urlscan.io logo urlscan.io
SecurityTrails logo

ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ouo.io/XnZSf6
Effective URL: https://ouo.press/XnZSf6
Submission Tags: @phishunt_io
Submission: On October 16 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 6 countries across 38 domains to perform 127 HTTP transactions. The main IP is 2606:4700:10::6816:3afb, located in United States and belongs to CLOUDFLARENET, US. The main domain is ouo.press. The Cisco Umbrella rank of the primary domain is 198740.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.
This is the only time ouo.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.109.82.14 7979 (SERVERS-COM)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 143.204.215.116 16509 (AMAZON-02)
7 99.86.4.77 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.198 15169 (GOOGLE)
1 23.35.237.86 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 65.9.71.118 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2602:803:c003... 26667 (RUBICONPR...)
5 37.252.173.62 29990 (ASN-APPNEX)
1 213.19.147.42 3356 (LEVEL3)
2 178.250.0.165 44788 (ASN-CRITE...)
1 99.86.3.236 16509 (AMAZON-02)
3 23.35.236.201 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 8 2a02:2638:1::13 44788 (ASN-CRITE...)
6 178.250.0.157 44788 (ASN-CRITE...)
2 35.244.159.8 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 151.101.1.108 54113 (FASTLY)
5 2.18.235.93 16625 (AKAMAI-AS)
1 23.216.77.9 20940 (AKAMAI-ASN1)
6 23.35.228.23 16625 (AKAMAI-AS)
1 151.101.129.108 54113 (FASTLY)
4 37.252.171.149 29990 (ASN-APPNEX)
1 2001:4860:480... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.216.77.25 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 141.95.98.70 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
3 2a02:2638::3 44788 (ASN-CRITE...)
2 141.95.98.65 16276 (OVH)
1 2606:4700:1::... 13335 (CLOUDFLAR...)
1 18.203.72.119 16509 (AMAZON-02)
2 15.197.193.217 16509 (AMAZON-02)
1 23.35.236.188 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
2 4 172.217.16.130 15169 (GOOGLE)
6 8 69.173.144.165 26667 (RUBICONPR...)
2 3 52.46.155.104 16509 (AMAZON-02)
2 3 52.94.222.140 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 198.47.127.19 3257 (GTT-BACKB...)
127 55
1    2606:4700:10::6816:17a2 (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.io
5    2606:4700:10::6816:3afb (United States)

ASN13335 (CLOUDFLARENET, US)
ouo.press
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.109.82.14 (Netherlands)

ASN7979 (SERVERS-COM, US)
tv.gourdycortes.com
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:3030::6815:467a (United States)

ASN13335 (CLOUDFLARENET, US)
hhklc.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
itineraryupper.com
6    2606:4700:3030::ac43:90ac (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
exchange.adtrue.com
track.adtrue.com
1    143.204.215.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-116.fra53.r.cloudfront.net
ecdn.analysis.fi
7    99.86.4.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-77.fra6.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.74.198 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
ad.doubleclick.net
1    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    213.19.147.42 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
fptadtrue-d.openx.net
u.openx.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs-simple.com
5    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.216.77.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-9.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
6    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
4    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
1    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
9    2606:4700::6812:42a (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
cm.adskeeper.com
1    23.216.77.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-25.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
2    2606:4700::6812:1aae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
1    2606:4700::6812:52a (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::31ee (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
1    18.203.72.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-72-119.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
8    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a05:d018:d29:3602:463b:6ffc:aac9:c7b0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
16 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
17 KB
11 media.net
contextual.media.net — Cisco Umbrella Rank: 570
warp.media.net — Cisco Umbrella Rank: 2378
lg3.media.net — Cisco Umbrella Rank: 4108
hblg.media.net — Cisco Umbrella Rank: 1621
157 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
cdn.adnxs.com — Cisco Umbrella Rank: 1320
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7172
acdn.adnxs.com — Cisco Umbrella Rank: 618
62 KB
11 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
token.rubiconproject.com — Cisco Umbrella Rank: 682
14 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
96 KB
10 adskeeper.com
jsc.adskeeper.com — Cisco Umbrella Rank: 35240
c.adskeeper.com — Cisco Umbrella Rank: 22168
servicer.adskeeper.com — Cisco Umbrella Rank: 33310
s-img.adskeeper.com — Cisco Umbrella Rank: 23466
cm.adskeeper.com — Cisco Umbrella Rank: 36033
89 KB
7 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 21182
cdn.firstimpression.io — Cisco Umbrella Rank: 20983
328 KB
6 adtrue.com
cdn.adtrue.com — Cisco Umbrella Rank: 184448
exchange.adtrue.com — Cisco Umbrella Rank: 128544
track.adtrue.com — Cisco Umbrella Rank: 130988
105 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 495
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
image6.pubmatic.com — Cisco Umbrella Rank: 671
157 KB
5 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 185
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
2 KB
5 ouo.press
ouo.press — Cisco Umbrella Rank: 198740
32 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
359 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
42 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
85 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1193
id5-sync.com — Cisco Umbrella Rank: 471
17 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
649 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1440
527 B
2 adskeeper.co.uk
cdn.adskeeper.co.uk — Cisco Umbrella Rank: 33915
3 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1373
15 B
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1608
res-a.akamaihd.net — Cisco Umbrella Rank: 6767
25 KB
2 openx.net
fptadtrue-d.openx.net — Cisco Umbrella Rank: 183522
u.openx.net — Cisco Umbrella Rank: 664
464 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
118 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
596 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
708 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1481
332 B
1 mgid.com
a.mgid.com — Cisco Umbrella Rank: 20168
400 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2496
43 KB
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1362
157 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
10 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1136
3 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 25055
5 KB
1 itineraryupper.com
itineraryupper.com — Cisco Umbrella Rank: 276227
1 hhklc.com
hhklc.com — Cisco Umbrella Rank: 126550
3 KB
1 gourdycortes.com
tv.gourdycortes.com — Cisco Umbrella Rank: 271652
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
918 B
1 ouo.io
ouo.io — Cisco Umbrella Rank: 138190
1 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
127 38
Domain Requested by
8 gum.criteo.com 4 redirects static.criteo.net
6 mug.criteo.com ouo.press
5 contextual.media.net ecdn.firstimpression.io
acdn.adnxs-simple.com
ouo.press
5 ib.adnxs.com ecdn.firstimpression.io
cdn.adtrue.com
acdn.adnxs.com
5 ouo.press ouo.press
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects
4 cm.g.doubleclick.net 2 redirects
4 c.adskeeper.com jsc.adskeeper.com
4 fra1-ib.adnxs.com ecdn.firstimpression.io
acdn.adnxs-simple.com
cdn.adnxs.com
4 c.amazon-adsystem.com ecdn.firstimpression.io
c.amazon-adsystem.com
4 ecdn.firstimpression.io ouo.press
ecdn.firstimpression.io
4 www.google.com ouo.press
www.gstatic.com
www.google.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 s.amazon-adsystem.com 2 redirects
3 static.criteo.net cdn.adtrue.com
static.criteo.net
ecdn.firstimpression.io
3 lg3.media.net ouo.press
3 ads.pubmatic.com ouo.press
jsc.adskeeper.com
cdn.adtrue.com
3 cdn.firstimpression.io ecdn.firstimpression.io
3 www.gstatic.com www.google.com
3 cdn.adtrue.com ouo.press
exchange.adtrue.com
2 eus.rubiconproject.com ecdn.firstimpression.io
eus.rubiconproject.com
2 match.adsrvr.org ads.pubmatic.com
2 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
2 cm.adskeeper.com jsc.adskeeper.com
2 cdn.adskeeper.co.uk ouo.press
jsc.adskeeper.com
2 jsc.adskeeper.com exchange.adtrue.com
jsc.adskeeper.com
2 hblg.media.net ouo.press
2 i.clean.gg acdn.adnxs-simple.com
2 www.googletagmanager.com track.adtrue.com
www.googletagmanager.com
2 exchange.adtrue.com ouo.press
cdn.adtrue.com
2 bidder.criteo.com ecdn.firstimpression.io
cdn.adtrue.com
1 image6.pubmatic.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com
1 u.openx.net cdn.adtrue.com
1 acdn.adnxs.com ecdn.firstimpression.io
1 id.crwdcntrl.net ads.pubmatic.com
1 a.mgid.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com jsc.adskeeper.com
1 s-img.adskeeper.com
1 servicer.adskeeper.com jsc.adskeeper.com
1 res-a.akamaihd.net ouo.press
1 www.google-analytics.com www.googletagmanager.com
1 cdn.adnxs.com ecdn.firstimpression.io
1 warp.media.net ecdn.firstimpression.io
1 qsearch-a.akamaihd.net ecdn.firstimpression.io
1 acdn.adnxs-simple.com ecdn.firstimpression.io
1 hbopenbid.pubmatic.com cdn.adtrue.com
1 fptadtrue-d.openx.net cdn.adtrue.com
1 track.adtrue.com exchange.adtrue.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 tag.1rx.io ecdn.firstimpression.io
1 fastlane.rubiconproject.com ecdn.firstimpression.io
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net ecdn.firstimpression.io
1 widgets.outbrain.com ouo.press
1 ad.doubleclick.net ouo.press
1 ecdn.analysis.fi ouo.press
1 itineraryupper.com ouo.press
1 hhklc.com ouo.press
1 tv.gourdycortes.com ouo.press
1 fonts.googleapis.com ouo.press
1 ouo.io 1 redirects
0 api.rlcdn.com Failed ads.pubmatic.com
127 67

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-12 -
2023-06-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tv.gourdycortes.com
R3		 2022-10-01 -
2022-12-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
itineraryupper.com
R3		 2022-09-15 -
2022-12-14		 3 months crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 18 frames:

Primary Page: https://ouo.press/XnZSf6
Frame ID: 57CFE77EF13754DEA4A5019582F03B8B
Requests: 22 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 4E09D33D549076A054A28228BD93A836
Requests: 14 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FXnZSf6&cb=3950455706&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/XnZSf6
Frame ID: 22A6540F338E7E1B52AFEA8D9A131B59
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=prwxbw67c1nq
Frame ID: 57ADFA14DD0615312FF69CB461DEAA7F
Requests: 5 HTTP requests in this frame

Frame: https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2FXnZSf6&loc=https%3A%2F%2Fouo.press%2FXnZSf6
Frame ID: 3373DBFD3E1F5EE0492EDE9DD4A73560
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: BEE460C59CBB6D7B9EEC322B8C33166B
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: 084F9882B1269A67A19FB2D8D2B2873B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 5A2F986C2884E2170A83D7ABB8CD8AC7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: BCCEE929A982E1BBA7EA03361EC0DEC1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: F4FA17ADEFB3C12A0E1299C8FCAA5CD3
Requests: 22 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3A8EDEC9FDFEB769FF360DC58E4B44DB
Requests: 4 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1665919496032743392753
Frame ID: FE0D804B36BC88585D1895E05B6CD1BC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: 4C5BA5546472DB690C1837AF41990C44
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Frame ID: 6575BD04B853B1B4B2B01F57D825D328
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3260929650E1F5A69DA56A3302BB215F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0F03BE5AC9DDAFA25B558DBC21EB766C
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2D4B498849F6E1E90A6C7E88010C1B21
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
Frame ID: 89B09D278D734E0D9695DC2514909E42
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free URL shorten service - ouo.press

Page URL History Show full URLs

  1. https://ouo.io/XnZSf6 HTTP 302
    https://ouo.press/XnZSf6 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

127
Requests

88 %
HTTPS

39 %
IPv6

38
Domains

67
Subdomains

55
IPs

6
Countries

1787 kB
Transfer

5056 kB
Size

38
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ouo.io/XnZSf6 HTTP 302
    https://ouo.press/XnZSf6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=R5WP63xUQW51bFFxc3ZzUThCWmJlcG1YV1V3Wnp5blBTYkNyQlJZZEJodzNBTkh5VGFldE96QS9vb0VhYk43K0xZTjhadnEvQzlKNlpDdVNIMHorK0xYOGkxaVB5V25kNGFaNHRmZEVlL1FFM3dIUkQxNVE4ODhqZjA0Z1lFVWd6UXlML1E4RUlQanFwRkxtSFdBSklzako5TCt6dmN2SWp6VTdkL1RqM0R0RWtwRGJ0NW1HUStRWlBGb3lGZm44SnJQTWFINHpTZ0ZzZ1VVd0NDWnArRVdTaHFneWU3QUpMWUcra0hDL3pVcmF5ckIwPXw&cppv=2
Request Chain 96
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=Bq8HAl9WZXZCTzFZJTJGdzM2NHpQVVJxWklzTlpHJTJGYiUyRlVrcndNMVIwUGU4cVZZZWN1MXNjd21hN1JIOXQlMkZyb2t5RG5HME9rV0Fuak1iaUtqWUNlTkUyTDZqdk5JVUh1SmRwRU9lYk53UjhFb0ZDamlkRXFqTGIwWGYyVHF6YW12U3VMZVoy&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3VmfdHxpeGNqa3A0SE0rV1pReVN0U0I2THNVVmI2RWowcFcyaEZjbDJtZEJMNFMzekxQTSszK0VpMXFPWTZuU1FMc0FqOWlDRzZMQjUwZ3lOQ1l5QmJ3Q0krWkR5SjR5VytDQjJET1FWWXJnVU1mTGNCQ0piZGZpaUpvbVJUcmpUeExlRlh2QVllQWNWOGZZNmp4RzYxT2Q3SjJuLzlvUTZsK2gxb0hpbUt5TTdyRTRrdzRKbEpMd2J5Mjllb2RMTnR5U0lLTk0xdisvQ2JIMjFReHVXMnVTcnVJUktQK0dIVXFVWDllM0FIdFZvM3RBcDFvdUVhQ1NkbzdST3pYYnFNUHZmME5oQTRoMklDRzI1WkNSMGMwM29sZz09fA&cppv=2
Request Chain 101
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=Bq8HAl9WZXZCTzFZJTJGdzM2NHpQVVJxWklzTlpHJTJGYiUyRlVrcndNMVIwUGU4cVZZZWN1MXNjd21hN1JIOXQlMkZyb2t5RG5HME9rV0Fuak1iaUtqWUNlTkUyTDZqdk5JVUh1SmRwRU9lYk53UjhFb0ZDamlkRXFqTGIwWGYyVHF6YW12U3VMZVoy&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=0KpZinwvVzN5V1E3S25QSVpBWTcxcVFIb0h6NUt1VnNhUGt5WW5Tc3ZNTmp1WXJ4ZVZwMGI2RU5kU0RDaHRrRnZsS0Q2NVhOd3ZrRnFod1hoOVl3ZlJwV0dmVmNwazlieW15T1dXaGtTUklOWXJrUEhGemVnWHd3ZFlYN2F1TlRSUm5BeGxsWDdWbVQzdHRhVnBETFJEUmx0RnZ2b2F2OFQzRnN4R3VaT2lhYXFSWWRkNFhuZVdjNHRMak9UTVBDVnp3dzl6K1RUUHZxTnozV1VCT0lON0hqNjJySTBTdm9qQ3FKZDhLQjhIWTRXTmVNdVRDVGNrSy80QllCYXdZcUgvWVQ0dmdTNVB2MGl0NmZ4Wmdsa1FhMk1SQT09fA&cppv=2
Request Chain 114
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=blOMEHxIaitFZEhDOS9QcmhwaElxSUdZYU5uRmFUZ1Z3SlQ2Zm5JeTdic0lSSnV1MThYWHM5N3IyWG1aLzdaSjFOQSttZSs1RHVpVGs3QmlleE1DVGtVSGwzRnIrSTRzQ0JNYTlyTUFwMGwvcnZId2lGc3czQit5VHYwWHFFckV4RWxTYzhIUlZnYjBqdGhhbTRmTTEyRm5DMGFtQTllTUE2R2d1RXBISkVGZkhxUXBtSlowU2lnVGZMbFhPNW4rZ1pmcjFkaXJ2bzJRek9GUDEyTWM3RWxyeDhHb2N1UzRxSGpaWnZOcVFFNEtwRE1ndGljS2huSklCcUZMekRRVWo5bDhDb3ZKenVjQ3ZZQ3VyUkgwZGNuRDZ3Zz09fA&cppv=2
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKBLt0FT056MoIBkkMi4Mnw&google_cver=1
Request Chain 120
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTMwM2RjZGE1YjIxNzMyNWU5YWFiZjhiOWY3NjhjZGI3NDU3YjNjNQ
Request Chain 121
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xX_0t3vKREy1kRHjkHM5JQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xX_0t3vKREy1kRHjkHM5JQ
Request Chain 122
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yI_JQ8eRRnela8pFZn-yCA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=yI_JQ8eRRnela8pFZn-yCA
Request Chain 123
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlCOUdEOE4tNi0xRkg3
Request Chain 124
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9B9GD8N-6-1FH7
Request Chain 125
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Z_NYW7lCN2tenTx5rrpyog?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6433170965142623899

127 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request XnZSf6
ouo.press/
Redirect Chain
  • https://ouo.io/XnZSf6
  • https://ouo.press/XnZSf6
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2497fd0dc94d29f4bdbf9bef2eeb2786fa938c2fd5815159410c9ecb739ee6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75b06e47fe1a9bd0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 11:24:54 GMT
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75b06e4659eb993f-FRA
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 11:24:54 GMT
location
https://ouo.press/XnZSf6
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		1020 B
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Questrial
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Oct 2022 11:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 10:27:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Oct 2022 11:24:54 GMT
bootstrap.css
ouo.press/css/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/bootstrap.css
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/XnZSf6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
23741
cf-polished
origSize=109522
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 14 Feb 2015 06:58:04 GMT
server
cloudflare
etag
W/"54def1fc-1abd2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
75b06e49596c9bd0-FRA
expires
Sun, 16 Oct 2022 16:49:13 GMT
link-safe.css
ouo.press/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ouo.press/css/link-safe.css
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/XnZSf6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
23740
cf-polished
status=cannot_optimize
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Wed, 02 Oct 2019 21:46:54 GMT
server
cloudflare
etag
W/"5d951ace-1830"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
75b06e4959749bd0-FRA
expires
Sun, 16 Oct 2022 16:49:14 GMT
48786
tv.gourdycortes.com/1clkn/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.gourdycortes.com/1clkn/48786
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.82.14 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 11:24:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=20
api.js
www.google.com/recaptcha/ 		884 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bc71bcce85e572e38871c57e76a3fbac086889756e4732ce763991f88e8e706e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Sun, 16 Oct 2022 11:24:54 GMT
c.js
hhklc.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hhklc.com/c.js
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:467a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74ef82d78527dec7a31fd40375b7863b218441e4f69f31ccc1785cdde5c6168a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 27 Sep 2022 15:56:01 GMT
server
cloudflare
etag
W/"63331d11-21a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1C7BkgryDuUFzOAnkzhFQz2PgQE86H%2FcDCasFmm5urPcYy1PfFBn%2BHf1RENMskiyzzYqpRHpB08gDtxQycacNRydQyEKz7tCTsOKKYJ4AS60dW%2F8d960B2zhgJk33idaHV9a0TyHRuE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
server-asp-net
Asp Net
cf-ray
75b06e49e862927d-FRA
expires
Sun, 16 Oct 2022 12:09:00 GMT
ed36014633829dc70a42dccaefdf3f11.js
itineraryupper.com/ed/36/01/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 11:24:55 GMT
Server
nginx/1.17.9
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
async.js
cdn.adtrue.com/rtb/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1496438
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
etag
W/"5fb1d3ed-1c9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwtnjHQoq9%2FiwFdheDdP%2FHLivab2Sn4iCbUHhNRhNQCO9fvjywTEEJ1BVz63yxr%2FyXmjO945AgQdXBQRcOkYWc%2FmMj3Lc7OQEF4Eqjg3NWjeyJO7DU%2BzDeLIhFXo8hUqrAW7RyS6YVUhGKBhow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
75b06e49ee1f9211-FRA
expires
Sun, 24 Sep 2023 03:44:16 GMT
world.png
ouo.press/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ouo.press/images/world.png
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/XnZSf6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1710346
cf-polished
status=not_needed
content-length
5692
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 May 2015 05:02:52 GMT
server
cloudflare
etag
"5549a07c-163c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
75b06e49ba7f9bd0-FRA
expires
Wed, 26 Oct 2022 16:19:08 GMT
email-decode.min.js
ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/XnZSf6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 13:38:05 GMT
server
cloudflare
etag
W/"634571bd-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
75b06e49ba679bd0-FRA
expires
Tue, 18 Oct 2022 11:24:54 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-116.fra53.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:40:27 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
x-amz-cf-pop
FRA53-C1
age
2667
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
4240
x-amz-cf-id
WgyG8BzX_oT3gT6K0MBFoWQSY9ETldZeMMpIcq47WHhLogV-7wWO-Q==
expires
Sun, 16 Oct 2022 11:40:27 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
db3a2055e6411fea0baec493100ac0ad4479f11f5ec672bd84cdfab2b1dbdd9f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:34:43 GMT
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Sun, 16 Oct 2022 10:34:43 UTC
server
nginx/1.20.0
x-amz-cf-pop
FRA6-C1
age
3011
x-powered-by
PHP/8.0.14
etag
W/"82c140955b63587efa4de6a1e12f381d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
T46OHLbp-aaL7QHDpSKKxeMN10aWkOnRon1iHQQ8AAL1xPEBHCm8Cw==
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 11:09:58 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 13:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Oct 2022 13:30:54 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Tue, 15 Nov 2022 11:24:54 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FXnZSf6&charset=UTF-8&ch=11&ref=ouo.press&viewerId=null&referer=&_firid=32466747
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
60e1907d0c4d46205094aa3db21e0ff78a15cf1a473a5b24c8d4f05fdd6acdd2

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
ijKUGxXFIHgqjb3nL5BTQVk6hd8fnJveSt8I7zrAe4o23H_IgCUdOQ==
expires
0
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:14:03 GMT
content-encoding
gzip
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
x-amz-cf-pop
FRA6-C1
age
651
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
knh7DuyUjBXgiD2YdWP5QrBoK84hSWtyp3Bv3Y74cX2Naw3r1voDTA==
expires
Sun, 16 Oct 2022 12:14:03 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
8874
age
6752
x-jsd-version
1.13.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA, cache-hhn4071-HHN
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3u%2BIoFt6%2FIAxCpP7Vm%2BlM2QFN45RDcsM3MIKyPrGWbjwUBVA6avTbWQSmzHZd1%2BLxMbCvZgvApFohqUMJ8EY9BozIMA0QDoO2WIUWfEjOjbLw5uidC5OYr8LU0b1hHMRJVyceJsODz%2BHmJoFJ6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75b06e4afe719b37-FRA
apstag.js
c.amazon-adsystem.com/aax2/ 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:47:07 GMT
content-encoding
gzip
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C1
age
2268
x-amz-server-side-encryption
AES256
etag
W/"13600701857be6a3c4cd98a7b8e7133a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
nkmIpwOIyxYHcr1wi16BFHA8C8wkQTNlCat4IE1wX5q3GWV3GDHSdw==
QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:31:35 GMT
x-content-type-options
nosniff
age
316399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19292
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:12:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2023 19:31:35 GMT
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 4E09 		110 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:45:39 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Fri, 08 Apr 2022 08:48:22 GMT
server
nginx/1.20.0
x-amz-cf-pop
FRA6-C1
age
2355
etag
W/"624ff6d6-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
BpNc9aglGXd8qMtRRzEpcc2u1m9kd4g3OvpKOu9JnyHDLaNeaJKIbQ==
expires
Sun, 16 Oct 2022 11:45:39 GMT
truncated
/ 		592 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 4E09 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:14:03 GMT
content-encoding
gzip
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
x-amz-cf-pop
FRA6-C1
age
651
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
LZMva2zJPh3OVMD2kxmDLvP-IHhR1GR42yiH6toHFv74AkIYSma7fQ==
expires
Sun, 16 Oct 2022 12:14:03 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame 4E09 		1 B
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C93863%7C100721&campaignid=18%7C15%7C9%7C44%7C43%7C22&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA6-C1
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ouo.press
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
fU03hedf2D1wZVkwm008TWyS3ekqwRU7FiwHzANEdNAIJmdEE1cn8g==
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4E09 		348 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FXnZSf6&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FXnZSf6&tg_i.page=https%3A%2F%2Fouo.press%2FXnZSf6&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=cf1ce4bc-455b-4271-b816-963c5a88aa0c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.29706889929986247
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7395e80c2e8ab989116cad6eeab1f936db768c4b9cc2e58c02891adee8d36d2a

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:55 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://ouo.press
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
348
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 4E09 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5bcaeca9b331418ca0ac6140ff24eda8097f8e83a163c8126aefd546e861f241
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 16 Oct 2022 11:24:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
005c91d1-df5b-4849-bbc3-a42f0af856ac
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/212927/0/ Frame 4E09 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
pragma
no-cache
date
Sun, 16 Oct 2022 11:24:55 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 4E09 		144 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f5f05497b864dd9d06e87cba2be7cbb4fb48149b9a14b638cde4e272a20805ca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:55 GMT
AN-X-Request-Uuid
e93ef8ff-be7e-4c43-81c9-c9fc9371fe22
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 4E09 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=50699944751
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Oct 2022 11:24:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4E09 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 10:47:07 GMT
content-encoding
gzip
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C1
age
2269
x-amz-server-side-encryption
AES256
etag
W/"13600701857be6a3c4cd98a7b8e7133a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
7vC8qwvDoX65Hp_WTzXqMuFkHMypODG6sGbeqDHTTqxGWtZNJK34hQ==
impress
exchange.adtrue.com/delivery/ Frame 22A6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FXnZSf6&cb=3950455706&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/XnZSf6
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83391a6efe533514e9cdc19629ff5d33607ea1d952d5b252f1304d2b89d24df5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-adtrue-instance
adt-backend-1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuvnCa84EoBOQRsJtZGiU0ITHe0X1gn3trtwE4uygr2mVC7Jn4L88sMpc7eg3c8XPKHaSO1%2BRATFNTN4ldO%2Bzr5FyMJ8Nm5fHUXa0MzMtXBedHG3kIrc8%2FSXS%2F%2BVNMowH7E3u6%2B31aI3keTGQKSI4IPy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75b06e4c4aa09211-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
anchor
www.google.com/recaptcha/api2/ Frame 57AD 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=prwxbw67c1nq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
051a37af8fe58eb26be74ba7f689034a97a58cc0de9ca284d0a9733c758e2558
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e5HyvOjGE2d1nwbkwGHrog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22440
content-security-policy
script-src 'report-sample' 'nonce-e5HyvOjGE2d1nwbkwGHrog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 11:24:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
config
c.amazon-adsystem.com/cdn/prod/ Frame 4E09 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 09:56:00 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
age
5335
x-cache
Hit from cloudfront
access-control-allow-origin
https://ouo.press
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
PEqI3axZq9yKlVm8JiaWG2PayKRnjuh4ZOnFL25w_m9BHf0NHDywEg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 4E09 		23 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FXnZSf6&pid=Oocq5oky7PqrB&cb=0&ws=728x90&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
Z4GJN2CS1V2WPKBZVF2R
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
IJaVOwlANXUynQrZV44Dymhkd4k-YUbQ_ksR7NzhmJ-Hs3tCsnLVDA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4E09 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date
Sun, 16 Oct 2022 01:33:05 GMT
x-amz-cf-pop
FRA56-C1
age
35959
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
VQOEIheQ-szU_LEpcv4ObpSeA39JeUgA-k6VoWJjN1RNfiNuLopg3w==
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 57AD 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=prwxbw67c1nq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Oct 2023 12:47:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 57AD 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=prwxbw67c1nq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 11:09:58 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 22A6 		309 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FXnZSf6&cb=3950455706&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/XnZSf6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
825d5cd71dbdd99c5c8181e2e88e24573f837019cc0b15a6a15fa98bdffc506e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
455246
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 11 Oct 2022 04:44:29 GMT
server
cloudflare
etag
W/"6344f4ad-4d256"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rufv%2F5wgsWvWYBVvm4SSRTlk3%2FW%2BGvnCRHI%2Bt4VxrTdTdZlKMN%2BlD13IxV3cambz8VFzXH6MeVC1CPRpK6te456BJaBRfc2HYxnFV4TNlIcWhavEy%2B0RoSZo3bcdIEX1pta4pRJRDdMwnw9N%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
75b06e4ca80d5c9e-FRA
expires
Fri, 06 Oct 2023 04:57:29 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 22A6 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:33:12 GMT
server
Apache
etag
"1241a12-3fca8-5cf4eee137dd8"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=38167
accept-ranges
bytes
content-length
80538
expires
Sun, 16 Oct 2022 22:01:02 GMT
request
track.adtrue.com/track/ Frame 3373 		377 B
522 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2FXnZSf6&loc=https%3A%2F%2Fouo.press%2FXnZSf6
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FXnZSf6&cb=3950455706&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e125313753d65db851e4b47334123f4f71ac3ee6e28f3c87ee5264a874da78

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75b06e4cab469211-FRA
content-encoding
br
content-type
text/html
date
Sun, 16 Oct 2022 11:24:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxekDdMEzXeo4SxbSskBeO89S4%2FVg7X6fuuXXCbS9qlUUvw4hRoIniNZgtnZ2zgErLOfAqFDkl7%2FwQqjGGIrwm9xkoAqfVQ8roZUZcViK4Xe6KN%2B4Kl3nZT0LMKPdqsdzdTBKXlbRfGLRtyKSRZE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-host-name
adt-backend-1
js
www.googletagmanager.com/gtag/ Frame 3373 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
Requested by
Host: track.adtrue.com
URL: https://track.adtrue.com/track/request?pzoneid=12953&domain=ouo.press&ref=https%3A%2F%2Fouo.press%2FXnZSf6&loc=https%3A%2F%2Fouo.press%2FXnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d84d26db048d6b563fe935b01e8625fdb24870eff80752ce90bb48bb341a5aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.adtrue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45739
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Oct 2022 11:24:55 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ouo.press
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 16 Oct 2022 11:24:55 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
506132
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 22A6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=R5WP63xUQW51bFFxc3ZzUThCWmJlcG1YV1V3Wnp5blBTYkNyQlJZZEJodzNBTkh5VGFldE96QS9vb0VhYk43K0xZTjhadnEvQzlKNlpDdVNIMHorK0xYOGkxaVB5V25kNGFaNHRmZEVlL1FFM3dIUkQxNVE4ODhqZjA0Z1...
367 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=R5WP63xUQW51bFFxc3ZzUThCWmJlcG1YV1V3Wnp5blBTYkNyQlJZZEJodzNBTkh5VGFldE96QS9vb0VhYk43K0xZTjhadnEvQzlKNlpDdVNIMHorK0xYOGkxaVB5V25kNGFaNHRmZEVlL1FFM3dIUkQxNVE4ODhqZjA0Z1lFVWd6UXlML1E4RUlQanFwRkxtSFdBSklzako5TCt6dmN2SWp6VTdkL1RqM0R0RWtwRGJ0NW1HUStRWlBGb3lGZm44SnJQTWFINHpTZ0ZzZ1VVd0NDWnArRVdTaHFneWU3QUpMWUcra0hDL3pVcmF5ckIwPXw&cppv=2
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
65988a1ed529521639a60f59aa0e9b100cc863821ee3a73852803dc2204052c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1514208
expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=R5WP63xUQW51bFFxc3ZzUThCWmJlcG1YV1V3Wnp5blBTYkNyQlJZZEJodzNBTkh5VGFldE96QS9vb0VhYk43K0xZTjhadnEvQzlKNlpDdVNIMHorK0xYOGkxaVB5V25kNGFaNHRmZEVlL1FFM3dIUkQxNVE4ODhqZjA0Z1lFVWd6UXlML1E4RUlQanFwRkxtSFdBSklzako5TCt6dmN2SWp6VTdkL1RqM0R0RWtwRGJ0NW1HUStRWlBGb3lGZm44SnJQTWFINHpTZ0ZzZ1VVd0NDWnArRVdTaHFneWU3QUpMWUcra0hDL3pVcmF5ckIwPXw&cppv=2
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
529704
content-length
0
expires
0
webworker.js
www.google.com/recaptcha/api2/ Frame 57AD 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=prwxbw67c1nq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=prwxbw67c1nq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 16 Oct 2022 11:24:55 GMT
arj
fptadtrue-d.openx.net/w/1.0/ Frame 22A6 		73 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fptadtrue-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fouo.press%2FXnZSf6&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fa9a10b6-9768-429c-9432-aeb2e53b5372&nocache=1665919495293&aus=300x250&divids=adtrue_ads_12953_s66z7uuarndcgx5n2fp&aucs=adtrue_ads_12953_s66z7uuarndcgx5n2fp&auid=558223497&aumfs=100
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
19a77b3ff7c5a8d32255464af312a29998dfb054f16785f94df08d5db3c343db

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ouo.press
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ Frame 22A6 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.12.0-pre&cb=54116848292&lsavail=0
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ouo.press
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 22A6 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4e568cd25e93f42279b0961d76b80d8a6473607389d597ab98be0245dcafe199
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:55 GMT
AN-X-Request-Uuid
490e3f90-6a63-4008-a636-7134c19e6a0e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 22A6 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sun, 16 Oct 2022 11:24:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
cdn.firstimpression.io/tracking/habit/ Frame 4E09 		2 B
404 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/habit/v1?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
access-control-request-method
*
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://ouo.press
x-cache
Miss from cloudfront
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
x-amz-cf-id
hZPUrjp2cmi_I_ilvts-lXlbTQFL3l5eUO6DuYqnBNW4X5FFR3rhgw==
script.js
acdn.adnxs-simple.com/strikeforce/ Frame BEE4 		120 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3ef4992026593e0ea951ba520ff9eca88a7ea12712aca5daba6c181031ac6ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Fri, 14 Oct 2022 05:11:52 GMT
Date
Sun, 16 Oct 2022 11:24:55 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
22378
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
42990
X-Served-By
cache-lga13622-LGA, cache-hhn4042-HHN
Last-Modified
Wed, 12 Oct 2022 13:08:12 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1665919495.398150,VS0,VE0
ETag
W/"6346bc3c-1e1bd"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
7, 25052
nmedianet.js
contextual.media.net/ Frame BEE4 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6ec632581d6ed03cf152ced2cefd673d7310ed5f58271cddd37d6540b020cd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-mnt-h
8-1
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 16 Oct 2022 11:24:55 GMT
server
Apache
etag
"e43ff295fca6503033a78d019223aa11"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-32
timing-allow-origin
*
expires
Sun, 16 Oct 2022 11:29:55 GMT
log
qsearch-a.akamaihd.net/ Frame BEE4 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=19050205&other_prv=9&jar_err=&current_day=0.0&adtyp=0&req_id=3755218356345421222&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=7.8382&exp=&deal_id=&fdbk_id=&second_bidder=*&search_res=60&floor_bucket=0.00&gpid_format=&seat=&size=728x90&url_l1=xnzsf6&f_seg=&prdp=0.0120&ogcbdp=0.0300&dfpbd=0.0120&server=1&ogerpm_wd_bkt=0-1&model_version=202210152144_generic_appn_2-cid_1&viewability=0.7900&dmm_r=0.2770&cut=60&dmm_l=0.0160&as_cache=0&tcyerpm=&sc=BB&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ouo.press%2Fxnzsf6%2F&bidrestime=1665919495225&cc=DE&strg=harmony&ss=&current_hour=11&time_stamp=2022-10-16+11%3A24%3A55&model_key=generic_appn_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0300&ct=Sch%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BDnefeld&akey=&mnckfl=0&bdp_bucket=0.05&algo=unison12&dc=eu_be&splid=19050205&dim4=exploration&dn=ouo.press&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36&buyer_id=&dmm_m10=1143614&bdp_wider_bucket=1&acid=7e2b6eacccb0425aa0b1b1737c789b30&infl=&o_ver=NT+10.0&br_ver=106.0.5249.119&bdmm_m6=1.0000&bdmm_m7=0.8600&bdmm_m5=1.0000&ver=8.15.0&totalTimeBucket=3&visibility=0&totalTime=3750000&dmm_m1=2022-10-16+11%3A24%3A55.229314755&e_rpm=0.0440&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.8600&cid=8CU6M287B&bcrid=352460673&rawbid=0.0300&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-6574dc5d46-6tttz.BE&dfp_bucket=0.0&adblk=&itype=appnexus&pvid_seat=9&cliIP=1358891520&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=60&gpid=&iwb=1&dmm_d22=0.01&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.03
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:55 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 16 Oct 2022 11:24:55 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame BEE4 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sun, 16 Oct 2022 11:24:55 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=77858
access-control-allow-credentials
true
content-length
62892
expires
Mon, 17 Oct 2022 09:02:33 GMT
trk.js
cdn.adnxs.com/v/s/229/ Frame BEE4 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/229/trk.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f848d12e0c73ffe76cce049dd372c19fd257214e8ec43be66bd27a4d335837f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Thu, 05 Oct 2023 09:41:59 GMT
Date
Sun, 16 Oct 2022 11:24:55 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
956576
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29365
X-Served-By
cache-lga13620-LGA, cache-hhn4073-HHN
Last-Modified
Wed, 05 Oct 2022 09:41:41 GMT
Server
AkamaiNetStorage
X-Timer
S1665919495.392999,VS0,VE0
ETag
"e4a20054d2e3bd70bee1fab0cc606a4f:1664962901.362129"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 1459143
it
fra1-ib.adnxs.com/ Frame BEE4 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fouo.press%252FXnZSf6&e=wqT_3QLOBOhOAgAAAwDWAAUBCIfUr5oGEJu2iJH86YPFfxgAKjYJ-n5qvHSTiD8RnNzvUBTogz8ZAAAA4KNw5T8hnA0SACkRJNAxAAAAoJmZqT8w3d2KCTjRGECVCUhgUIG_iKgBWNGXZWAAaMzMP3ji1QWAAQGKAQNVU0SSAQEG8P2YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALnQ-ACw8tZ6gIYaHR0cHM6Ly9vdW8ucHJlc3MvWG5aU2Y2gAMAiAMBkAMAmAMXoAMBqgNBEhgzNzU1MjE4MzU2MzQ1NDIxMjIyX3NiaWQaEzkxOTAxNzQ4MjQ4MzY3NjY0OTEiCTM1MjQ2MDY3MyoFTTExNzPAA6wCyAMA2APcoKcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgwLjI1NS4xMC4yMDGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEgSEfWIgFAZgFAKAFpvv6v6_mzY40wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOMMGQADIB-LVBdIHDRV3ATgI2gcGCSdk4AcA6gcCCADwB71EiggCEACVCAAAgD-YCAE.&s=289c70dd1a7e967886cdae2ae10e76ccaab20e74
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:55 GMT
AN-X-Request-Uuid
d44696f2-f91e-421b-a69b-75a0ecb729fd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 3373 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.adtrue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Oct 2022 11:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
538
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 16 Oct 2022 13:15:57 GMT
js
www.googletagmanager.com/gtag/ Frame 3373 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bfcc9a225661e16f03557dccbbb1155961b94853a87d65216540102249487ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://track.adtrue.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74960
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 16 Oct 2022 11:24:55 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=R5WP63xUQW51bFFxc3ZzUThCWmJlcG1YV1V3Wnp5blBTYkNyQlJZZEJodzNBTkh5VGFldE96QS9vb0VhYk43K0xZTjhadnEvQzlKNlpDdVNIMHorK0xYOGkxaVB5V25kNGFaNHRmZEVlL1FFM3dIUkQxNVE4ODhqZjA0Z1lFVWd6UXlML1E4RUlQanFwRkxtSFdBSklzako5TCt6dmN2SWp6VTdkL1RqM0R0RWtwRGJ0NW1HUStRWlBGb3lGZm44SnJQTWFINHpTZ0ZzZ1VVd0NDWnArRVdTaHFneWU3QUpMWUcra0hDL3pVcmF5ckIwPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 16 Oct 2022 11:24:55 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
480769
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
reload
www.google.com/recaptcha/api2/ Frame 57AD 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
746d7d8dcc9f37f4d7949191a987173e66520531c2dff569d2cbf4ec09bc5ae6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=prwxbw67c1nq
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18609
x-xss-protection
1; mode=block
expires
Sun, 16 Oct 2022 11:24:55 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ouo.press
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 16 Oct 2022 11:24:55 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame BEE4 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
smtr
contextual.media.net/ Frame BEE4 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=211362147&size=728x90&cc=DE&chnm=HARMONY&pid=8PO15FLE3&tpid=TCOZEBG&https=1&vif=1&requrl=https%3A%2F%2Fouo.press%2FXnZSf6&kwrf=https%3A%2F%2Fouo.press&nse=5&vi=1665919495764934236&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&itid=16&bcpf=B48fOnRrolnfOur84zageeaz&bdrId=9&ntv=0&katpre=1&katbid=-103&pgid=p01736096623t202210161124&goent=1&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=BY
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c21b24e420dc6a150add2ab4b90452e1173de30f276d7e3c989c85a23fef1650
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-sc-w
22-r1j8
pragma
no-cache
date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-7bl6
timing-allow-origin
*
content-length
27377
expires
Sun, 16 Oct 2022 11:24:55 GMT
checksync.php
contextual.media.net/ Frame 084F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c07ecb6bdd93723310d08d5b41f6a25a3cfb1ab68635d884f0c506bd9e33a8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5746
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 11:24:55 GMT
expires
Tue, 18 Oct 2022 11:24:55 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame BEE4 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=556&&vgd_cdv=813&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&vi=1665919495764934236&ugd=4&lf=6&kwrf=https%3A%2F%2Fouo.press&cc=DE&sc=BY&lper=100&wsip=2886995206&r=1665919495459&requrl=https%3A%2F%2Fouo.press%2FXnZSf6&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=201011&vgd_rakh=1665919495195896508&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p01736096623t202210161124&vgd_pgids=1&vgd_uspa=0&hvsid=00001665919495456013588915206657&gdpr=1&vgd_l2type=sca&vgd_end=1
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 16 Oct 2022 11:24:55 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=25165
content-length
15
checksync.php
contextual.media.net/ Frame 5A2F 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f529844701a25578feebcad44baa1c83cc3e4580b35cba69e605ceda2cb7abfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7841
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 11:24:55 GMT
expires
Tue, 18 Oct 2022 11:24:55 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame BEE4 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4781&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3755218356345421222&s_city=frankfurt+am+main&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.030&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=dfd0dbe2&scrid=352460673&itypeid=16&mx_SPRIG=0&viewability=79&renderer=0&be=0&rtime=6.0&adj0=0.0&tmax=150&s_ip=37.252.171.103&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3755218356345421222&sc=BB&mowxReqId=7e2b6eacccb0425aa0b1b1737c789b30_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2FXnZSf6&bidrestime=1665919495225&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-43-17&coppa_enf=true&devmodel=Unknown&bdp=0.030&ct=Sch%C3%83%C2%B6nefeld&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=201011&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=7e2b6eacccb0425aa0b1b1737c789b30&actltime=14&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.012&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3153&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460673&omul=1.0&res_mtype=0&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1665920095482&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&dummy_vsid=false&cbdp=0.012&csex=0&pvdTmax=110&ltime=11.0&epc=211362147&prvReqId=19452890037100_846747891_856004011191&zip=12529&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&mx_bsBucketRa=0&rtttime=20&apTags%3C%3E=75&mx_PC=1&wsip=mowx-6bcbcfcfb9-swk22&currsrc_date=2022-10-14+00%3A00%3A00&mx_divid=19050205&geoll=false&omid=0&debug_ts=2022-10-16+11%3A24%3A55&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&pid=8PR113JGC&spTo=3&ecp=0.67&pvid=9&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-6574dc5d46-6tttz.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&acsn=1&dtc=eu_be&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.03&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=9190174824836766491&rme=adm&bdata=~bx_len%3D1394~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DSCHNEFELD~ref_cnt%3D0~r_ip%3D80.255.10.0~r_sc%3DBB~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000010~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~bx_ref_url%3D%40Lhz6grA1wm%2F~iha%3D0~dmm_l%3D0.016~dmm_r%3D0.277~e_rpm%3D0.044~dmm_m1%3D0.044~dmm_m2%3D0.018~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.860~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D0.860~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.938~dmm_m16%3D0.331~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D17.000~dmm_m36%3D17.000~dmm_m39%3D304636.387~dmm_m40%3D2951331.000~dmm_m41%3D43.645~dmm_m42%3D988.000~dmm_m43%3D2.293~dmm_m44%3D0.938~dmm_m47%3D43173.000~dmm_m48%3D10708371.000~dmm_m50%3D8.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.044~vbr%3D0~bid%3D0.030~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.793213%7Ecbdp%3D0.012%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Dunison12%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.030%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D60%7Edogb%3D0-1~ibc%3D1~&utime=253&sf=0&cpr=0.4403270620947093
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 16 Oct 2022 11:24:55 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 16 Oct 2022 17:24:55 GMT
checksync.php
contextual.media.net/ Frame BCCE 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C359%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f529844701a25578feebcad44baa1c83cc3e4580b35cba69e605ceda2cb7abfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7841
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 11:24:55 GMT
expires
Tue, 18 Oct 2022 11:24:55 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
rd_log
fra1-ib.adnxs.com/ Frame BEE4 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FXnZSf6&e=wqT_3QKNBOgNAgAAAwDWAAUBCIfUr5oGEJu2iJH86YPFfxgAKjYJ-n5qvHSTiD8RnNzvUBTogz8ZAAAA4KNw5T8hnA0SACkRJNAxAAAAoJmZqT8w3d2KCTjRGECVCUhgUIG_iKgBWNGXZWAAaMzMP3ji1QWAAQGKAQNVU0SSAQEG8LyYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALnQ-ACw8tZ6gIYaHR0cHM6Ly9vdW8ucHJlc3MvWG5aU2Y2gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD3KCnAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04MC4yNTUuMTAuMjAxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIEB3liIBQGYBQCgBab7-r-v5s2ONMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFJSBgAIAAwADjDBkAAyAfi1QXSBw0VdwE4CNoHBgknZOAHAOoHAggA8Ae9RIoIAhAAlQgAAIA_mAgB&s=95b026638eec9fa9a0862cde12456b8f67e7b4a7&bdref=https%3A%2F%2Fouo.press%2FXnZSf6&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fouo.press%2FXnZSf6,https%3A%2F%2Fouo.press%2FXnZSf6,https%3A%2F%2Fouo.press%2FXnZSf6&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:55 GMT
AN-X-Request-Uuid
c81cc9cb-ed34-4c20-991a-fca6f1365a38
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
passback.js
cdn.adtrue.com/rtb/ Frame F4FA 		753 B
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1496453
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
etag
W/"5f98e4fc-2f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N69arSUNLhELXaYCj2qfvwQVJK3inum8al%2F4VR0nh7SU%2F%2FlYjxCsRMI%2F1ZZ4xqzJrQTNwweYF25hewY0TsQEjXiPGRKMz9GFnuDTaTHNfWEhyuXOfjz1nN2IZwDnYUYnjq3zkufD77fqUuvJDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31104000
cf-ray
75b06e4edd635c9e-FRA
expires
Sun, 24 Sep 2023 03:44:02 GMT
passback
exchange.adtrue.com/tag/ Frame F4FA 		296 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=59861903&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:90ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DI7jgr%2FnTtqtNRqlxckBPS%2FJB8I79FdwK10f6uxKkHcSB8bZ5LReFgOSQontNd5D2fOgLBS7neMpo5aqf49s42tpAjsooiZ96dX5gWuM1GN%2BSkPq86iGGW2O1WXBxDWNCWu21z6%2FMvo%2BJm4%2FnyY7VeKt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
75b06e4f3e5b5c9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vevent
fra1-ib.adnxs.com/ Frame BEE4 		0
831 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FXnZSf6&e=wqT_3QLOBOhOAgAAAwDWAAUBCIfUr5oGEJu2iJH86YPFfxgAKjYJ-n5qvHSTiD8RnNzvUBTogz8ZAAAA4KNw5T8hnA0SACkRJNAxAAAAoJmZqT8w3d2KCTjRGECVCUhgUIG_iKgBWNGXZWAAaMzMP3ji1QWAAQGKAQNVU0SSAQEG8P2YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALnQ-ACw8tZ6gIYaHR0cHM6Ly9vdW8ucHJlc3MvWG5aU2Y2gAMAiAMBkAMAmAMXoAMBqgNBEhgzNzU1MjE4MzU2MzQ1NDIxMjIyX3NiaWQaEzkxOTAxNzQ4MjQ4MzY3NjY0OTEiCTM1MjQ2MDY3MyoFTTExNzPAA6wCyAMA2APcoKcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgwLjI1NS4xMC4yMDGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEgSEfWIgFAZgFAKAFpvv6v6_mzY40wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOMMGQADIB-LVBdIHDRV3ATgI2gcGCSdk4AcA6gcCCADwB71EiggCEACVCAAAgD-YCAE.&s=289c70dd1a7e967886cdae2ae10e76ccaab20e74&type=nv&nvt=5&jm=1003&sid=4385088391458751927&vd=ct~0|rr~0&sv=229&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&sw=1600&sh=1200&pw=1600&ph=1793&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/229/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:55 GMT
AN-X-Request-Uuid
4b6fa93d-3829-45aa-a0af-cf0aedcaea88
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adtrue.ouo.press.991771.js
jsc.adskeeper.com/a/d/ Frame F4FA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=59861903&ref=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a22e35e23472b043db7c637c12ae2013a5f1ca01ddda995379a307da89f40645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
gzip
x-amz-version-id
f.ffT1LrPbQX.EIpax0NyQEwqJ97JBVW
cf-cache-status
HIT
x-amz-request-id
5408PHA97WPNA1TP
age
111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
908
x-amz-id-2
BJF1Qbvzn6bDsp0kzT4sN3xbEleJgJDqU5hZr+HwJHo6wgZfCzR/7evxeIYXjw0OVX1e+2Z8d0M=
last-modified
Wed, 15 Jun 2022 13:18:30 GMT
server
cloudflare
etag
"4f8f059fbf3b6b0e3a37926f648a3993"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75b06e4fcecd925b-FRA
expires
Sun, 16 Oct 2022 15:24:55 GMT
adtrue.ouo.press.991771.es6.js
jsc.adskeeper.com/a/d/ Frame F4FA 		249 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2e52ab80887bd8fc697a561f5542f4b434e5e9678a0114eca5d140156d4e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
content-encoding
gzip
x-amz-version-id
NX7wQXc7.FGN_u6PGufKW0wdpyDY_3AN
cf-cache-status
HIT
x-amz-request-id
SRAS8M3CC440D4N7
age
4570
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76738
x-amz-id-2
H3wx/j7H/X41waUK3Y3BLpN7Qw7eCSdXtbh+JHxXSIAsRCyV9vaFT/fAXxo+Geczuzj9DmQiQXo=
last-modified
Wed, 24 Aug 2022 10:09:52 GMT
server
cloudflare
etag
"e559caae45cb818b6896845671336a3b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75b06e5028c4bb35-FRA
expires
Sun, 16 Oct 2022 15:24:55 GMT
truncated
/ Frame 3A8E 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3A8E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame 3A8E 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Unused62
8096267
Date
Sun, 16 Oct 2022 11:24:55 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
390bbf0c-1cd9-455a-901d-6e36561b9a79
https://ouo.press/ Frame F4FA 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ouo.press/390bbf0c-1cd9-455a-901d-6e36561b9a79
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
775ec2d4-95a5-45ca-a1f5-79872acfd72c
https://ouo.press/ Frame F4FA 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ouo.press/775ec2d4-95a5-45ca-a1f5-79872acfd72c
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
/
c.adskeeper.com/pv/ Frame F4FA 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1665919495831498431152&uniqId=1651b&lct=1661299200&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fouo.press%2FXnZSf6&cxurl=https%3A%2F%2Fouo.press%2FXnZSf6&lu=https%3A%2F%2Fouo.press%2FXnZSf6&sessionId=634bea08-0ea07&pageView=1&pvid=183e08a2e98b8604666&site=624865&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75b06e510964925b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
974b9b97-6a12-42ee-806c-e7c613539ecd
https://ouo.press/ Frame F4FA 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ouo.press/974b9b97-6a12-42ee-806c-e7c613539ecd
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame F4FA 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
P23G98T0RPS1923H
age
374
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+pkIcnDW5LI90x9mr22bkfqfBqu9Ndl9EtSQVcNdlUzWcDpVywyJ6BJrec3/moiJaPWw/mY5K2s=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
75b06e514cc290dd-FRA
expires
Sun, 16 Oct 2022 15:24:55 GMT
bql.php
lg3.media.net/ Frame 3A8E 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5597&&&vgd_l2type=sca&fp=CPlwIBiT932FkZzdrHiv5lv8EL5ebwrpp9Xj29uLY8pNfxjhDhFp06hcIWN8I10o0mSKHwk0s-KSoOHp1rZ3UP5dhDW_L01bdEDPwONZHcw1X3CeRgJcXCS_EPE0Evzr&cme=5JO0eA9hjHkWepLgDk06VLOYAP-bzm2PPjDkuKIMFevzpx2f7IwN2kAg41g0R5KvZak2CR9USQDgxYTBOJdSyN14JUeKReBElTigVLt_WpCjdlmBlFqyLxeVkx3ux08Fgpx2C3ZM1YxEaAlDv1n7FP8aV_BEonxjRIEcmf-hrcc1E8AajtFPIRQ7tylysv04E86EqeKgBxkU-Y-e_vWGsk92Jrpv5RFU3zbxXsvtmZo%3D%7C%7Cxrl5Md8q4--7SFrAGF_Mxzca4oM6-7k4qOeYk2DZbuY%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD41Acxn9AJpoOjkyJtzmbY4jWGeS6vdW83U8HQKbt2PXQ%3D%3D%7CyHYO4EJ-k1NWphChQhfNQmRHlwBTyGI95d68mb24NMuzUv5xkUeJxV1fQ7ea0D0N_4aFtRyC5LxSvON23an9jmyjT81qNtb2vxBb-sDv39WBssPPvZ9zkUycXU_jPl7EjgwbOYu015-JecXKeenAb5UpihN3h4r_rPeOTPlxvO0462_gdFr8_YB65mvfxKXlF5CHlWJaJ3hj7ug8AdWlBalSiepQKoG94CFT1kI7CN0%3D%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7C&v=1&gdpr=1&geo=52.5%7C13.39&dlper=20&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170785077&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=266&fdkt=240&vgde_kbbh=ffoyxQJuOu99&kwd[]=Die+besten+Aktien+kaufen&kwt[]=240&kbc[]=1d1ed76ef9eb57b3a23b20e14c50866a.d2s&kwp[]=1&kid[]=326670668&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.15%7C60%3D1.13%7C10%3D5.02%7C62%3D0.30%7C12%3D0.11%7C66%3D1.13%7C1%3D1.13%7Cps%3D0.810%7C3%3D0.62%7C4%3D4.15&ktd[]=274894815488&ktrkt[]=Die+besten+Aktien+kaufen&kwd[]=Tagesgeldkonten+mit+hohen+Zinsen&kwt[]=240&kbc[]=1d1ed76ef9eb57b3a23b20e14c50866a.d2s&kwp[]=2&kid[]=329625578&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.15%7C60%3D0.30%7C10%3D5.02%7C62%3D0.17%7C12%3D0.09%7C66%3D1.13%7C1%3D0.25%7Cps%3D0.810%7C3%3D0.36%7C4%3D4.29&ktd[]=274894815488&ktrkt[]=Tagesgeldkonten+mit+hohen+Zinsen&kwd[]=Luftreiniger+f%C3%BCr+Allergiker&kwt[]=240&kbc[]=1d1ed76ef9eb57b3a23b20e14c50866a.d2s&kwp[]=3&kid[]=350651746&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.15%7C60%3D0.99%7C10%3D5.02%7C62%3D0.50%7C12%3D0.14%7C66%3D1.13%7C1%3D0.75%7Cps%3D0.810%7C3%3D0.49%7C4%3D3.04&ktd[]=274894815488&ktrkt[]=Luftreiniger+f%C3%BCr+Allergiker&kwd[]=Tablet+PCs+g%C3%BCnstig+kaufen&kwt[]=240&kbc[]=1d1ed76ef9eb57b3a23b20e14c50866a.d2s&kwp[]=4&kid[]=329479814&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.15%7C60%3D0.99%7C10%3D5.02%7C62%3D0.50%7C12%3D0.14%7C66%3D1.13%7C1%3D0.75%7Cps%3D0.810%7C3%3D0.21%7C4%3D1.82&ktd[]=274894815488&ktrkt[]=Tablet+PCs+g%C3%BCnstig+kaufen&cid=8CUL2446F&vi=1665919495764934236&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D201011&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=813&vgd_l3_sc=BY&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_refdomain=ouo.press&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785077&vgd_nrrv=17795&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=berlin&vgd_go_pid=8PO15FLE3&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1665919495195896508&sttm=1665919495456&upk=1665919495.19511&hvsid=00001665919495456013588915206657&verid=3111299&sbdrId=99&vgd_ecrid=352460673&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D201011&&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvuAiH~QJjjJLM71yM8Ovui9X9f9X~Q7Ovui9X9f9X~875EJvK00I4tPb~e8Q8G8j875v9~N875vb%3DqI4s4Tr~LJkMNz7v9~LM8EvW9.fXX.u9.9~LMQNvRR~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1Qzvf9u9uu~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHv99~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvh9~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9u~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv99999u9~G-M8z7YOv9~G-My8zQxv9~G-MNQv9~G-MQ8lJvhfW-i9~G-M1yjf1Mjv9~G-Mjf1Qv9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~G-MLJkMxLjv%40TwlFyLKuBYS~8w1v9~OYYMjv9.9uF~OYYMLv9.fhh~JMLEYv9.9HH~OYYMYuv9.9HH~OYYMYfv9.9uW~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhv9.WF9~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.WFi~OYYMYufv9.WF9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iAW~OYYMYuFv9.AAu~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvuh.999~OYYMYAFvuh.999~OYYMYAivA9HFAF.AWh~OYYMYH9vfiXuAAu.999~OYYMYHuvHA.FHX~OYYMYHfviWW.999~OYYMYHAvf.fiA~OYYMYHHv9.iAW~OYYMYHhvHAuhA.999~OYYMYHWvu9h9WAhu.999~OYYMYX9vW.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.9HH~eGLv9~G8Ov9.9A9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8Ovui9X9f9X~e8JB1G8j875v9.hiAfuA~NGOEv9.9uf~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~O1jyvxz8Qmzuf~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.999~myG8Ov9.9A9~875EJM8OvuF~QJjjJLM71yM8Ovui9X9f9X~N1LL8JLVOv9~ONx7vF9~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=220406&vgd_scsver=336&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=BY&vgd_l1rhst=contextual.media.net&hvsid=00001665919495456013588915206657&subBdr=99&bdrid=9&rc=0&rand=1665919495781&acid=7e2b6eacccb0425aa0b1b1737c789b30&matm=1665919495781&requrl=https%3A%2F%2Fouo.press%2FXnZSf6&vgd_x_pos=437&vgd_y_pos=2025&vgd_ren_page_h=1793&vgd_ltimesrc=1&vgd_ltime=431&vgd_rtime=366&vgd_etm=10&vgd_l1hcsd=A1%7C6786&vgd_l1ch=1&vgd_lhl=3214&vgd_pgid=p01736096623t202210161124&vgd_adprefflag=01&vgd_csip=rtb-common-6574dc5d46-6tttz.BE&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=SL%7CDIV%7CDIV&vgd_crefurl=https%3A%2F%2Fouo.press%2FXnZSf6&vgd_eadm=1&vgd_end=2
Requested by
Host: ouo.press
URL: https://ouo.press/XnZSf6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 16 Oct 2022 11:24:55 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=33275
content-length
15
1
servicer.adskeeper.com/991771/ Frame F4FA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/991771/1?pv=5&cbuster=1665919495897648115084&uniqId=1651b&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fouo.press%2FXnZSf6&cxurl=https%3A%2F%2Fouo.press%2FXnZSf6&lu=https%3A%2F%2Fouo.press%2FXnZSf6&sessionId=634bea08-0ea07&pageView=1&pvid=183e08a2e98b8604666&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d893ad31a46948d82d887543a1502bd97ba542d11f42e308a23cbb31b8cf6d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
75b06e517a28925b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget-ssp-performance
c.adskeeper.com/ Frame F4FA 		43 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/widget-ssp-performance?time=69
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75b06e516babbb35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/gif
widget-ssp-performance
c.adskeeper.com/ Frame F4FA 		43 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/widget-ssp-performance?time=119
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75b06e521d4bbb35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/gif
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame F4FA 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:56 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
P23RQEJ25BNW6PMB
age
6303
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
L3w/xnCEkbihZfBeuEHW9mXiAttGvQPvwOL/9lifnISsnDxvmWEr5kjYCawv7mafaoWb4UcI7XM=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
75b06e523a6d694c-FRA
expires
Sun, 16 Oct 2022 15:24:56 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS82NjM2NjEvZWEyOGI1NWE2NDBjMzU0N...
s-img.adskeeper.com/g/10570877/492x277/-/ Frame F4FA 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/10570877/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS82NjM2NjEvZWEyOGI1NWE2NDBjMzU0NmIwNTQ1N2UwNWRkNmM5NWUuanBn.webp?v=1665919495-XT60s7MX1Q18g51p7KqFhkmY_QK9oebZ3quuLq-frX4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:52a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6f3efd187f04f21473a169ee06ef416610cfe21b4675d1c5bf562dd0364311

Request headers

Referer
https://ouo.press/
Origin
https://ouo.press
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:56 GMT
cf-cache-status
HIT
last-modified
Sat, 15 Oct 2022 10:00:48 GMT
x-mg-request-uuid
8744eb08-86b0-46da-9d17-fd20623fdc7a
server
cloudflare
age
91448
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
75b06e526ab49219-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10442
i.js
cm.adskeeper.com/ Frame F4FA 		0
101 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i.js?&cbuster=1665919496027250778839
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
75b06e524bfd925b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.adskeeper.com/ Frame FE0D 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.com/i-noref.js?cbuster=1665919496032743392753
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
75b06e524bff925b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame F4FA 		227 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:56 GMT
content-encoding
gzip
last-modified
Fri, 23 Sep 2022 12:15:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=64138
accept-ranges
bytes
content-length
73257
expires
Mon, 17 Oct 2022 05:13:54 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame F4FA 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
BNJ6QE5JEPQ6QZQN
age
920
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75b06e526af568fb-FRA
x-amz-id-2
hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=
v1
lb.eu-1-id5-sync.com/lb/ Frame F4FA 		33 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216620.ip-141-95-98.eu
Software
/
Resource Hash
87a2b22da668c00c61313a32964461f4fc0ad24f250e45b2497110dedc5b5a67

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sun, 16 Oct 2022 11:24:55 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ Frame F4FA 		34 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::31ee , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c8419a9a83c0aef4a25769b22a657c3b5a9fdf9d5b947b6cb3d8f83d3a16d89e

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sun, 16 Oct 2022 11:24:56 GMT
content-length
34
vary
Origin
content-type
application/json
publishertag.prebid.123.js
static.criteo.net/js/ld/ Frame 22A6 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 17 Oct 2022 11:24:56 GMT
syncframe
gum.criteo.com/ Frame 4C5B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 11:24:55 GMT
server
Kestrel
server-processing-duration-in-ticks
764122
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 22A6 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 17 Oct 2022 11:24:56 GMT
sid
mug.criteo.com/ Frame 4C5B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=Bq8HAl9WZXZCTzFZJTJGdzM2NHpQVVJxWklzTlpHJTJGYiUyRlVrcndNMVIwUGU4cVZZZWN1MXNjd21h...
  • https://mug.criteo.com/sid?cpp=3VmfdHxpeGNqa3A0SE0rV1pReVN0U0I2THNVVmI2RWowcFcyaEZjbDJtZEJMNFMzekxQTSszK0VpMXFPWTZuU1FMc0FqOWlDRzZMQjUwZ3lOQ1l5QmJ3Q0krWkR5SjR5VytDQjJET1FWWXJnVU1mTGNCQ0piZGZpaUpvbV...
428 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3VmfdHxpeGNqa3A0SE0rV1pReVN0U0I2THNVVmI2RWowcFcyaEZjbDJtZEJMNFMzekxQTSszK0VpMXFPWTZuU1FMc0FqOWlDRzZMQjUwZ3lOQ1l5QmJ3Q0krWkR5SjR5VytDQjJET1FWWXJnVU1mTGNCQ0piZGZpaUpvbVJUcmpUeExlRlh2QVllQWNWOGZZNmp4RzYxT2Q3SjJuLzlvUTZsK2gxb0hpbUt5TTdyRTRrdzRKbEpMd2J5Mjllb2RMTnR5U0lLTk0xdisvQ2JIMjFReHVXMnVTcnVJUktQK0dIVXFVWDllM0FIdFZvM3RBcDFvdUVhQ1NkbzdST3pYYnFNUHZmME5oQTRoMklDRzI1WkNSMGMwM29sZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0aea57cee531f270063a4bd23c1b2327dc067a3efea339d584f158f98e8f67cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2498255
expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3VmfdHxpeGNqa3A0SE0rV1pReVN0U0I2THNVVmI2RWowcFcyaEZjbDJtZEJMNFMzekxQTSszK0VpMXFPWTZuU1FMc0FqOWlDRzZMQjUwZ3lOQ1l5QmJ3Q0krWkR5SjR5VytDQjJET1FWWXJnVU1mTGNCQ0piZGZpaUpvbVJUcmpUeExlRlh2QVllQWNWOGZZNmp4RzYxT2Q3SjJuLzlvUTZsK2gxb0hpbUt5TTdyRTRrdzRKbEpMd2J5Mjllb2RMTnR5U0lLTk0xdisvQ2JIMjFReHVXMnVTcnVJUktQK0dIVXFVWDllM0FIdFZvM3RBcDFvdUVhQ1NkbzdST3pYYnFNUHZmME5oQTRoMklDRzI1WkNSMGMwM29sZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
371598
content-length
0
expires
0
231.json
id5-sync.com/g/v2/ Frame F4FA 		216 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b652e005870c1a4c19c1b5be21e9690e2389413e048328b6b4b9d4c6100c619f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sun, 16 Oct 2022 11:24:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
vevent
fra1-ib.adnxs.com/ Frame BEE4 		0
831 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2FXnZSf6&e=wqT_3QLOBOhOAgAAAwDWAAUBCIfUr5oGEJu2iJH86YPFfxgAKjYJ-n5qvHSTiD8RnNzvUBTogz8ZAAAA4KNw5T8hnA0SACkRJNAxAAAAoJmZqT8w3d2KCTjRGECVCUhgUIG_iKgBWNGXZWAAaMzMP3ji1QWAAQGKAQNVU0SSAQEG8P2YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALnQ-ACw8tZ6gIYaHR0cHM6Ly9vdW8ucHJlc3MvWG5aU2Y2gAMAiAMBkAMAmAMXoAMBqgNBEhgzNzU1MjE4MzU2MzQ1NDIxMjIyX3NiaWQaEzkxOTAxNzQ4MjQ4MzY3NjY0OTEiCTM1MjQ2MDY3MyoFTTExNzPAA6wCyAMA2APcoKcB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgwLjI1NS4xMC4yMDGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEgSEfWIgFAZgFAKAFpvv6v6_mzY40wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOMMGQADIB-LVBdIHDRV3ATgI2gcGCSdk4AcA6gcCCADwB71EiggCEACVCAAAgD-YCAE.&s=289c70dd1a7e967886cdae2ae10e76ccaab20e74&type=pv&jm=1003&px=436&py=1109&bw=728&bh=90&sf=1&sid=4385088391458751927&vd=ct~0|rr~5&sv=229&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/229/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:56 GMT
AN-X-Request-Uuid
81849097-ff7d-434f-be49-14967b2bd4f7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ouo.press
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.113.js
static.criteo.net/js/ld/ Frame 4E09 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 17 Oct 2022 11:24:57 GMT
syncframe
gum.criteo.com/ Frame 6575 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Oct 2022 11:24:56 GMT
server
Kestrel
server-processing-duration-in-ticks
1707093
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 6575
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=Bq8HAl9WZXZCTzFZJTJGdzM2NHpQVVJxWklzTlpHJTJGYiUyRlVrcndNMVIwUGU4cVZZZWN1MXNjd21h...
  • https://mug.criteo.com/sid?cpp=0KpZinwvVzN5V1E3S25QSVpBWTcxcVFIb0h6NUt1VnNhUGt5WW5Tc3ZNTmp1WXJ4ZVZwMGI2RU5kU0RDaHRrRnZsS0Q2NVhOd3ZrRnFod1hoOVl3ZlJwV0dmVmNwazlieW15T1dXaGtTUklOWXJrUEhGemVnWHd3ZFlYN2...
431 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0KpZinwvVzN5V1E3S25QSVpBWTcxcVFIb0h6NUt1VnNhUGt5WW5Tc3ZNTmp1WXJ4ZVZwMGI2RU5kU0RDaHRrRnZsS0Q2NVhOd3ZrRnFod1hoOVl3ZlJwV0dmVmNwazlieW15T1dXaGtTUklOWXJrUEhGemVnWHd3ZFlYN2F1TlRSUm5BeGxsWDdWbVQzdHRhVnBETFJEUmx0RnZ2b2F2OFQzRnN4R3VaT2lhYXFSWWRkNFhuZVdjNHRMak9UTVBDVnp3dzl6K1RUUHZxTnozV1VCT0lON0hqNjJySTBTdm9qQ3FKZDhLQjhIWTRXTmVNdVRDVGNrSy80QllCYXdZcUgvWVQ0dmdTNVB2MGl0NmZ4Wmdsa1FhMk1SQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0274bad2969adfbcb573b757d1ef078f22da39531a95d64433903fc010d6b722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2440458
expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=0KpZinwvVzN5V1E3S25QSVpBWTcxcVFIb0h6NUt1VnNhUGt5WW5Tc3ZNTmp1WXJ4ZVZwMGI2RU5kU0RDaHRrRnZsS0Q2NVhOd3ZrRnFod1hoOVl3ZlJwV0dmVmNwazlieW15T1dXaGtTUklOWXJrUEhGemVnWHd3ZFlYN2F1TlRSUm5BeGxsWDdWbVQzdHRhVnBETFJEUmx0RnZ2b2F2OFQzRnN4R3VaT2lhYXFSWWRkNFhuZVdjNHRMak9UTVBDVnp3dzl6K1RUUHZxTnozV1VCT0lON0hqNjJySTBTdm9qQ3FKZDhLQjhIWTRXTmVNdVRDVGNrSy80QllCYXdZcUgvWVQ0dmdTNVB2MGl0NmZ4Wmdsa1FhMk1SQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
552766
content-length
0
expires
0
bqi.php
lg3.media.net/ Frame BEE4 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3507&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_l2type=sca&pid=8PO15FLE3&katbid=-103&katen=1&cme=5JO0eA9hjHkWepLgDk06VLOYAP-bzm2PPjDkuKIMFevzpx2f7IwN2kAg41g0R5KvZak2CR9USQDgxYTBOJdSyN14JUeKReBElTigVLt_WpCjdlmBlFqyLxeVkx3ux08Fgpx2C3ZM1YxEaAlDv1n7FP8aV_BEonxjRIEcmf-hrcc1E8AajtFPIRQ7tylysv04E86EqeKgBxkU-Y-e_vWGsk92Jrpv5RFU3zbxXsvtmZo=||xrl5Md8q4--7SFrAGF_Mxzca4oM6-7k4qOeYk2DZbuY=|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|a0AmFUYXmD41Acxn9AJpoOjkyJtzmbY4jWGeS6vdW83U8HQKbt2PXQ==|yHYO4EJ-k1NWphChQhfNQmRHlwBTyGI95d68mb24NMuzUv5xkUeJxV1fQ7ea0D0N_4aFtRyC5LxSvON23an9jmyjT81qNtb2vxBb-sDv39WBssPPvZ9zkUycXU_jPl7EjgwbOYu015-JecXKeenAb5UpihN3h4r_rPeOTPlxvO0462_gdFr8_YB65mvfxKXlF5CHlWJaJ3hj7ug8AdWlBalSiepQKoG94CFT1kI7CN0=|u8A6SM53vAeDX2gxB2l7q9coRgBZkbzd|qW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb|&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&requrl=https%3A%2F%2Fouo.press%2FXnZSf6&vi=1665919495764934236&ugd=4&cc=DE&sc=BY&bdrid=9&subBdr=99&vgd_kwrf=https%3A%2F%2Fouo.press&startTime=1665919495450&vgd_l1rakh=1665919495195896508&l1ch=1&cref=https%3A%2F%2Fouo.press%2FXnZSf6&sttm=1665919495456&upk=1665919495.19511&hvsid=00001665919495456013588915206657&acid=7e2b6eacccb0425aa0b1b1737c789b30&verid=3111299&vgd_bdata=~bx_len%3D1394~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DSCHNEFELD~ref_cnt%3D0~r_ip%3D80.255.10.0~r_sc%3DBB~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000010~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~bx_ref_url%3D%40Lhz6grA1wm%2F~iha%3D0~dmm_l%3D0.016~dmm_r%3D0.277~e_rpm%3D0.044~dmm_m1%3D0.044~dmm_m2%3D0.018~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.860~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D0.860~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.938~dmm_m16%3D0.331~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D17.000~dmm_m36%3D17.000~dmm_m39%3D304636.387~dmm_m40%3D2951331.000~dmm_m41%3D43.645~dmm_m42%3D988.000~dmm_m43%3D2.293~dmm_m44%3D0.938~dmm_m47%3D43173.000~dmm_m48%3D10708371.000~dmm_m50%3D8.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.044~vbr%3D0~bid%3D0.030~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.793213%7Ecbdp%3D0.012%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Dunison12%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.030%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D60%7Edogb%3D0-1~ibc%3D1~&vgd_sc=BY&infr=1&stime=1665919495425&vgd_ecrid=352460673&l1hcsd=l1!A1|6786&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22eu_be%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p01736096623t202210161124&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 16 Oct 2022 11:24:57 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=56509
content-length
15
log
hblg.media.net/ Frame BEE4 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3755218356345421222&s_city=frankfurt+am+main&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&og_cbdp=0.030&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=dfd0dbe2&scrid=352460673&itypeid=16&mx_SPRIG=0&viewability=79&renderer=0&be=0&rtime=6.0&adj0=0.0&tmax=150&s_ip=37.252.171.103&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3755218356345421222&sc=BB&mowxReqId=7e2b6eacccb0425aa0b1b1737c789b30_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2FXnZSf6&bidrestime=1665919495225&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-43-17&coppa_enf=true&devmodel=Unknown&bdp=0.030&ct=Sch%C3%83%C2%B6nefeld&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=201011&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=7e2b6eacccb0425aa0b1b1737c789b30&actltime=14&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.012&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3153&bfs=103&rfc=-1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460673&omul=1.0&res_mtype=0&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&user_data_cnt=0&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1665920095482&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&dummy_vsid=false&cbdp=0.012&csex=0&pvdTmax=110&ltime=11.0&epc=211362147&prvReqId=19452890037100_846747891_856004011191&zip=12529&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&mx_bsBucketRa=0&rtttime=20&apTags%3C%3E=75&mx_PC=1&wsip=mowx-6bcbcfcfb9-swk22&currsrc_date=2022-10-14+00%3A00%3A00&mx_divid=19050205&geoll=false&omid=0&debug_ts=2022-10-16+11%3A24%3A55&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=-1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&pid=8PR113JGC&spTo=3&ecp=0.67&pvid=9&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-6574dc5d46-6tttz.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&acsn=1&dtc=eu_be&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.03&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=9190174824836766491&rme=adm&bdata=~bx_len%3D1394~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DSCHNEFELD~ref_cnt%3D0~r_ip%3D80.255.10.0~r_sc%3DBB~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D201011~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000010~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~bx_ref_url%3D%40Lhz6grA1wm%2F~iha%3D0~dmm_l%3D0.016~dmm_r%3D0.277~e_rpm%3D0.044~dmm_m1%3D0.044~dmm_m2%3D0.018~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.860~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D0.860~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.938~dmm_m16%3D0.331~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D17.000~dmm_m36%3D17.000~dmm_m39%3D304636.387~dmm_m40%3D2951331.000~dmm_m41%3D43.645~dmm_m42%3D988.000~dmm_m43%3D2.293~dmm_m44%3D0.938~dmm_m47%3D43173.000~dmm_m48%3D10708371.000~dmm_m50%3D8.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.044~vbr%3D0~bid%3D0.030~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.793213%7Ecbdp%3D0.012%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Edalg%3Dunison12%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.000%7Eogbid%3D0.030%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D60%7Edogb%3D0-1~ibc%3D1~&utime=253&sf=0&cpr=0.4403270620947093&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:57 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 16 Oct 2022 11:24:57 GMT
c
c.adskeeper.com/ Frame F4FA 		43 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?f=1&pv=3&v=300|250|28|R7SErZ-2wBPfdBJx51Q3zs3bTXttLhuDtXajvwxb8Vfnf4LZrdGlADrM_SNjfJUSzAAfGg8vOvj5g8IyX_sFug**&fw=1&extjs=66044&cid=991771&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*&rid=294b0832-4d45-11ed-bd47-e43d1a2a96ec&tt=Direct&iv=11&pageImp=1&pvid=183e08a2e98b8604666&cbuster=1665919497226860806520
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:42a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:57 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
4256259e-65df-47d4-9ecc-053e53ee66d0
server
cloudflare
content-type
image/gif
cf-ray
75b06e59bea4bb35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame F4FA 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=663661&type=c&tg=b711f0e9cae22a84079b76baa4071c00&mgbuster=0a042
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75b06e5a0a05d170-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
content-type
image/gif
806.json
id5-sync.com/g/v2/ Frame 22A6 		216 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
0e3fe7155fbebd091c702c4393aa96f419ea88e16a739fef4fa77ab15a50e3e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ouo.press
date
Sun, 16 Oct 2022 11:24:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 22A6 		0
0
id
id.crwdcntrl.net/ Frame 22A6 		63 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.72.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-72-119.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
64c07be503d0406e863816622fa50f637151dfd64ce0e420347d97e4907aea4d

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:57 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ouo.press
cache-control
no-cache
x-server
10.45.6.96
access-control-allow-credentials
true
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame 22A6 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
182cec5b68a0bb78ed0df15c0203ab40f95878708d4a7ada24a4ade8690c954f

Request headers

Referer
https://ouo.press/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Oct 2022 11:24:57 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ouo.press
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 15 Nov 2022 11:24:57 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3260 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 16 Oct 2022 11:24:58 GMT
ETag
"623de86a-cf34"
Expires
Mon, 17 Oct 2022 11:25:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0F03 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Oct 2022 11:24:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 0F03 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 11:24:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21436
Connection
keep-alive
Content-Length
9421
Expires
Sun, 16 Oct 2022 17:22:14 GMT
async_usersync
ib.adnxs.com/ Frame 3260 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:58 GMT
AN-X-Request-Uuid
445ad112-2f93-4ac0-aef7-2c8837990cc6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 22A6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=blOMEHxIaitFZEhDOS9QcmhwaElxSUdZYU5uRmFUZ1Z3SlQ2Zm5JeTdic0lSSnV1MThYWHM5N3IyWG1aLzdaSjFOQSttZSs1RHVpVGs3QmlleE1DVGtVSGwzRnIrSTRzQ0JNYTlyTUFwMGwvcnZId2lGc3czQit5VHYwWH...
439 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=blOMEHxIaitFZEhDOS9QcmhwaElxSUdZYU5uRmFUZ1Z3SlQ2Zm5JeTdic0lSSnV1MThYWHM5N3IyWG1aLzdaSjFOQSttZSs1RHVpVGs3QmlleE1DVGtVSGwzRnIrSTRzQ0JNYTlyTUFwMGwvcnZId2lGc3czQit5VHYwWHFFckV4RWxTYzhIUlZnYjBqdGhhbTRmTTEyRm5DMGFtQTllTUE2R2d1RXBISkVGZkhxUXBtSlowU2lnVGZMbFhPNW4rZ1pmcjFkaXJ2bzJRek9GUDEyTWM3RWxyeDhHb2N1UzRxSGpaWnZOcVFFNEtwRE1ndGljS2huSklCcUZMekRRVWo5bDhDb3ZKenVjQ3ZZQ3VyUkgwZGNuRDZ3Zz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
47e47b8b800c156b091ebcec9809d4f1d9cde28c1147d10591828a3e591910aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ouo.press/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1795037
expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=blOMEHxIaitFZEhDOS9QcmhwaElxSUdZYU5uRmFUZ1Z3SlQ2Zm5JeTdic0lSSnV1MThYWHM5N3IyWG1aLzdaSjFOQSttZSs1RHVpVGs3QmlleE1DVGtVSGwzRnIrSTRzQ0JNYTlyTUFwMGwvcnZId2lGc3czQit5VHYwWHFFckV4RWxTYzhIUlZnYjBqdGhhbTRmTTEyRm5DMGFtQTllTUE2R2d1RXBISkVGZkhxUXBtSlowU2lnVGZMbFhPNW4rZ1pmcjFkaXJ2bzJRek9GUDEyTWM3RWxyeDhHb2N1UzRxSGpaWnZOcVFFNEtwRE1ndGljS2huSklCcUZMekRRVWo5bDhDb3ZKenVjQ3ZZQ3VyUkgwZGNuRDZ3Zz09fA&cppv=2
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
640859
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ouo.press
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ouo.press
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 16 Oct 2022 11:24:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
477125
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 2D4B 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 16 Oct 2022 11:24:58 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 89B0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ouo.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71037
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 16 Oct 2022 11:24:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 17 Oct 2022 07:08:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
rubicon
match.adsrvr.org/track/cmf/ Frame 0F03 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Oct 2022 11:24:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 0F03
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKBLt0FT056MoIBkkMi4Mnw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKBLt0FT056MoIBkkMi4Mnw&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKBLt0FT056MoIBkkMi4Mnw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0F03
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTMwM2RjZGE1YjIxNzMyNWU5YWFiZjhiOWY3NjhjZGI3NDU3YjNjNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTMwM2RjZGE1YjIxNzMyNWU5YWFiZjhiOWY3NjhjZGI3NDU3YjNjNQ
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTMwM2RjZGE1YjIxNzMyNWU5YWFiZjhiOWY3NjhjZGI3NDU3YjNjNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 0F03
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xX_0t3vKREy1kRHjkHM5JQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xX_0t3vKREy1kRHjkHM5JQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xX_0t3vKREy1kRHjkHM5JQ
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VWGAKR9ATQZBC4KJ0EVB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xX_0t3vKREy1kRHjkHM5JQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0F03
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yI_JQ8eRRnela8pFZn-yCA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=yI_JQ8eRRnela8pFZn-yCA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=yI_JQ8eRRnela8pFZn-yCA
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7688T5FNQ6JX8PXB7KJ1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=yI_JQ8eRRnela8pFZn-yCA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0F03
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlCOUdEOE4tNi0xRkg3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlCOUdEOE4tNi0xRkg3
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 11:24:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlCOUdEOE4tNi0xRkg3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 0F03
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9B9GD8N-6-1FH7
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9B9GD8N-6-1FH7
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:58 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EC01D00EF83341A18FC16B51D7F06126 Ref B: DUS30EDGE0820 Ref C: 2022-10-16T11:24:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrJRvw3gdJd3tNnQE95A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9B9GD8N-6-1FH7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0F03
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Z_NYW7lCN2tenTx5rrpyog?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6433170965142623899
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6433170965142623899
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 16 Oct 2022 11:24:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6433170965142623899
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 89B0 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9744083&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155495
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 11:24:57 GMT
content-length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=blOMEHxIaitFZEhDOS9QcmhwaElxSUdZYU5uRmFUZ1Z3SlQ2Zm5JeTdic0lSSnV1MThYWHM5N3IyWG1aLzdaSjFOQSttZSs1RHVpVGs3QmlleE1DVGtVSGwzRnIrSTRzQ0JNYTlyTUFwMGwvcnZId2lGc3czQit5VHYwWHFFckV4RWxTYzhIUlZnYjBqdGhhbTRmTTEyRm5DMGFtQTllTUE2R2d1RXBISkVGZkhxUXBtSlowU2lnVGZMbFhPNW4rZ1pmcjFkaXJ2bzJRek9GUDEyTWM3RWxyeDhHb2N1UzRxSGpaWnZOcVFFNEtwRE1ndGljS2huSklCcUZMekRRVWo5bDhDb3ZKenVjQ3ZZQ3VyUkgwZGNuRDZ3Zz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 16 Oct 2022 11:24:58 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
490186
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 3260 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Oct 2022 11:24:59 GMT
AN-X-Request-Uuid
f6aae222-5263-4e9f-98df-43835e67414c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.201; 80.255.10.201; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| apd_options object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _0x2a00 function| _0x205b object| a function| b boolean| fifabAlready function| fi_fab function| _0x327402 function| _0x2e03 object| aclkh function| _0x3712 function| ghhklc object| recaptcha undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| fiUtils object| adtrue_tags function| generateCb number| adtrue_time number| adtrue_cb object| adtrue_rtb object| q object| qs string| js_code string| k object| closure_lm_467575 object| _mNDetails number| lnt_z object| _mgPageViewEndPoint624865 object| _mgPageView624865 string| _mgPvid object| criteo_syncframe_state object| _mgPageImp624865

38 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHtfOcgXvHHHCHP2-QhZjEJb5s7Zr7gG_AAL6VyRQueVVnzidowxnpldtUP7CfYCfn3RF867B1RtjrOxGg-IlSo
ouo.io/ Name: ouoio_session
Value: eyJpdiI6IkI3ZWJDVEhMbmdrc0JrY3dseDc3YjVzNUg5NjlwREF1RlRZRG5nbTJCTkE9IiwidmFsdWUiOiJTR1ZTUHRZTnNCaTZhU0xaVG93QTBkc3liU29KTFd2Z0RTSEhDaGJ5RkZneXRkcUl3TjlmY2lLVCtcL2pEa3djVGpOcXRtNTNiUmRCa0lHUUxtODhwVXc9PSIsIm1hYyI6IjUwMTk0NjcxYWIzNGRiOWMyZTA1YmE0MGIwOGU4YzdiNTdkZjM3ZjliZWUyMTk5ODQ1YTM1MmFhYjFlOTE2YzkifQ%3D%3D
ouo.io/ Name: language
Value: eyJpdiI6IlwvNHppK1hLV1FmVkFrQTNPRVUrY0dNc0hKdnFHdjdWRVpcL2FiNXNyVlM3Yz0iLCJ2YWx1ZSI6IlwvME9NS2tVNXMrVnpURDY0WGJGbmNTV1FDaHZGZjh4R0VQQjJzTm9oOEI0PSIsIm1hYyI6ImMyNzE5YTgyYjhiYjBiMGE1YjlhNDYxZDIyZDhhYjdiNDUwYWVhMzk2NWFjMGUyYWEwNTg2MWJiNGEyMWIyYjkifQ%3D%3D
ouo.io/ Name: 7c65c484e0a420aeb99977d9b42d63c9dbe8912e
Value: eyJpdiI6IkpYZ1J6MlRxT0xlSytuZXFxNlM3NkZURlg1akRna1BxTDcwdkNSakNlYnc9IiwidmFsdWUiOiJ5emFwam9HRnR6TG4wR1wvU25leU9cL3ZYVldOdlVGSkJkWk1CUGVtVGV2MW5GUVN0QlwvaGRFWG1SWmFOWjJCbno4RFBpUm04QjFLUFwvSDlualFkb1dwbW45QjZoVTUwZG5zcFZDeksrS2IrRFl2N3MwNlRcL29iZEhYMkptaThYM2kxMENtalZcLzB2UHlaV3U3SGhQOFRXSGd5TCtBamx2QW82eThWbElZY3RoVURQc2djbmw4eEVQVW5tODZKQWdnRGc1V1lTblwveVwvc3F4cytzQVpMRHR0VkxROG1ScVRwOWRxblhjZXh5TVwvSnF1eWhYQ0ZkUU1xaWVYeHRuOUptRlAxOCtFUDFVUklWS0Rpc1hsOTF3UDdKU1N5bWhzckxOa0ZsTFJuNTRyT2l6YUNWdXhRa2o3U1laVGdBeStRWURtT3BzWCtBTEVET2dacjhKWHBsbHRnWnc9PSIsIm1hYyI6IjVjYWNkODA4MGJiZDFlZWRmZjkwYzNlZTllY2VmMGI5MTk3ZjkwYTBmNGRjZDBlYmQ2MTg1ZGI2MWM4MmYxNjYifQ%3D%3D
ouo.press/ Name: ouoio_session
Value: eyJpdiI6IktXSDhwalJONnhIYUtkRmRKdER2YTlIQTNyS0luQjJLTEI1SGp5bWFPMzg9IiwidmFsdWUiOiIySGNJdnN2dHFzQnYrUVA2Yjg3bjI4VGtBK29uSllBbGYyQ1g4TDVtK0ZPT05pMzZLcTFIaTZ6cXdQRmRtZmhMbktTQmROTG5XYVBzQ05QTFJLaEtDZz09IiwibWFjIjoiMWIyMWUzMDkwZDEyZmZhYjhmZDViMTQ1MzFjNTk2MDcxOGI5ZDY0YWQ5MzUxZjU0NjhmMzUzNzdhYzIyOWE1MSJ9
ouo.press/ Name: language
Value: eyJpdiI6IjFES3ZTK3pvQ2NVZjFsbjFWcmFkT0FGTHRFXC9SUmFjQTk4RDN5R0NUeEtjPSIsInZhbHVlIjoiQVwvcTJFQTJxV2NDeFlHckI4NVJzRzkraGdCbHpSaXJtenBWUEVNa09ZVkU9IiwibWFjIjoiNGViNDcwNDdhNzRhMThlMzIyMWQzNjliNjExYmNjMWQ3NjRkZjJmYjc5MTM2Yzg4ZTE4MmQxZTUwMzNmNWVkMCJ9
ouo.press/ Name: 4f7cbf04b3d613d50fecb92a916c74766cbde595
Value: eyJpdiI6IkcxeWtuc0gycmNESXpIS2lUajFsYldRTmlqdFFheHo1R1VaRkQ5aEU2VDQ9IiwidmFsdWUiOiJlU1wvRjZvZWZPckhHM3VweDN1MzFjU3RpdGdnQ0ZyNjA0NWJsUlR4eWlmazVoSnltYjZBaDIxekE3eXNaSER4UjdIaFEraFFxdTI3UkhuRUg4VDJKWkZXb3pEYVpjUnc3dkh5QU9vTEN0eXB3K08rQnhFWEVkOWNlcjVZOThaeDlHUjRmQWNWK0hmZjU1dnpmUTVoRnBrNEJ5MVQxRGlNTXdabWd5YWpWOENXSzB3c3pjRjN2RUFrVUhDMXVjR1QzWG84MnRXblpyZktGTERyRmtmY3p2MEZtQ2xUU0xDZW1ZWGFpaUFwNTAxcHFrUzRcLytWd2xKSk9NUkwzaE9jMGJqUTR6eUx0VktBQW1ldFh1OHNoMEZnSXdpSHFpVXpUd1dpOHZaekcrQVdiVWFRMGxhOStzRTdkUHIza1p1cHl2RElOZmJ6ODJHSVA1aVFtNmM4XC9JcDA5VjM3MG9RWklcL1VpNThDclFNQnpLSWlsMnRLaGpBVjVPTnlVbnVBQ01kIiwibWFjIjoiMTg2YTcyODkyOTI4MTM2Nzc3YzM0NWU4ODBiZGU0NWI0ZTk3ODA0MWYyNmE0MTAxNDQ1YzM0NzBmZTEyY2ZkYyJ9
.ouo.press/ Name: __cf_bm
Value: XGKmNYr0MetPdk9Mei74smTqdi8ygTr8kDtUCks.5PY-1665919494-0-ARv8JSGtVMtYuqCp1gAJYZivAR6Q7XM0RYRtP5dI73CykUutt8hzBfbhmHjtRhfpGdOYYxtov1WGoOkOECuGwCo=
tv.gourdycortes.com/ Name: GL_UI4
Value: eJw9jVlOwzAYhLOHqiRipBygR4ghS%2FOIOASPkR3%2FpKaJXTmmEbfHQoKn%2BTSLJgiCqCoR3rMY8RdvcWJMnAcp%2Bka0nWgEH9i56xv50tHQ8q5%2FxkFto%2BNiIZfgcSZNVk3jZCQVePLRn3PVZtcJUmG5lgXS1TeWArmwZt%2FIVjESzVdC9naxxmu68k9jEbO686y057BGZLYqLg%2FI35WWflgeEbG6LLIAx9vC3Yex66hkFiKdLZeE8BUPE3c0G%2FuNXNJ2deYGmEWO%2F%2F3f33hnNTJJdzX5c%2BMuZH8AVxtKdA%3D%3D
tv.gourdycortes.com/ Name: GL_GI10
Value: eJw9jd0KgkAUhG2NLSuNgV7DqCDouh96gq4X05Ms4Tmybj%2F29FlBVzPMzMcEQaBmCZStEW8W89V6PV92slgiLEmg9gdMcrmxd63hrCIMjuSqjFtoR6UVjjH%2BGZNLQRjtD%2BmJrywP%2FhcfLkY%2Ft76NEX3ku02GCG3T%2Fe7EUbrN8utZmBAxedPURAWirqnFZZ6Q%2FNMvq0MMbWNqJ89W9zD1tqJXRxu5XBryWqF31%2BoNx%2BNBiA%3D%3D
cdn.firstimpression.io/ Name: OAID
Value: GDPR
ouo.press/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ouo.press/ Name: pbjs-pubCommonId
Value: 0a2f392e-4ee3-4018-aa74-9964ff0faaa9
.rubiconproject.com/ Name: khaos
Value: L9B9GD8N-6-1FH7
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Eh+f9Q24NzeG+QFbWGgM44fR/rFJVNr6iL4XUTZ2hSpQuUtIFhQhq/d9Krtx9xPUSfgcRgjl6EitXD+ImxgwUvr3OlDu/ORdD8=
.adnxs.com/ Name: icu
Value: ChkItZqGARAKGAEgASgBMIfUr5oGOAFAAUgBEIfUr5oGGAA.
.adnxs.com/ Name: uuid2
Value: 7366515041647823736
ouo.press/ Name: cto_bidid
Value: Hu87El8zdHoyN1FFbmVnWXlUVUxORTUlMkZsUjB1bncwdVY0WDNqMjN2JTJGTmp1TUxwTWZ6YW9NME1wQUdKSktVRFpOakJqSiUyQjYxJTJGUiUyRmdxbXl2UU82eGI2ZU1zeUElM0QlM0Q
ouo.press/ Name: cto_bundle
Value: Bq8HAl9WZXZCTzFZJTJGdzM2NHpQVVJxWklzTlpHJTJGYiUyRlVrcndNMVIwUGU4cVZZZWN1MXNjd21hN1JIOXQlMkZyb2t5RG5HME9rV0Fuak1iaUtqWUNlTkUyTDZqdk5JVUh1SmRwRU9lYk53UjhFb0ZDamlkRXFqTGIwWGYyVHF6YW12U3VMZVoy
ouo.press/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fouo.press%2FXnZSf6%22%2C%22svsds%22%3A1%7D%2C%22C991771%22%3A%7B%22page%22%3A1%2C%22time%22%3A1665919496020%7D%7D
.criteo.com/ Name: uid
Value: f492b82c-2215-43a0-a6d1-2581149cb0b9
ouo.press/ Name: _lr_retry_request
Value: true
ouo.press/ Name: _lr_env_src_ats
Value: false
ouo.press/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-10-16T11%3A24%3A57.246969626Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
ouo.press/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-16T11%3A24%3A57%22%7D
.ouo.press/ Name: panoramaId_expiry
Value: 1666005897342
.mgid.com/ Name: __cf_bm
Value: SVkHkK7YVjTaJWToJPC71oXM1EXGUHzrxb3BDmQaGGQ-1665919497-0-Ab0yhGOt0Y7/5fxZPNAgg0PelPmKFQty7Hz1GYcNHY/vyhdaaE2zzikIRcdnt1g1H2iXW2ayVhwYpaEFu0JgK00=
.ads.pubmatic.com/ Name: KCCH
Value: YES
.ouo.press/ Name: cto_bundle
Value: BKAMH19KWVF5Zzlsb2g0Z2prYyUyQjJVayUyQk5TNUh0ZiUyRnhNR25TV2NKSFZDRmJSNGhnQWR6UEVBUGp3bVVWM2NtUkIzY28zVjdhcE9kUGI2OUEzWWxZek9RJTJGVElwaWUlMkI0ZHlqcUFYMGglMkZNRk1xbGtRelZHcmdodU5zWlQlMkJDMDlORUNPaHVrSndPa2hMdTc1WiUyRmpXZTVnNHZVYU5nJTNEJTNE
.ouo.press/ Name: cto_bidid
Value: rf0Xql9OeFAyb2ZoNkt3eHRKeTlHJTJCWk02MG85YlJXZTN1Z1N6SFhGa1d6M0JBajNsdiUyRkwlMkI5aVllNzEza29vUEJ2YlFwN3VnQTFrWFRrUm1ySzFER1diSHpMTkszZmh3TTRjJTJGdUVESk50JTJCSDNyOG8lM0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUnaK7tXRipi_whQqwKB9cxSgjnIn_ut_ObtKNQwiH36YWlhSuwequreuNGsdqU
.yahoo.com/ Name: A3
Value: d=AQABBArqS2MCECoCSgg_dX-GqcdalXd81EcFEgEBAQE7TWNVYwAAAAAA_eMAAA&S=AQAAAptLgkxMU-45n0roUjZPf90
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&44a965e0-4bf6-4934-8bd3-8fa926d213fa"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjU5MTk0OTg7MjswMjGzlDerk8sheqANpaBaeh7dvTfewFEDAQzjMv+bC8nWVw==
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2751:u=1:x=1:i=1665919498:t=1666005898:v=2:sig=AQHmVxXnPTtBtsfGvVHCCuD0rncbsTo5"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A3N9UAvsjkSukAbgXd_EK0U

3 Console Messages

Source Level URL
Text
network error URL: https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript error URL: https://ouo.press/XnZSf6
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://ouo.press' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
api.rlcdn.com
bidder.criteo.com
c.adskeeper.com
c.amazon-adsystem.com
cdn.adnxs.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cm.adskeeper.com
cm.g.doubleclick.net
contextual.media.net
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
exchange.adtrue.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fptadtrue-d.openx.net
fra1-ib.adnxs.com
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
hhklc.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
itineraryupper.com
jsc.adskeeper.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lg3.media.net
match.adsrvr.org
mug.criteo.com
ouo.io
ouo.press
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
res-a.akamaihd.net
s-img.adskeeper.com
s.amazon-adsystem.com
servicer.adskeeper.com
static.criteo.net
tag.1rx.io
token.rubiconproject.com
track.adtrue.com
tv.gourdycortes.com
u.openx.net
warp.media.net
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
api.rlcdn.com
141.95.98.65
141.95.98.70
142.250.74.198
143.204.215.116
15.197.193.217
151.101.1.108
151.101.129.108
172.217.16.130
178.250.0.157
178.250.0.165
18.203.72.119
185.64.189.112
192.243.59.20
198.47.127.19
2.18.235.93
2001:41d0:701:1000::31ee
2001:4860:4802:38::178
213.19.147.42
23.109.82.14
23.205.235.133
23.216.77.25
23.216.77.9
23.35.228.23
23.35.236.188
23.35.236.201
23.35.237.86
2602:803:c003:200::31
2606:4700:10::6816:17a2
2606:4700:10::6816:3556
2606:4700:10::6816:3afb
2606:4700:1::6813:864e
2606:4700:3030::6815:467a
2606:4700:3030::ac43:90ac
2606:4700::6810:5614
2606:4700::6812:1aae
2606:4700::6812:42a
2606:4700::6812:52a
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:806::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::2008
2a00:1450:4001:831::2004
2a02:2638:1::13
2a02:2638::3
2a05:d018:d29:3602:463b:6ffc:aac9:c7b0
34.95.69.49
35.244.159.8
37.252.171.149
37.252.173.62
52.46.155.104
52.94.222.140
65.9.71.118
69.173.144.165
99.86.3.236
99.86.4.77
0274bad2969adfbcb573b757d1ef078f22da39531a95d64433903fc010d6b722
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
051a37af8fe58eb26be74ba7f689034a97a58cc0de9ca284d0a9733c758e2558
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0aea57cee531f270063a4bd23c1b2327dc067a3efea339d584f158f98e8f67cb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d893ad31a46948d82d887543a1502bd97ba542d11f42e308a23cbb31b8cf6d2
0e3fe7155fbebd091c702c4393aa96f419ea88e16a739fef4fa77ab15a50e3e9
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
182cec5b68a0bb78ed0df15c0203ab40f95878708d4a7ada24a4ade8690c954f
19a77b3ff7c5a8d32255464af312a29998dfb054f16785f94df08d5db3c343db
1f848d12e0c73ffe76cce049dd372c19fd257214e8ec43be66bd27a4d335837f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2e2e52ab80887bd8fc697a561f5542f4b434e5e9678a0114eca5d140156d4e22
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3b6f3efd187f04f21473a169ee06ef416610cfe21b4675d1c5bf562dd0364311
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ef4992026593e0ea951ba520ff9eca88a7ea12712aca5daba6c181031ac6ab4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
47e47b8b800c156b091ebcec9809d4f1d9cde28c1147d10591828a3e591910aa
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4e568cd25e93f42279b0961d76b80d8a6473607389d597ab98be0245dcafe199
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bcaeca9b331418ca0ac6140ff24eda8097f8e83a163c8126aefd546e861f241
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60e1907d0c4d46205094aa3db21e0ff78a15cf1a473a5b24c8d4f05fdd6acdd2
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
64c07be503d0406e863816622fa50f637151dfd64ce0e420347d97e4907aea4d
65988a1ed529521639a60f59aa0e9b100cc863821ee3a73852803dc2204052c3
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22
7395e80c2e8ab989116cad6eeab1f936db768c4b9cc2e58c02891adee8d36d2a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
746d7d8dcc9f37f4d7949191a987173e66520531c2dff569d2cbf4ec09bc5ae6
74ef82d78527dec7a31fd40375b7863b218441e4f69f31ccc1785cdde5c6168a
784ab04c3d2ae6002b2bcd86df3047acadba1cc29299fd252c28ed15decf732e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
825d5cd71dbdd99c5c8181e2e88e24573f837019cc0b15a6a15fa98bdffc506e
83391a6efe533514e9cdc19629ff5d33607ea1d952d5b252f1304d2b89d24df5
87a2b22da668c00c61313a32964461f4fc0ad24f250e45b2497110dedc5b5a67
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d84d26db048d6b563fe935b01e8625fdb24870eff80752ce90bb48bb341a5aa
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
a22e35e23472b043db7c637c12ae2013a5f1ca01ddda995379a307da89f40645
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b652e005870c1a4c19c1b5be21e9690e2389413e048328b6b4b9d4c6100c619f
b6ec632581d6ed03cf152ced2cefd673d7310ed5f58271cddd37d6540b020cd3
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
bc71bcce85e572e38871c57e76a3fbac086889756e4732ce763991f88e8e706e
bfcc9a225661e16f03557dccbbb1155961b94853a87d65216540102249487ee9
c07ecb6bdd93723310d08d5b41f6a25a3cfb1ab68635d884f0c506bd9e33a8b6
c21b24e420dc6a150add2ab4b90452e1173de30f276d7e3c989c85a23fef1650
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2497fd0dc94d29f4bdbf9bef2eeb2786fa938c2fd5815159410c9ecb739ee6e
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8419a9a83c0aef4a25769b22a657c3b5a9fdf9d5b947b6cb3d8f83d3a16d89e
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db3a2055e6411fea0baec493100ac0ad4479f11f5ec672bd84cdfab2b1dbdd9f
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd
f4e125313753d65db851e4b47334123f4f71ac3ee6e28f3c87ee5264a874da78
f529844701a25578feebcad44baa1c83cc3e4580b35cba69e605ceda2cb7abfe
f5f05497b864dd9d06e87cba2be7cbb4fb48149b9a14b638cde4e272a20805ca
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546