P5tHqewaIV1KcRz%2FAahMAqiW1nV26vtIJZouVGIEx5JK9KNRcj%2B9vNiIUTCcKXp6ZgPaytGfJFETn1v0E7Kf7DgDRzQOuk%3D
cdn.firstimpression.io/ Name: OAID
Value: GDPR
.rubiconproject.com/ Name: khaos
Value: L14XH08H-1H-F5N7
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoXREUm9f9lmTpcd3HBZZ775PzI6EyVJjlVAthPpLFZyz7mgmmZqY4KoVU2gxcNTeSjJyCvVaOjObzwVI85VVVJ0A+VO7RH1E0=
.bidswitch.net/ Name: c
Value: 1648122314
.bidswitch.net/ Name: tuuid_lu
Value: 1648122314
.bidswitch.net/ Name: tuuid
Value: 7cc0ef50-2625-4a07-a37c-4204481bb9aa
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1925522695292248615
ouo.press/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ouo.press/ Name: pbjs-pubCommonId
Value: c0abf727-f77f-4c5c-b152-a604f47ca5ec
.adform.net/ Name: TPC
Value: 1648122314341
.ouo.press/ Name: _ga_0DTZ6LRDBJ
Value: GS1.1.1648122314.1.0.1648122314.60
.ouo.press/ Name: _ga
Value: GA1.2.1933543945.1648122314
.ouo.press/ Name: _gid
Value: GA1.2.1764175044.1648122315
.ouo.press/ Name: _gat_UA-177299981-5
Value: 1
ouo.press/ Name: dt
Value: 2022-03-24T11:45:14.858Z
ouo.press/ Name: cto_bidid
Value: B5MQxl9yaG9HYmhNSzFZdWN6R1hPVkNBUFlmRUhaT0JnNmhFUlk0UVk0OFY1SFNKMiUyQjR1dSUyRkJMdjBhZWM4QnRvN1p6d2VSU0FBNzlTSzZxYm5XRVhndG1mY1ElM0QlM0Q
ouo.press/ Name: cto_bundle
Value: lB5efl9iT2RiNXRKN1RuZkg3Q0VWZktoZmJOWnRvY0locXBkNWpCNzEzekxCSkpvWkh3VEJVSjlBMXdpbXNtNk11NkJDTjN0a3F6dSUyQnJTWTJFN1dzJTJGYjBZc1I3TDZrajlFaVVnaDhJcXIzcGdXNXVMZ0UlMkZnVUFvYnozNHVsTjBMc0FVSw
.awin1.com/ Name: awpv11830
Value: 412871|1648122315|df0cec31-ab67-11ec-b304-2261978923a5
.awin1.com/ Name: AWSESS
Value: 357066:2338586
.criteo.com/ Name: uid
Value: 4e3bce3b-5883-49af-ba2b-130b29d34763
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0ODEyMjMxNXZsZWExZGUyMDIyMDMyNDEyNDUxNTY2MTM1NjM4NjM5WDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZE00akN6ZnJmS3BHaFdIRUhHdER0NjZCVEJTNFQ5a3Mzb25laWRfX2FzdWlkQ01SV29jSWhKWmt5Vm0tS251d01iRDY5dkVGa3Bvbm1hc3VpZF9fYWRmX05ldG1peF9SZWFjaDA5X013ZWJfS3JlaXNlbERlYWwxMTc2Nzk
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022032412451566135638639X117679V1226132702MSoneidM4jCzfrfKpGhWHEHGtDt66BTBS4T9ks3oneid__asuidCMRWocIhJZkyVm-KnuwMbD69vEFkponmasuid__adf_Netmix_Reach09_Mweb_KreiselDeal&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0ODEyMjMxNXZsZWExZGUyMDIyMDMyNDEyNDUxNTY2MTM1NjM4NjM5WDExNzY3OVYxMjI2MTMyNzAyT
.ouo.press/ Name: cto_bundle
Value: MEXdil9iT2RiNXRKN1RuZkg3Q0VWZktoZmJIVGk0VGY2aHdBaDJGdlMySnBpeFY1N05TaE51eSUyQjdPNmFVVmJNZkRVd0I3a3hQUm1tNWR2RUFWcnU5UlZwVFNWVWRwaHBpOUdQcGVoN1lYRVk1VTlFNzI0VWFTOURwR1NEb2w1UWRwcnJkYW0yZXl0VnNEUlZHTVZhM21rdUdqUSUzRCUzRA
.adskeeper.com/ Name: muidn
Value: m2ogC9sviCJ4
ouo.press/ Name: _lr_retry_request
Value: true
ouo.press/ Name: _lr_env_src_ats
Value: false
ouo.press/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-03-24T11%3A45%3A16.466975Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.adsrvr.org/ Name: TDID
Value: c92f8466-f15d-4ad8-84ce-2fc4c5f2a770
ouo.press/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%22c92f8466-f15d-4ad8-84ce-2fc4c5f2a770%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-24T11%3A45%3A16%22%7D
.ouo.press/ Name: panoramaId_expiry
Value: 1648208716528
ouo.press/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C991771%22%3A%7B%22page%22%3A1%2C%22time%22%3A1648122316563%7D%7D
.adnxs.com/ Name: uuid2
Value: 5417810137393672052
.doubleclick.net/ Name: IDE
Value: AHWqTUkyBIN_cRv39sgUt3Rs8-ca4xY94MEBVOcn1NrAUU7dah8V-9ynGMKJv4MU_uM
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&e5800ccb-2ee7-4f66-8241-4271bde07dc7"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDgxMjIzMTc7MjswMjGhGzNiiAL5U3eJh4Ah9AA34iPH5bHvX1FbyyvqrOY7Kg==
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2242:u=1:x=1:i=1648122317:t=1648208717:v=2:sig=AQGzgEZ2vqfh-FY8htFevWsLgyXLi5PP"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AzQ2kzp0G0osvR22HgV0PKM

3 Console Messages

Source Level URL
Text
network error URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad4m.at
ads.pubmatic.com
ads.yahoo.com
analytics.google.com
analytics.webgains.io
api.rlcdn.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
aws-fr-sync.bidswitch.net
aws-fr.bidswitch.net
bidder.criteo.com
biddr.brealtime.com
c.adskeeper.com
c.amazon-adsystem.com
c1.adform.net
cdn-adtrue.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.firstimpression.io
cdn.jsdelivr.net
cm.adskeeper.com
cm.g.doubleclick.net
e1.emxdgt.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
exchange.adtrue.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
imp-euro.emxdgt.com.
imp.emxdgt.com
itineraryupper.com
js.brealtime.com
jsc.adskeeper.com
match.adsrvr.org
mug.criteo.com
ouo.io
ouo.press
partner.o2online.de
phallicuncut.com
pixel.rubiconproject.com
px.ads.linkedin.com
px.moatads.com
s-img.adskeeper.com
s.amazon-adsystem.com
s1.adform.net
servicer.adskeeper.com
static.criteo.net
stats.g.doubleclick.net
tag.1rx.io
token.rubiconproject.com
track.adform.net
track.webgains.com
video.your-notice.com
widgets.outbrain.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
z.moatads.com
ads.pubmatic.com
hbopenbid.pubmatic.com
ib.adnxs.com
104.111.239.217
104.17.119.107
104.18.17.65
104.19.130.80
142.250.186.134
142.91.9.135
151.101.1.108
172.217.18.98
178.250.0.157
178.250.0.165
18.195.155.181
18.66.112.104
18.66.97.126
185.33.220.243
192.243.59.13
2.18.233.180
2.18.234.190
2.18.235.40
213.19.147.43
23.109.82.241
23.37.42.132
2602:803:c003:200::31
2606:4700:10::ac43:160f
2606:4700:10::ac43:697
2606:4700:20::ac43:4a81
2606:4700:3035::6815:8a9
2606:4700:3038::6815:ead6
2606:4700::6810:5614
2620:1ec:22::14
2a00:1288:80:807::2
2a00:1450:4001:801::2004
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9a
2a02:2638::1c
2a02:2638::3
3.123.105.96
3.124.34.143
3.33.220.150
34.120.133.55
34.230.115.234
35.157.98.225
35.244.174.68
37.157.2.238
37.157.4.28
37.157.5.72
46.236.13.147
50.112.169.222
51.89.21.5
52.222.210.175
52.29.141.195
52.29.95.58
52.30.107.253
52.46.154.242
52.94.222.140
54.154.13.151
69.173.144.138
69.173.144.139
84.200.5.215
88.99.63.132
024a10192fb40763344a77507780eb72f07073757d1c31c4d618836af7b55081
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14b83e69306c9e3378f23a07af42c42b25190da033de2e104d4cdd1c55a78369
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28d64d6fe7bbd4d532032e963308766a69e3c452ed0d3deaaa1478c5f86e3e9a
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6063470d4096a263c077609678ba7ab6ca696d19ba11af6bb601ed06eaa2e
31e216171adb2f5bb3c4b0823f85ce065cd286889dcfd9afcf5f578f53ba0dda
32156c8a346c5445b2068b5137c2ab4d354aa66c88de0c12f1d297f6f6a101a4
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ddab5e9b793d8ea924db245405898c13465522468cc0d867297f31079009db3
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fa949faa5d2b3b0af4ef67353aaf16387aa451dc13785b252a9dee521bd5d56
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
4716c7dcbd527a74fd28a8537820d006a1d3889fd2fc349936ca5268a5d54a83
493b9538f939989d85eb2ccfa1a469c85e42e82dd5666b8ad819d24175df1eef
49bbf59f8f184c1a47b1868c0af75528448fe3190b266f8537b519a472423c08
4f8fb8fd5dfbe5672ed5a3cfd35c274187af31a2e099a5a3cdd2f3e4f414a5de
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c4855666e3ecdd01da9664d8da573fab1c6eac6fdc34492d8a111754e39b902
6214cfff67eac2f72780fe9b5a5a18118ac44677c15916131a972a307ef065cb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f610246b1c72166031d74a057da090ee1e44789a8d82d833ddddeaf083bf600
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7c6dbd8dbb19515ea516f69bb157986f1c4dc7afe93b866b90494a7b9bb67dcf
7d01236c8696faa4aaf59f794981c1c25bdf89163ca688cf52c183c500d32c1a
7ddcdb425051dbc349b91079fe450031f1c28e182aa24974ddfa20a92b4facbd
82769cac35a0d08631eb1b2d7ba2a8b98657f52dffd7b56a4f97cd099b45815b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848c6865ce57d1290c1d98687482afe0eacdd4d51004b8d69637801c5224df03
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
868bbf740fc6835fba0a6f50ceaed987b2aacdb66bb7b63ae9a07a126d534834
8b06ee7322964225af9c5f879971180be48ef42bac3933c73bfe6c1ea4c0f699
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e816624d5e7301ffcbd4f64b8926054fe83ec27c68148e496cf8f492b4d26da
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
97cd4e3da54e23bee70cc7a743ac4391111b921bc53bc26a63fe4776561f0bde
9fa2e0f156d0224d3259d8bf649a49e31f944d48df0eb36aae5cebb063716e44
a11fc70b70678c4971f72bc1c990d022e8b437c769cb467730f87c12a4879d99
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
a9a7a8db72cfcbca4bcbaf5e23e5a4b3f96e5ea9153cd4e445058ab4c433d637
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
ab33563b91fda42bce39480d64f0b71fa546878cd2dd6a64ec154ff4ab780562
abff3de1810d5f1b52b5cc99b7e4b29dc850b17aaa6523b289e4240a62cf0728
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3
b6001d57e0dd994bdfad3cc9380062f3f7dbd6755978695e6ec8cd25505b8b2f
b7223514fb0def0832de18a30c937df227fc3dbe6a1fff5c9209b7d92039947b
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
c18befd6a4372ee6d2507acd3c377f913bb1d56155950440190b27c0dd0ded1e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d626e15a713885008c3a94f619790fb5cc8b06a783282075734f7d7ff042bd14
d78d81bec3ff9dc5c78ab5c5f9b1db3986d61690f7c46ad21271760d7dcdb6de
d80c5e589d01a4960b7737680fe9bd09293cab9db77fcfb7de2d64a1f0361037
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f
eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240
ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f89938c79873cd609d75b6112604cbedf77695f1eeed40d179bc5a450d9680b3
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fcee9ee868f50e7cece5aaebce8a2c8c5397148ad82e68904c486a7b369558d0
fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89