ouo.press Open in urlscan Pro
2606:4700:10::ac43:160f Public Scan

Software

nginx/1.21.3 /

Resource Hash

a4e5bd508a9a61849b5fff95e2aad00eb4e8a4802c3dbda4006a96dbac794233

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 25 May 2022 05:11:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ce9ffcd1-3736-4bdf-a439-ad59a98eaf51
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6C10 11 KB
6 KB 176ms
141ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

server-65-9-66-173.fra56.r.cloudfront.net

Software

nginx/1.21.3 /

Resource Hash

cdb7bef1045642eecd53a2b6ef8a5b9ca326aeccf6a6796a9ee689a5503edea3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 25 May 2022 05:11:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4bf66a73-b223-4374-a796-f06bae7257e5
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/212927/0/ Frame 6C10 0
165 B 56ms
21ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ouo.press
pragma: no-cache
date: Wed, 25 May 2022 05:11:12 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6C10 14 KB
8 KB 208ms
104ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2F2lCKUs&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2F2lCKUs&tg_i.page=https%3A%2F%2Fouo.press%2F2lCKUs&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=848a5612-f2b3-4e9b-b454-7f41e0de9673&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11821110118388378
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f6765687712b3f98cb5e818b85e459d7b2b1fc27deab53ed7e05298d12daa293

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 05:11:13 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 7372
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 6C10 135 KB
37 KB 7ms
7ms Script
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:09:50 GMT
content-encoding: gzip
age: 81
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 0GT790433ADGFW1FA2SD
etag: 4abd427e43cd6822329a2c05539e321f
vary: Accept-Encoding
x-amz-version-id: STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: X8rqRxwhnP9RWf1LR1nrHKxu9X7OB8aUCVUihVJreUJ5Jp9MCmKMyg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 6C10 0
305 B 7ms
7ms XHR
text/plain 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 23:24:18 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server: Server
age: 20813
x-cache: Hit from cloudfront
access-control-allow-origin: https://ouo.press
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Sj-5rnmV-AJ51Yu2SO8LD9IRdPBEGOadcJficvLUTOM3rIftHtoygQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 6C10 23 B
485 B 45ms
44ms XHR
text/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2F2lCKUs&pid=kmBbnvR8IiipA&cb=0&ws=728x90&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:12 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: X2X9H3D66VK69CVSDYZA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: s2pnSFJn9Va8GmLUdl_19dO98Z7JdFJcgy64_c8EO7OZjE1HVcOl-A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6C10 6 KB
3 KB 26ms
6ms XHR
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 9388
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 01:41:20 GMT
server: AmazonS3
date: Wed, 25 May 2022 02:34:45 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 4I7NuJlakopDuwiu57ifkvmnpCS6_kW2WpHIZja99Uc-bzARC0J-dA==

POST
H2 200 v1
cdn.firstimpression.io/tracking/habit/ Frame 6C10 2 B
405 B 29ms
28ms Ping
text/plain 18.66.248.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/tracking/habit/v1?b=1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-82.dus51.r.cloudfront.net
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://ouo.press/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 May 2022 05:11:13 GMT
access-control-request-method: *
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: OPTIONS, GET, POST
content-type: text/plain
access-control-allow-origin: https://ouo.press
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-amz-cf-id: DbwNbHhM3U3KZKzldcy4BEelzii1VOqZtQrsrN4Xnvt3iGuwU8tVZw==

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 4024 137 KB
46 KB 77ms
28ms Script
text/javascript 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUL2446F

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-212-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b2e62e7a5ab677aa08ada92b3d3e435c5a525b983f62b7bd4201744e9612cb24

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
x-mnt-h: 8-19
content-encoding: gzip
server: Apache
etag: "c03eb433d1353a970bf0c87cf4f0e223"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Wed, 25 May 2022 05:11:13 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-21
expires: Wed, 25 May 2022 05:16:13 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 4024 35 B
329 B 82ms
13ms Image
image/gif 23.216.77.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=19050205&other_prv=9&jar_err=&current_day=3.0&adtyp=0&req_id=3523368977916418567&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0000&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=17.1319&exp=&second_bidder=*&search_res=44&floor_bucket=0.00&gpid_format=&seat=&size=728x90&url_l1=2lckus&f_seg=&prdp=0.0504&ogcbdp=0.0900&dfpbd=0.0504&server=1&ogerpm_wd_bkt=0-1&model_version=202204100739_generic_appn_2-cid_3&viewability=0.7000&dmm_r=0.2370&cut=44&dmm_l=0.0630&as_cache=0&tcyerpm=&sc=HE&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=ouo.press%2F2lckus%2F&bidrestime=1653455472924&cc=DE&strg=harmony&ss=&current_hour=5&time_stamp=2022-05-25+05%3A11%3A12&model_key=generic_appn_2-cid_3&rvshhon=&mul_ratio=0.0000&bdp=0.0900&ct=Frankfurt+Am+Main&akey=&mnckfl=0&bdp_bucket=0.10&algo=default&dc=eu_be&splid=19050205&dim4=exploration&dn=ouo.press&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.64+Safari%2F537.36&buyer_id=&dmm_m10=2164821&bdp_wider_bucket=1&acid=8dc15c7da5ff49eda9fb865d594b4290&infl=&o_ver=NT+10.0&br_ver=101.0.4951.64&bdmm_m6=1.0000&bdmm_m7=0.7410&bdmm_m5=1.0000&ver=8.12.0&totalTimeBucket=4&visibility=0&totalTime=4827511&dmm_m1=2022-05-25+05%3A11%3A12.925893200&e_rpm=0.1500&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.7410&cid=8CU6M287B&bcrid=352460673&rawbid=0.0900&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-5f4649764d-7nwwg.BE&dfp_bucket=0.0&adblk=&itype=appnexus&pvid_seat=9&cliIP=3644888832&advurl=content.businessinfoline.com%2F&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=45&gpid=&iwb=1&dmm_d22=0.06&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.09
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.216.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-77-36.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 05:11:13 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 25 May 2022 05:11:13 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 4024 61 KB
62 KB 75ms
23ms Script
application/javascript 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=604800
server: nginx
date: Wed, 25 May 2022 05:11:13 GMT
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=25496
access-control-allow-credentials: true
content-length: 62892
expires: Wed, 25 May 2022 12:16:09 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 4024 85 KB
29 KB 55ms
6ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 05:11:13 GMT
Content-Encoding: gzip
Age: 7762360
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21964-LGA, cache-hhn4055-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1653455473.107514,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1526399, 1704660

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 4024 0
813 B 71ms
28ms Image
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fouo.press%252F2lCKUs&e=wqT_3QLGBIBGAgAAAwDWAAUBCPD0tpQGEJiPkvmM6O2gQhgAKjYJmpkBAVCpPxHD9Shcj8KlPxkAAACAPQr3PyEREgApESTQMQAAAOBRuK4_MN3digk40RhAlQlIYFCBv4ioAVjRl2VgAGirgLkBeMXnBYABAYoBA1VTRJIFBvRIAZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAudD4ALDy1nqAhhodHRwczovL291by5wcmVzcy8ybENLVXOAAwCIAwGQAwCYAxegAwGqA0ESGDM1MjMzNjg5Nzc5MTY0MTg1Njdfc2JpZBoTNDc3NDI5ODU2ODk3MDUwNDA4OCIJMzUyNDYwNjczKgVNMTE3M8ADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS40qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIG_iKgBiAUBmAUAoAWHtNuqr63h8jDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYADTEk0Aav8QHaBhYKEAURHQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4vQZAAMgHxecF0gcNCRE7ATgI2gcGCSdE4AcA6gcCCADwB4fjAooIAhAA&s=f5ef1c8905622437d4707a1d9fb45d90aa7e34ac

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 05:11:13 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ddb1e07e-b29d-4ad7-a784-514a580f3a6e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 4024 79 KB
27 KB 228ms
228ms Script
text/javascript 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=211362147&size=728x90&cc=DE&chnm=HARMONY&pid=8PO15FLE3&tpid=TCOZEBG&https=1&vif=1&requrl=https%3A%2F%2Fouo.press%2F2lCKUs&nse=5&vi=1653455473505073265&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&bcpf=B8fOnRrolnfOur84z%2FNz4exg&bdrId=9&ntv=0&katpre=1&katbid=-103&pgid=p01484042986t202205250511&nb=1&cadomain=tzR-hLcl-L8STh12GHgxT3I0sd_f4jmSlrfbUGkyedZG_zl3AhFcDA%3D%3D&allsc=HE

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

83ead0a89ce82263d0647dacfe90380a6c57f9c083ca72b88c67fc000275f7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 05:11:13 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript
expires: Wed, 25 May 2022 05:11:13 GMT
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-fsgj
strict-transport-security: max-age=604800
timing-allow-origin: *
content-length: 27275
x-sc-w: 22-fcl2

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame BE5F 15 KB
6 KB 54ms
53ms Document
text/html 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM

Requested by

Host: ouo.press
URL: https://ouo.press/2lCKUs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

5685c6b21b956b054b17cb279290bbd17f4090e6a5168d8766845147c97cf4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 5747
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 05:11:13 GMT
expires: Fri, 27 May 2022 05:11:13 GMT
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 bping.php
lg3.media.net/ Frame 4024 35 B
189 B 22ms
13ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=513&&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&vi=1653455473505073265&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886781338&r=1653455473173&requrl=https%3A%2F%2Fouo.press%2F2lCKUs&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1653455473156004399&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_pgid=p01484042986t202205250511&vgd_pgids=1&vgd_uspa=0&hvsid=00001653455473169036448888329219&gdpr=1&vgd_end=1

Requested by

Host: ouo.press
URL: https://ouo.press/2lCKUs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 25 May 2022 05:11:13 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 25 May 2022 05:11:13 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 838E 21 KB
8 KB 36ms
35ms Document
text/html 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99%2C77%2C3018%2C246%2C4%2C10000%2C2033%2C9&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: ouo.press
URL: https://ouo.press/2lCKUs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

0e659ed2ed558c054525d6abfee2e5a6d1105d9b48e17eff8f83cfbf80342c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7841
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 05:11:13 GMT
expires: Fri, 27 May 2022 05:11:13 GMT
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 4024 35 B
172 B 56ms
17ms Image
image/gif 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4659&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3523368977916418567&s_city=amsterdam&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.090&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=227fcb8c&scrid=352460673&itypeid=16&mx_SPRIG=0&viewability=70&renderer=0&be=0&rtime=2.0&adj0=0.0&tmax=150&s_ip=185.33.221.36&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3523368977916418567&sc=HE&mowxReqId=8dc15c7da5ff49eda9fb865d594b4290_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2F2lCKUs&bidrestime=1653455472924&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-22-21&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.090&ct=Frankfurt+Am+Main&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=9009&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=8dc15c7da5ff49eda9fb865d594b4290&actltime=7&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.050&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3153&bfs=103&rfc=1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460673&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2353%23%2313%23%2316%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1653456073179&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.050&csex=0&pvdTmax=112&ltime=7.0&epc=211362147&prvReqId=8256707967736_1311784988_856004011191&zip=60323&exid=31&adl_wrapper=0&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&rtttime=13&mx_PC=1&wsip=mowx-d575ccbb6-w8clp&currsrc_date=2022-05-24+00%3A00%3A00&mx_divid=19050205&geoll=false&debug_ts=2022-05-25+05%3A11%3A12&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&pid=8PR113JGC&spTo=3&ecp=1.44&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-5f4649764d-7nwwg.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.09&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=4774298568970504088&rme=adm&bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DFRANKFURTAMMAIN~ref_cnt%3D1~r_ip%3D217.64.151.0~r_sc%3DHE~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D9009~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D4~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.06~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000010~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.063~dmm_r%3D0.237~e_rpm%3D0.150~dmm_m1%3D0.150~dmm_m2%3D0.085~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.741~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D0.741~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.975~dmm_m16%3D0.286~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D1.000~dmm_m36%3D1.000~dmm_m39%3D41620.621~dmm_m40%3D922004.000~dmm_m41%3D27.790~dmm_m42%3D386.000~dmm_m44%3D0.975~dmm_m47%3D24098.000~dmm_m48%3D5817009.000~dmm_m50%3D1.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.150~vbr%3D0~bid%3D0.090~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.704394%7Ecbdp%3D0.050%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.090%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~&utime=270&sf=0&cpr=0.016081036181545327
Requested by: Host: ouo.press
URL: https://ouo.press/2lCKUs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-212-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: max-age=3600
date: Wed, 25 May 2022 05:11:13 GMT
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Wed, 25 May 2022 11:11:13 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame EE29 21 KB
8 KB 36ms
36ms Document
text/html 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ouo.press
URL: https://ouo.press/2lCKUs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

0e659ed2ed558c054525d6abfee2e5a6d1105d9b48e17eff8f83cfbf80342c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7841
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 05:11:13 GMT
expires: Fri, 27 May 2022 05:11:13 GMT
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 4024 0
813 B 13ms
13ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fouo.press%2F2lCKUs&e=wqT_3QKFBIAFAgAAAwDWAAUBCPD0tpQGEJiPkvmM6O2gQhgAKjYJmpkBAVCpPxHD9Shcj8KlPxkAAACAPQr3PyEREgApESTQMQAAAOBRuK4_MN3digk40RhAlQlIYFCBv4ioAVjRl2VgAGirgLkBeMXnBYABAYoBA1VTRJIFBvDlmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC50PgAsPLWeoCGGh0dHBzOi8vb3VvLnByZXNzLzJsQ0tVc4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS40qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIG_iKgBiAUBmAUAoAWHtNuqr63h8jDABQDJBQAAAAAAAPA_0gUJCQAAAAABDnDYBQHgBQHwBfWkCfoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq_xAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUwYACAAMAA4vQZAAMgHxecF0gcNCRE6ATgI2gcGCSdE4AcA6gcCCADwB4fjAooIAhAA&s=e21b374f6b131ff6462665a89296863ffbeb69af&bdref=https%3A%2F%2Fouo.press%2F2lCKUs&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fouo.press%2F2lCKUs,https%3A%2F%2Fouo.press%2F2lCKUs,https%3A%2F%2Fouo.press%2F2lCKUs&

Requested by

Host: ouo.press
URL: https://ouo.press/2lCKUs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 05:11:13 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ef349ea7-c24f-40e8-8a08-4a0040a75c39
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BF86 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BF86 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame BF86 24 KB
25 KB 53ms
7ms Font
application/font-woff 92.123.224.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by: Host: ouo.press
URL: https://ouo.press/2lCKUs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.224.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-224-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer: https://ouo.press/
Origin: https://ouo.press
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 05:11:13 GMT
Last-Modified: Mon, 16 May 2016 10:39:41 GMT
Server: nginx
ETag: "5739a36d-60f0"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24816

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 4024 0
829 B 34ms
34ms Ping
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2F2lCKUs&e=wqT_3QLGBIBGAgAAAwDWAAUBCPD0tpQGEJiPkvmM6O2gQhgAKjYJmpkBAVCpPxHD9Shcj8KlPxkAAACAPQr3PyEREgApESTQMQAAAOBRuK4_MN3digk40RhAlQlIYFCBv4ioAVjRl2VgAGirgLkBeMXnBYABAYoBA1VTRJIFBvRIAZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAudD4ALDy1nqAhhodHRwczovL291by5wcmVzcy8ybENLVXOAAwCIAwGQAwCYAxegAwGqA0ESGDM1MjMzNjg5Nzc5MTY0MTg1Njdfc2JpZBoTNDc3NDI5ODU2ODk3MDUwNDA4OCIJMzUyNDYwNjczKgVNMTE3M8ADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS40qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIG_iKgBiAUBmAUAoAWHtNuqr63h8jDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYADTEk0Aav8QHaBhYKEAURHQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4vQZAAMgHxecF0gcNCRE7ATgI2gcGCSdE4AcA6gcCCADwB4fjAooIAhAA&s=f5ef1c8905622437d4707a1d9fb45d90aa7e34ac&type=nv&nvt=5&jm=1003&px=436&py=2027&bw=728&bh=90&sid=4375576331574255163&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 05:11:13 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2ff53ddc-ecbf-4b37-b94c-025e0c7dd9ec
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame BF86 15 B
216 B 14ms
14ms Script
text/javascript 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6088&&&vgd_l2type=sca&v=1&gdpr=1&geo=50.13%7C8.67&dlper=20&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170785247&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_fm_lang=DE&vgd_dnquo=01_9&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Geldanlage+f%C3%BCr+Anf%C3%A4nger&kwt[]=391&kbc[]=1262271042&kwp[]=1&kid[]=329603537&kbc2[]=pmb%3D1%7C%7Crps%3D0.62%7C%7Crps_10%3D3.45%7C%7Crps_66%3D2.39%7C%7Crps_63%3D0.29%7C%7Crps_62%3D0.26%7C%7Crps_60%3D0.64%7C%7Crps_12%3D0.48%7C%7Cps%3D0.419%7C%7Crpc%3D0.46%7C%7Clvl%3D5.00&ktd[]=274894881024&ktrkt[]=Geldanlage+f%C3%BCr+Anf%C3%A4nger&kwd[]=Die+besten+Kaffeevollautomaten+im+Vergleich&kwt[]=391&kbc[]=1262271042&kwp[]=2&kid[]=350738832&kbc2[]=pmb%3D1%7C%7Crps%3D1.29%7C%7Crps_10%3D3.45%7C%7Crps_66%3D2.39%7C%7Crps_63%3D0.29%7C%7Crps_62%3D0.32%7C%7Crps_60%3D1.29%7C%7Crps_12%3D0.42%7C%7Cps%3D0.419%7C%7Crpc%3D0.33%7C%7Clvl%3D5.00&ktd[]=274894881024&ktrkt[]=Die+besten+Kaffeevollautomaten+im+Vergleich&kwd[]=Damenmode+f%C3%BCr+gro%C3%9Fe+Gr%C3%B6%C3%9Fen&kwt[]=391&kbc[]=1262271042&kwp[]=3&kid[]=350738831&kbc2[]=pmb%3D1%7C%7Crps%3D0.83%7C%7Crps_10%3D3.45%7C%7Crps_66%3D2.39%7C%7Crps_63%3D0.29%7C%7Crps_62%3D0.37%7C%7Crps_60%3D0.99%7C%7Crps_12%3D0.38%7C%7Cps%3D0.419%7C%7Crpc%3D0.29%7C%7Clvl%3D5.00&ktd[]=274894881024&ktrkt[]=Damenmode+f%C3%BCr+gro%C3%9Fe+Gr%C3%B6%C3%9Fen&kwd[]=Intervallfasten+mit+der+16%3A8-Di%C3%A4t&kwt[]=391&kbc[]=1262271042&kwp[]=4&kid[]=350738836&kbc2[]=pmb%3D1%7C%7Crps%3D0.83%7C%7Crps_10%3D3.45%7C%7Crps_66%3D2.39%7C%7Crps_63%3D0.29%7C%7Crps_62%3D0.37%7C%7Crps_60%3D0.99%7C%7Crps_12%3D0.38%7C%7Cps%3D0.419%7C%7Crpc%3D0.17%7C%7Clvl%3D4.72&ktd[]=274894881024&ktrkt[]=Intervallfasten+mit+der+16%3A8-Di%C3%A4t&cid=8CUL2446F&vwid=1653455473505073265&vi=1653455473505073265&tdAdd[]=ib%3D0&tdAdd[]=asnum%3D9009&vgd_l3_sc=HE&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785247&vgd_nrrv=61807&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1653455473156004399&sttm=1653455473168&upk=1653455473.7703&hvsid=00001653455473169036448888329219&verid=3111299&sbdrId=99&vgd_ecrid=352460673&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&kbbq=%26asn%3D9009&&vgd_vstrid=DefVid&vgde_bdata=~QJjjJLM71yM8Ovui9X9f9X~Q7Ovui9X9f9X~875EJvK00I4tPb~e8Q8G8j875v9~N875vsDKICsPD_KccKVI~LJkMNz7vu~LM8Evfuh.FH.uXu.9~LMQNvq4~LGmvXMA~G-MLwvHhr4gEdWqR~G-M1Qzvi99i~OYYMOuv9~OYYMOfv_~OYYMOAv9~OYYMOHv99~OYYMOXv9~OYYMOFv9~OYYMOhvH~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvh9~OYYMOuiv9999~OYYMOfuvou~OYYMOffv9.9F~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9n%2Bn9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~QyY7vJYE75~G-MLENv99999u9~G-M8z7YOv9~G-My8zQxv9~G-MNQv9~G-MQ8lJvhfW-i9~G-Mjf1Qv9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-MJ-Ev9~OYYMjv9.9FA~OYYMLv9.fAh~JMLEYv9.uX9~OYYMYuv9.uX9~OYYMYfv9.9WX~OYYMYAvu.999~OYYMYXvu.999~OYYMYFvu.999~OYYMYhv9.hHu~OYYMYivu.999~OYYMYu9vu.999~OYYMYuuv9.WFi~OYYMYufv9.hHu~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.ihX~OYYMYuFv9.fWF~OYYMYuhvu.999~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfWvu.999~OYYMYfivu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAXvu.999~OYYMYAFvu.999~OYYMYAivHuFf9.Ffu~OYYMYH9viff99H.999~OYYMYHuvfh.hi9~OYYMYHfvAWF.999~OYYMYHHv9.ihX~OYYMYHhvfH9iW.999~OYYMYHWvXWuh99i.999~OYYMYX9vu.999~ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~JLEYv9.uX9~eGLv9~G8Ov9.9i9~OYYMOAivSG8OSyJ74-Nw1zyJDJQEmzQJ~QxEEj5M71yM8Ovui9X9f9X~e8JB1G8j875v9.h9HAiH~NGOEv9.9X9~OYYvw1LYmz5~Qx8Ov~8zQjv9~O7NvJxMGJ~LJkMNz7vu~O1jyvOJk1xj7~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.999~myG8Ov9.9i9~875EJM8OvuF~QJjjJLM71yM8Ovui9X9f9X~N1LL8JLVOv9~ONx7vHX~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=220406&vgd_scsver=214&vgd_l2ch=0&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001653455473169036448888329219&subBdr=99&bdrid=9&fp=CPlwIBiT932FkZzdrHiv5lv8EL5ebwrpp9Xj29uLY8phRj-UirmdZkZRrNIupbCbhaC5_XT2KoRT0MQgf7fNDMv81niC26IfSJLQzNzUopTO76_ou1RpK7YB_IaOyqJI&cme=KEWx_LVBQafbmRR3GGqsaleO8alwlPcbxPrDeznIL_AxqjXgzgNfSwsT-CvbKUTb_FH9qL5ej0LE992UCojeYLX11wZXudRSWLeVTP_iZekrDmQyFDkCYyq6pm0PUQ8W6gOjLArpdyLmCIJUqYRXq1dW71zPWltQE6IoO0O3VSrNbl536dhEbJ7LGCCeIX4U4hnh7iL6uVfB6rYHjKbG0jcgpRcGp19q%7C%7CIec-drbGpiCqnP4U8sIvxfT6ElbIdIJe-NOqG73ezGWcFZ-73oIcTcxZMxPm4i1i2ANIHuLZyhNUDuWNbPxbWsxKv01E08tDr0mdDVfwN2mXdjEhB4Ii60gYxvWjTKrbz_F-ouYBw1AipOBXolircBuxA-xw7htS2M5bAepV3UKzvgp4ac1TBfLYT3G_W1YB887kd6-Z_UA4CowDjjM57cJgyBhjU4FLmogseYyTrZk%3D%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7Ca0AmFUYXmD41Acxn9AJpoIp9mXDT5FFx2ggrL2Mvb-lJTK1elCFoZQ%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&rc=0&rand=1653455473456&acid=8dc15c7da5ff49eda9fb865d594b4290&matm=1653455473456&requrl=https%3A%2F%2Fouo.press%2F2lCKUs&vgd_x_pos=437&vgd_y_pos=2027&vgd_ren_page_h=1200&vgd_ltimesrc=1&vgd_ltime=491&vgd_rtime=429&vgd_etm=24&vgd_l1hcsd=A19%7C3318&vgd_l1ch=1&vgd_lhl=3075&vgd_pgid=p01484042986t202205250511&vgd_adprefflag=01&vgd_csip=rtb-common-5f4649764d-7nwwg.BE&vgd_sbSup=1&vgd_nrrs=61807&vgd_cntrdt=SL%7CDIV%7CDIV&oRurl=adomain%3Dhttps%253A%252F%252Fcontent.businessinfoline.com%26adt1%3D8CU6M287B%26adt2%3D856004011%26allsc%3DHE%26bcpf%3DB8fOnRrolnfOur84z%252FNz4exg%26bdrId%3D9%26cb%3Dwindow._mNDetails.initAd%26cc%3DDE%26chnm%3DHARMONY%26cid%3D8CUL2446F%26cpcd%3DXwoV-NCuQXHq_FbmS-SljQ%253D%253D%26crid%3D211362147%26gdpr%3D1%26https%3D1%26kalog%3D%26kals%3D%26katbid%3D-103%26katpre%3D1%26lw%3D1%26matchstring%3D%26nb%3D1%26nse%3D5%26ntv%3D0%26pgid%3Dp01484042986t202205250511%26pid%3D8PO15FLE3%26requrl%3Dhttps%253A%252F%252Fouo.press%252F2lCKUs%26size%3D728x90%26tpid%3DTCOZEBG%26ugd%3D4%26vi%3D1653455473505073265%26vif%3D1&vgd_end=2

Requested by

Host: ouo.press
URL: https://ouo.press/2lCKUs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 25 May 2022 05:11:13 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Wed, 25 May 2022 05:11:13 GMT

GET
H2 200 n.css
cdn.run-syndicate.com/sdk/v1/ 8 KB
8 KB 650ms
154ms Stylesheet
text/css 67.26.163.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.run-syndicate.com/sdk/v1/n.css
Requested by: Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.26.163.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:14 GMT
last-modified: Thu, 12 Aug 2021 08:36:05 GMT
server: nginx
age: 24696984
etag: "6114dd75-2055"
content-type: text/css
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 8277

GET
H2 200 dynamic Show response
run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/ 9 KB
5 KB 46ms
17ms Script
application/javascript 136.243.43.25
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://run-syndicate.com/do2/048b86cb1ea4453a9397baf204dd5474/dynamic?format=jsonp&count=2&w=1600&h=1200&keywords=ouo,press,short,links,link,shortener,free,URL,shortener,Free,URL,shorten,service,ouo,press,lCKUs&adtype=label-under&callback=callback_cTXOo
Requested by: Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.43.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.25.43.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 38f8406b549fa4d00ed7e8a7c1312045c74833e7d91a4007ecf57cb7d099d1dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 05:11:13 GMT
content-encoding: gzip
server: nginx
x-api-version: 2
vary: Accept-Encoding, *
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
x-request-id: 092199771dc0fa85
expires: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9DB7 42 KB
22 KB 53ms
52ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=qxdkysz6vdch

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

781dcd6b11e02654ace3879dc24addbe5fc4c78c561f140a0c3d28e59b016454

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wj1vdMRaplxuM0bj4KEfyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22157
content-security-policy: script-src 'report-sample' 'nonce-wj1vdMRaplxuM0bj4KEfyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 05:11:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 main.webp
lcdn.tsyndicate.com/images/4/5/62f6b16fac05795f8d13c517ae9d10daa4ce96/ 5 KB
6 KB 649ms
153ms Image
image/webp 8.250.177.249
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lcdn.tsyndicate.com/images/4/5/62f6b16fac05795f8d13c517ae9d10daa4ce96/main.webp
Requested by: Host: ouo.press
URL: https://ouo.press/2lCKUs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.250.177.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: a88392adaa1a159de0b87a14a41335a4c226df2264ecc7f8058444f187541af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 07:53:18 GMT
server: nginx
age: 25417123
etag: W/"60d97fee-15a2"
vary: Accept-Encoding
content-type: image/webp
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 5561

GET
H2 200 300x250.webp
lcdn.tsyndicate.com/images/1/a/046d389a596e10ba0a21d7ff6d17975346292b/ 4 KB
4 KB 649ms
154ms Image
image/webp 8.250.177.249
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lcdn.tsyndicate.com/images/1/a/046d389a596e10ba0a21d7ff6d17975346292b/300x250.webp
Requested by: Host: ouo.press
URL: https://ouo.press/2lCKUs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.250.177.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: a36b662fbaef5f679597ed2ad2f0ed0da88825417455f2f24b97d0f285fd60f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 13:07:23 GMT
server: nginx
age: 27005453
etag: W/"5f75d48b-f1a"
vary: Accept-Encoding
content-type: image/webp
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3889

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 9DB7 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=qxdkysz6vdch

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 15:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 15:50:23 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 9DB7 365 KB
144 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 15:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147703
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 May 2023 15:39:25 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9DB7 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=qxdkysz6vdch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 05:11:14 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9DB7 31 KB
18 KB 53ms
53ms XHR
application/json 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24335f4f5d6fb53cd4ed08091a68bfc4e688306b1d1e55dfdab3c7c7179dd93b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&cb=qxdkysz6vdch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 25 May 2022 05:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18256
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 05:11:14 GMT

GET
H2 200 p.gif
pxl.tsyndicate.com/api/v1/p/ 35 B
133 B 63ms
10ms Image
image/gif 94.130.141.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIsjMkJGDBg4ZY1qQEVNGRgsaNmSQaRHGpY0WMsSslCnDRo4ZNWCIeBimzpiMNGbYiDEjh8EWZlLiQEnjRo0WOGaWiTkmxhgbNszMiEEGK0-IZOwslAHjxtmHcOqIWcixoUOIcOCQrWGD48M5cCbqMGoDhkobD8e0mcu3RgwbNXD0JGNmocqHYty4IUvDMo4YOR62cYORIceyaTl7zgxj6MM6ctiQvdExhk3UMjKioUMHzhwdL17YIZPHDJszasbkwePGjIs6btKMeSPHDRw5aQ6-nuGCeZsXbFzAQQPnB5weY3R8kQMnDhs1N_Kst6FHzx0bbOxwqQMDhk0yPfySoZGDTNfEZJABhzAOO0gGMzyaYQz67LNpjh76-sumBu-zQYweZLDso8wqtEkM6XqAwQX7YvDQBjhCHCINKdZoQo8kanCCiDPyyCKPGNbIoo0q8mCCiihkaKKNKOjI4goj0HAiDRhsVEMJF9tIIg8n1FhDDyeoCCKKOMJIQogjlLDjhiCmGCKPGewoQogmlojjBiOoSIMKN5SoQogoglAiiSFiOGMIHOawAQkgv6ijCjGIYAKJJE4cDLycEFPsxDXKyOOO5vJ7o443SpBhCOjKmGMOT4eYA43m6CiVjTTcWIPUT1l1tdRTUy3DDYRKNUOOMsootQopmKAVVTnouDXXT43g1ddPgRX201qLvZVWhOxYjtkhNu3001BHXXWIJaqY40QyZNBPBnJjiPCwxHAgdwYRyaUhw7o4IreGHogoglwbetB2O15HJfcGfzkFWNQ5VnAiDDrSsKOMFZqQjgw2yiAXhx5oAAuONsh66A2OPdbojY51EOHfbhUSjOGFtqAhhi7SkgMoHUYsMa0w8mjjDTIosu9j6Gi2GYaKRBDDsZpJLFoOOwoLTYQ66kgjIzH8uiEHok6iQYwwYECJwBxawDoHqGy4gSsccijDqTHKBSuNwkSQIYYbXLCBBhcaisEFjR-S4wu4M5q77rvzPoxvsOoII6Mm3tAjDTbYCOOFGkgEAYUrWiXjjTvmACFLEGKweQcQMnfjbtLxuDsFEIKQq-IryhBjiTTooHyGuoe6fAlCm2CCBRBYrRSEI8oYY403WB8CDTlILuMF0fcesb_D7wZhijDMCCO623O3AawxaBZBX7Ca-yL8jMh_iA3x1deoDDvIK2M1hmp4qiEcaPhZBDnOoEyHHNyABg85SPzEIIeFLOZ98dtZz3QwoBgMUCPNo8jHFKIDCULnDXjIg8h4hbSB1OY2uXkBygI2hxeA5Q4ZQYx9wIIGFpZlJ3hhWkaaRweGNacFyaldC-7jArcRUHwH-UIQRUCHkklqBjSoQQ2cMgOLtEE2DEnMEpv4xBxkhjHyy8sXWEbFGljRiWd7CPy8WLFiXXALS4wZRMSwl_dprw5smEha2LcQGAiGY_GTA8PS8AY8uiBtTlTgGEgDgz4oICA%3D&r=1&s=f311d5a715a797d4a50bafe4dbd8792cc3b12daf117c8a9b728430935b9cdcad1653455473&w=t&ir=0x0
Requested by: Host: ouo.press
URL: https://ouo.press/2lCKUs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.141.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.141.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:14 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-length: 35
content-type: image/gif; charset=utf-8

GET
H2 200 p.gif
pxl.tsyndicate.com/api/v1/p/ 35 B
132 B 63ms
11ms Image
image/gif 94.130.141.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIsSIqXFDTAyOLWKMCVOjBQ0yZMS0wGGDzJgWOWTIMDMjhgwbMGTAqCHiYZg6YzLSmGEjxowcBluYoWEDx0kaN0ziECOjTAsZY0basFEzxksbPiGSsbNw5w20D-HUEbNwhoyGDiHCgWO2ho23D-fAmagDaU4bOB-OaVPXb40YNjr-JGNmYeCHYty4MUvD8g0cMx62cYOR4dudajl7jpEDRtGHdeSwMXtDhmnTqWVkREOHDpw5Ol68sEMmjxk2Z9SMyYPHjRkXddykGfNGjhs4ctIcvDnDRfM2L9i4gIMGzg84Pcbo-CIHThw2am7kYW9Dj547NtjY4VIHhk6XPXKSoZGDzFfFZsKhpK_KoCkHosao7z6c5ujhLxgCs2FB_MToQQbLosqMQpzEmK4HGFy4LwYObYDjwyHSkCKNLNSoYoYWjUjDiSlgwCMLGYqIgQkqpFhDiyOSoOMJIrRYI4s8eGpCDSXaaEKPIvJwQo0g8miCiCqiiCOMJIQ4Qgk7bghiiiHymMGOIoRoYok2bjCCCjXsaKOGKoSIIgglkhgihjOGmKEII8ggIogv6qhCDCKYQCKJEgkLbwbEFLuhxDXKyOMO58jo4Y063ihBhiGiK2OOOT4dYg40nKPDVDbScGONUkFt9VVTUVW1DDcQMtUMOcoow9QqpGCi1lTloANXXUE1otdfQQ12WFBtNRbXWhGyg7lmh-DUU1BFJZXVIZaoYo4SyZBBPxnKjeHBSDsqdwYQy6XhwrveKreGHogoolwbNu2Uu15JLfcGf98AeNQ5VnAiDDrSsKOMFZqYjgw2yigXhx5oEAuONsx66A2OPRaBjDc61kGEbQ8mVSyS-tqChhi6UEsOoXQIcUS1wsijjTfIoOi-j6Or-WYYKtLIMZtFNFoOOwwLTYQ66kgjIzFyuiEHo2Q4SYwwYDhpwBxisiEHk2y4wSYccigjqjHMFSsNw0SA6wYXbKDBhYZicEHjh-T4Au6M5q777rz3FquOMDJq4g090mCDjTBeqEFEEFC4wlWS75gDBCeoACGGm3cA4XI37BYdD7tTACEIuiq-ogwxlkiDDslnoLuoypdAgoommGABhFYrBeGIMsZY4w3Vh0BDjpLLeAF0vUPsD7HBQZgiDDPCkK7228MarGYR9BXLuS_GAF_8h9g4vwixDrKjvDJYY6gjxGrAgQagRZDjDMp0yOEGGjzEfV8QgxwWggMBluF9PPOZDmSAgxgEcGTMo8jHFKIDCUbnDXjIg8h6hbSB2AY3unlByrw1hxeI5Q4ZScx9xIIGFu4EBmKZA9Mywjw6MMw5LVDO7FqgExe4TYDgO8gXhCgCOpgsMTWYAQ1qUIOoaAaJbZgNQxTTxCdGMQelYQz89vIFhlHkik6E4tkeokAwVsxYF9xCE2UGETH0ZWRlyF4d2DARtaivgiIYA8feJweGpeENCwkRDloixTGQBgZ9UEBAAA%3D%3D&r=1&s=1313f8c30745ffa52a9ed3ea767b090e360eb0f64b43a64ddd1aa88c1d5e83fb1653455473&w=t&ir=0x0
Requested by: Host: ouo.press
URL: https://ouo.press/2lCKUs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.141.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.141.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:14 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-length: 35
content-type: image/gif; charset=utf-8

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ Frame 6C10 85 KB
27 KB 83ms
38ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:14 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 May 2022 05:11:14 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 07EE 15 KB
6 KB 64ms
21ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 05:11:14 GMT
server-processing-duration-in-ticks: 1898
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 6C10 87 KB
28 KB 77ms
38ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:14 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 May 2022 05:11:14 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame 4024 15 B
15 B 14ms
14ms Image
text/javascript 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=3309&lf=3&&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_l2type=sca&pid=8PO15FLE3&katbid=-103&katen=1&cme=KEWx_LVBQafbmRR3GGqsaleO8alwlPcbxPrDeznIL_AxqjXgzgNfSwsT-CvbKUTb_FH9qL5ej0LE992UCojeYLX11wZXudRSWLeVTP_iZekrDmQyFDkCYyq6pm0PUQ8W6gOjLArpdyLmCIJUqYRXq1dW71zPWltQE6IoO0O3VSrNbl536dhEbJ7LGCCeIX4U4hnh7iL6uVfB6rYHjKbG0jcgpRcGp19q||Iec-drbGpiCqnP4U8sIvxfT6ElbIdIJe-NOqG73ezGWcFZ-73oIcTcxZMxPm4i1i2ANIHuLZyhNUDuWNbPxbWsxKv01E08tDr0mdDVfwN2mXdjEhB4Ii60gYxvWjTKrbz_F-ouYBw1AipOBXolircBuxA-xw7htS2M5bAepV3UKzvgp4ac1TBfLYT3G_W1YB887kd6-Z_UA4CowDjjM57cJgyBhjU4FLmogseYyTrZk=|u8A6SM53vAeDX2gxB2l7q9coRgBZkbzd|qW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb|a0AmFUYXmD41Acxn9AJpoIp9mXDT5FFx2ggrL2Mvb-lJTK1elCFoZQ==|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=211362147&requrl=https%3A%2F%2Fouo.press%2F2lCKUs&vi=1653455473505073265&ugd=4&cc=DE&sc=HE&bdrid=9&subBdr=99&startTime=1653455473158&l2type=sca&vgd_l1rakh=1653455473156004399&l1ch=1&sttm=1653455473168&upk=1653455473.7703&hvsid=00001653455473169036448888329219&acid=8dc15c7da5ff49eda9fb865d594b4290&verid=3111299&vgd_bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DFRANKFURTAMMAIN~ref_cnt%3D1~r_ip%3D217.64.151.0~r_sc%3DHE~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D9009~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D4~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.06~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000010~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.063~dmm_r%3D0.237~e_rpm%3D0.150~dmm_m1%3D0.150~dmm_m2%3D0.085~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.741~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D0.741~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.975~dmm_m16%3D0.286~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D1.000~dmm_m36%3D1.000~dmm_m39%3D41620.621~dmm_m40%3D922004.000~dmm_m41%3D27.790~dmm_m42%3D386.000~dmm_m44%3D0.975~dmm_m47%3D24098.000~dmm_m48%3D5817009.000~dmm_m50%3D1.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.150~vbr%3D0~bid%3D0.090~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.704394%7Ecbdp%3D0.050%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.090%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~&vgd_sc=HE&infr=1&stime=1653455473052&vgd_ecrid=352460673&l1hcsd=l1!A19|3318&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22eu_be%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p01484042986t202205250511&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Wed, 25 May 2022 05:11:14 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Wed, 25 May 2022 05:11:14 GMT

GET
H2 200 log
hblg.media.net/ Frame 4024 35 B
194 B 17ms
16ms Image
image/gif 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&insl=0&ifst=0&vid=3523368977916418567&s_city=amsterdam&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&usp_status=0&og_cbdp=0.090&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=142&commit_id=227fcb8c&scrid=352460673&itypeid=16&mx_SPRIG=0&viewability=70&renderer=0&be=0&rtime=2.0&adj0=0.0&tmax=150&s_ip=185.33.221.36&adj2=0.0&adj1=0.0&adtypes=0&mx_aabpc=0&reqid=3523368977916418567&sc=HE&mowxReqId=8dc15c7da5ff49eda9fb865d594b4290_1&ifdp=0&requrl=https%3A%2F%2Fouo.press%2F2lCKUs&bidrestime=1653455472924&pv_adtype=0&cc=DE&strg=HARMONY&pcrid=8CUL2446F-211362147-22-21&coppa_enf=true&is_rewarded=false&devmodel=Unknown&bdp=0.090&ct=Frankfurt+Am+Main&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D142%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUL2446F&dnt_enf=false&mx_ssBucket=0&vls=0&asn=9009&mang=1&mx_isLossNtf=false&advUrl=https%3A%2F%2Fcontent.businessinfoline.com&dn=ouo.press&dt=O&acid=8dc15c7da5ff49eda9fb865d594b4290&actltime=7&act=headerBid&iframingState=0&mx_lr_seg_deal=0&dfpBd=0.050&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&smbrid=3153&bfs=103&rfc=1&prvApiId=8CUL2446F&epcexp=false&pubid=pub-appnexus-network-eu&mx_bsProfile=0&cid=8CU6M287B&bcrid=352460673&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2353%23%2313%23%2316%23%2343%23%2361&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=APPNEXUS&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-appnexus-network-eu&__expireat=1653456073179&dnt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=211362147&ckfl=0&lper=1&mx_tgs=728x90&cbdp=0.050&csex=0&pvdTmax=112&ltime=7.0&epc=211362147&prvReqId=8256707967736_1311784988_856004011191&zip=60323&exid=31&adl_wrapper=0&spFst=0&mx_GCID=0&cliIPType=v4&pexid=APPNEXUS-1332675&brsrclk=0&sbdrid=99&rtttime=13&mx_PC=1&wsip=mowx-d575ccbb6-w8clp&currsrc_date=2022-05-24+00%3A00%3A00&mx_divid=19050205&geoll=false&debug_ts=2022-05-25+05%3A11%3A12&mx_ssProfile=0&devbrand=Unknown&mx_SC=1&reftime=15000&pbidflr=0.000&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=19050205&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.000&coppa_status=N&incentive_type=0&pid=8PR113JGC&spTo=3&ecp=1.44&pvid=9&mx_mrpp_key=direct_bidp&schain_cmpl=1&is_ortb=true&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=1&dmm_ogerpm=false&csip=rtb-common-5f4649764d-7nwwg.BE&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=19050205&ptype=23&media=0&smsrc=1&acsn=1&dtc=eu_be&mx_aqcpl_crid=4&ogbdp=0.09&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=856004011&geo_source=2&sat=1&mnet_ckfl=0&dfpDiv=19050205&opbidflr=0.000&impId=4774298568970504088&rme=adm&bdata=~seller_tag_id%3D19050205~std%3D19050205~itype%3DAPPNEXUS~visibility%3D0~city%3DFRANKFURTAMMAIN~ref_cnt%3D1~r_ip%3D217.64.151.0~r_sc%3DHE~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D9009~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D00~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D4~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D70~dmm_d19%3D0000~dmm_d21%3D-1~dmm_d22%3D0.06~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0000010~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D728x90~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~dmm_l%3D0.063~dmm_r%3D0.237~e_rpm%3D0.150~dmm_m1%3D0.150~dmm_m2%3D0.085~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.741~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.869~dmm_m12%3D0.741~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.975~dmm_m16%3D0.286~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m35%3D1.000~dmm_m36%3D1.000~dmm_m39%3D41620.621~dmm_m40%3D922004.000~dmm_m41%3D27.790~dmm_m42%3D386.000~dmm_m44%3D0.975~dmm_m47%3D24098.000~dmm_m48%3D5817009.000~dmm_m50%3D1.000~dc%3Dgcp-eu-west1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.150~vbr%3D0~bid%3D0.090~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D19050205%7Eviewability%3D0.704394%7Ecbdp%3D0.050%7Edmm%3Dharmony%7Esuid%3D%7Einsl%3D0%7Edtc%3Deu_be%7Eref_cnt%3D1%7Edalg%3Ddefault%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.000%7Eogbid%3D0.090%7Eitype_id%3D16%7Eseller_tag_id%3D19050205%7EcarrierId%3D0%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~&utime=270&sf=0&cpr=0.016081036181545327&evttyp=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-212-24.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 05:11:14 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 25 May 2022 05:11:14 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 4024 0
829 B 13ms
13ms Ping
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fouo.press%2F2lCKUs&e=wqT_3QLGBIBGAgAAAwDWAAUBCPD0tpQGEJiPkvmM6O2gQhgAKjYJmpkBAVCpPxHD9Shcj8KlPxkAAACAPQr3PyEREgApESTQMQAAAOBRuK4_MN3digk40RhAlQlIYFCBv4ioAVjRl2VgAGirgLkBeMXnBYABAYoBA1VTRJIFBvRIAZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAudD4ALDy1nqAhhodHRwczovL291by5wcmVzcy8ybENLVXOAAwCIAwGQAwCYAxegAwGqA0ESGDM1MjMzNjg5Nzc5MTY0MTg1Njdfc2JpZBoTNDc3NDI5ODU2ODk3MDUwNDA4OCIJMzUyNDYwNjczKgVNMTE3M8ADrALIAwDYA9ygpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS40qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIG_iKgBiAUBmAUAoAWHtNuqr63h8jDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYADTEk0Aav8QHaBhYKEAURHQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4vQZAAMgHxecF0gcNCRE7ATgI2gcGCSdE4AcA6gcCCADwB4fjAooIAhAA&s=f5ef1c8905622437d4707a1d9fb45d90aa7e34ac&type=pv&jm=1003&px=436&py=2027&bw=728&bh=90&sf=1&sid=4375576331574255163&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19050205&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ouo.press/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 05:11:14 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a211f06e-747d-45b2-9422-dee0ff5ef74a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ouo.press
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 07EE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=0&topUrl=ouo.press&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=o3gVA3xIUmp1aVZ6Tk9lc2Npa1BFanJwMmlOM1owTllkMnJTeXkrRDI2WDVaWTBqeU1aRTlvdEpsVURkQXBTTEhLR3FWZzQ3T29MUU5STnRuSVZmKytNdGJoQjRqSUl3M1VhSDVIc0pvTjFNZkhQbG51bFlHNWNwYzdiUG...

439 B
634 B

66ms
25ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=o3gVA3xIUmp1aVZ6Tk9lc2Npa1BFanJwMmlOM1owTllkMnJTeXkrRDI2WDVaWTBqeU1aRTlvdEpsVURkQXBTTEhLR3FWZzQ3T29MUU5STnRuSVZmKytNdGJoQjRqSUl3M1VhSDVIc0pvTjFNZkhQbG51bFlHNWNwYzdiUGQ2T084TDFiSVNjM1lOWi8zdXR5TURSMC9Db2VmL0xOT242aW1IU3JzRkNYUHN0T3ZSS0ZxVWk5UzBOc1lSTFg1bkZEVTh2dk9GeDRRRU1CaDcwOVNhTDQ0TkthQjhrcmtobjQyT2F4NmZCdUM3UE92VHV5bG9JTForaHVyclREcnA1SnpSRS9MVEUrVTRYNjVGTEhrQ3ppTElia3VvQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f76a222aacda5f57c22c31f7784f9dbe4b946fef3ae4b647d711b0248d1ab800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 05:11:14 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5530
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 05:11:14 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=o3gVA3xIUmp1aVZ6Tk9lc2Npa1BFanJwMmlOM1owTllkMnJTeXkrRDI2WDVaWTBqeU1aRTlvdEpsVURkQXBTTEhLR3FWZzQ3T29MUU5STnRuSVZmKytNdGJoQjRqSUl3M1VhSDVIc0pvTjFNZkhQbG51bFlHNWNwYzdiUGQ2T084TDFiSVNjM1lOWi8zdXR5TURSMC9Db2VmL0xOT242aW1IU3JzRkNYUHN0T3ZSS0ZxVWk5UzBOc1lSTFg1bkZEVTh2dk9GeDRRRU1CaDcwOVNhTDQ0TkthQjhrcmtobjQyT2F4NmZCdUM3UE92VHV5bG9JTForaHVyclREcnA1SnpSRS9MVEUrVTRYNjVGTEhrQ3ppTElia3VvQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1449
content-length: 541
expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B0A7 281 B
554 B 36ms
7ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 May 2022 05:11:16 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0808 52 KB
17 KB 27ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ouo.press/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 2664
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 25 May 2022 05:11:16 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 13 May 2022 04:26:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 6, 34883
X-Served-By: cache-lga21928-LGA, cache-hhn4058-HHN
X-Timer: S1653455476.070683,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B0A7 31 KB
10 KB 10ms
9ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 05:11:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 17:55:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=29589
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9451
Expires: Wed, 25 May 2022 13:24:25 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0808 0
741 B 18ms
13ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 05:11:16 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8b976a0e-168a-482c-bc3b-3718200d8e08
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame B0A7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uKHWQH4jQDCs-L-yWe3xkA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uKHWQH4jQDCs-L-yWe3xkA

43 B
556 B

106ms
105ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uKHWQH4jQDCs-L-yWe3xkA

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 05:11:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5B293MC5X1B9FBQ6CEHB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uKHWQH4jQDCs-L-yWe3xkA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame B0A7
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=48Sl9A3zTlOSR70_jlAlyg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=48Sl9A3zTlOSR70_jlAlyg

43 B
556 B

39ms
38ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=48Sl9A3zTlOSR70_jlAlyg

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 05:11:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: R0BD74GF1V43THRE4SM6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=48Sl9A3zTlOSR70_jlAlyg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame B0A7
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3L4P44B-E-L81Z

0
706 B

182ms
152ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3L4P44B-E-L81Z
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:15 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 219231DBABD84DBC803C68CBFD6FC58A Ref B: FRAEDGE1206 Ref C: 2022-05-25T05:11:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXfzxpSnrctB7iD0UyRLA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3L4P44B-E-L81Z
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0A7
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2Q2ZTlkODdhNzQ0N2EzMmQ4MzZkOTg0NzA5YTAyYTY5NzNkMGI5MQ

170 B
188 B

32ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2Q2ZTlkODdhNzQ0N2EzMmQ4MzZkOTg0NzA5YTAyYTY5NzNkMGI5MQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 05:11:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2Q2ZTlkODdhNzQ0N2EzMmQ4MzZkOTg0NzA5YTAyYTY5NzNkMGI5MQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B0A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEBm7J9YF21HMBCyMuh6VcE&google_cver=1

0
239 B

58ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEBm7J9YF21HMBCyMuh6VcE&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 05:11:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEBm7J9YF21HMBCyMuh6VcE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B0A7
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/urZkbpDRIUNd7QzxsPp_XQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3124342159651869954

0
239 B

9ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3124342159651869954
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

date: Wed, 25 May 2022 05:11:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3124342159651869954
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

v1
ads.yahoo.com/cms/ Frame B0A7
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3L4P44B-E-L81Z&sigv=1&esig=2~048a93590757ec710eafc219cda4ba050875e0b5

0
194 B

79ms
13ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3L4P44B-E-L81Z&sigv=1&esig=2~048a93590757ec710eafc219cda4ba050875e0b5

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:11:16 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3L4P44B-E-L81Z&sigv=1&esig=2~048a93590757ec710eafc219cda4ba050875e0b5
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame B0A7 0
0 31ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0808 0
741 B 14ms
13ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS