ouo.press Open in urlscan Pro
2606:4700:10::6816:3afb  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

• https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTnprM1pEZ3paV1F0TkRFNU9TMDVZelZoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTQ3NDg1NTQwMDQ5NDk0NDUvOTY5MDAzNS85OTU1OTkzLzkvbVFwSTh1OWhsQVF5WURnLUJKRXNSd3FWeFJlSmswNEhKYWZRTC0zT0l4Yy8xLzkvMC8wLzE3NzM1NjYvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NTQ3NDg1NTQwMDQ5NDk0NDUvenJoLzAvOTk5NS80Ni85OTkvMi8yMDAxOmFjODoyMDozYjAwOjovMC4wMDAvMTY0MzQ5ODg3Ni8xNjQzNTAyNDc2LzkvMTg0Mzgv/Bg5yzMlVhirsxtNgvzjcmK25f0c&nodeid=515&group=zrh&auctionid=8554748554004949445&shardkey=8554748554004949445&sid=9955993&cid=9690035&price=18A3E7A99607464D&bp=a_bjiibd&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=185.29.133.169 HTTP 302
• https://tags.mathtag.com/ck-confirm?bid_id=8554748554004949445&node_id=515&exch_id=9

Request Chain 50

• https://hal90003.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=76b150261f&subid=&uid=8639345d1c520a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D201e68a4e2556fe412a53986b6c3d875bcecf39a_2%26mt_aid%3D8554748554004949445%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_cid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F%26redirect%3D&documentReferer=https%3A%2F%2Fouo.press%2FWU6xrp&ancestorOrigins=https%3A%2F%2Fouo.press%2Chttps%3A%2F%2Fouo.press&random=1729314786971&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal90003.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=76b150261f&subid=&uid=8639345d1c520a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D201e68a4e2556fe412a53986b6c3d875bcecf39a_2%26mt_aid%3D8554748554004949445%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_cid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F%26redirect%3D&documentReferer=https%3A%2F%2Fouo.press%2FWU6xrp&ancestorOrigins=https%3A%2F%2Fouo.press%2Chttps%3A%2F%2Fouo.press&random=1729314786971&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 56

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=zU_30Xx3RWl0VEpob2RmQ0RJaHQ1SFg1Q3ZPOVhoNFFpZ2lmMG9FdEtKcDBNWVB6bkpFeDFaejNod0VCQ2hoNWZQdzN2Wm13eS81cFQ4MHVZcDZSRkowZzE3cWZBb0dtWlRLc2tvZGw5NzJRVTkzdmRISFpMS05VSTcwcFFqQ1V1aDFpdTRqWkhZUEpTRzdTNno5Nms4MWtKeDByM29kelFreHhPR0xrSmtUcVY0bi91WUFDSlI0dEVFbnV1UlRvcTFBY1VVRTZkUS9vRFJGVGZCMW9ZOVIyOXNxVWx6aFJyN2JrSndGUUIyTElRSjJzPXw&cppv=2

Request Chain 73

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1owR1NQRTMtMUstREtIVg== HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1owR1NQRTMtMUstREtIVg==&google_tc=

Request Chain 74

• https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=dc8c61f5-cd7c-4901-84f8-9eedf5fcfa62&expires=28

Request Chain 75

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmYzNDJmNjY4NmIxNzY1NzRjOTVkODlmNDEyYWM1OTYzNGIzMTMzZg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmYzNDJmNjY4NmIxNzY1NzRjOTVkODlmNDEyYWM1OTYzNGIzMTMzZg&google_tc=

Request Chain 76

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/NJnfmnYIBWAU3DT3ruPy-Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1985246006647438868

Request Chain 79

• https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfXNfQACRkfY8wAy HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfXNfQACRkfY8wAy&_test=YfXNfQACRkfY8wAy

Request Chain 80

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAVYyJJixyQPCbzIubSOjd8&google_cver=1

Request Chain 108

• https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=hNmb4F9UVzdORDV0dVR2eThwWDFnRCUyQllsZ1VkUGw0M3NtTmJEMEtaNDNtZm04cEFuaU5oSTFMY1JFQ2EzWmx2YjFHMGJNV2xFTERKQjNMendzM1VnOThtbDd0OU5ZSDglMkJYa0J4ekthU3M1c2UxdGVPeVVGSXR0QkkxU0oyWE1VM2t1Nm4&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=g0-gvnx5ZndNcmJRd3NNOGhjaHlOU2FxeWMyZmJlbUNmL1g0YVdYaGpkVnlEL29kdytOQUJsU0ZBMTdoNWJXMWZWWnBlV0c2OWNQU1pScEgwcUM0S00xSzN6MjFEVmNZN1pJcFFoS0ZNbGtET3FGRElLaDgzU0hGYnkrdUZwaFZVRlkzYlJQVDlyZkNhdE5BbytsQUJNRnJkRzJxbFZjb055MUJZeEJoR2p5ejJyUlZiN3A3dVJSaHhXMHZWNldXcDZQZmF2TDJSZXhJMVRaKzFsZW5LWE0wR3pRY3pJMTJxUnV1dzVSWkJoTy95bXpadjVOVk1EZHdybGR5Y2kxSTVwWWIvWjl2NGVRMVg2bTZadGYxeVd3SUx4WmR1WmZSL3QvcWpxMDdQaWRTL0pFMD18&cppv=2

Request Chain 113

• https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=hNmb4F9UVzdORDV0dVR2eThwWDFnRCUyQllsZ1VkUGw0M3NtTmJEMEtaNDNtZm04cEFuaU5oSTFMY1JFQ2EzWmx2YjFHMGJNV2xFTERKQjNMendzM1VnOThtbDd0OU5ZSDglMkJYa0J4ekthU3M1c2UxdGVPeVVGSXR0QkkxU0oyWE1VM2t1Nm4&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=IwQycXxLNS9SbmJMRnF1THFjVjY3MkRuZW1HUEljMEhHemRmVE8rUk1UWk8xUlc3V01GYXJFL1pTVWJqSFIzREk3T0k3L0VyRy84WnB1ZWFCd2dPSENDT1pqMk03dHB5eG1MaVFBdCtLWG02WVliQ05pS1lDbXJKVTh4RFpwQlpZQWdXUS9LWUtFeTZseWI5TkZSa2pPcjVXU2dEbEtQcG1VbHNnMFk3V3o5UUpEdHpCQUNLeGpzY2J1S3R3b054dmlQaUdwL2RtNTBkYmlGVUxhcHdDaXRaS3FaTXVycjV0YnZHVStDZExDS2J4cVkvdDlWaUFmSUFXaE90MU1GeUlrNlZDdjNxMlBLUzhlOThhdzl1VTNwcnRpbjdmWmRGQXloVUdtRlpib1RFWU40dz18&cppv=2

Request Chain 131

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request WU6xrp Show response ouo.press/	8 KB 5 KB	277ms 230ms	Document text/html	2606:4700:10::6816:3afb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88ff612b489f118a50668fa7973d3f4383eb6d55ff316722d7ff1382ab301170 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-type text/html; charset=UTF-8 cache-control no-cache x-frame-options SAMEORIGIN x-content-type-options nosniff x-xss-protection 1; mode=block cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6d563be7385183a2-MXP content-encoding br
GET H2	200	css fonts.googleapis.com/	1020 B 918 B	44ms 17ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Questrial Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fd31f22ba68ed6e6cc531b1198585508022d1cc3b97fc60252bf3a445e772c3e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 29 Jan 2022 21:45:15 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 29 Jan 2022 23:27:56 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 29 Jan 2022 23:27:56 GMT
GET H2	200	bootstrap.css ouo.press/css/	107 KB 19 KB	35ms 34ms	Stylesheet text/css	2606:4700:10::6816:3afb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/css/bootstrap.css Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/WU6xrp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 10365 cf-polished origSize=109522 cf-bgj minify x-xss-protection 1; mode=block last-modified Sat, 14 Feb 2015 06:58:04 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"54def1fc-1abd2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=86400 cf-ray 6d563be8cc0083a2-MXP expires Sun, 30 Jan 2022 08:35:11 GMT
GET H2	200	link-safe.css ouo.press/css/	6 KB 2 KB	36ms 35ms	Stylesheet text/css	2606:4700:10::6816:3afb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/css/link-safe.css Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aaba6a409c4cb564d0c80c9e7bbc49496bc4100c5037b1f87fa71950cf34cb2a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/WU6xrp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 34575 cf-polished status=cannot_optimize cf-bgj minify x-xss-protection 1; mode=block last-modified Wed, 02 Oct 2019 21:46:54 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5d951ace-1830" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control max-age=86400 cf-ray 6d563be8cc0283a2-MXP expires Sun, 30 Jan 2022 01:51:41 GMT
GET H2	200	sw-mav-n.js Show response ouo.press/	93 KB 36 KB	38ms 37ms	Script application/javascript	2606:4700:10::6816:3afb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/sw-mav-n.js Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 911e3c686b479a09d9d41a501e53ad7f52cd1d1a1f83a723598d313ed9b681e3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/WU6xrp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 18316 cf-polished origSize=95651 cf-bgj minify x-xss-protection 1; mode=block last-modified Thu, 09 Jan 2020 08:01:23 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5e16ddd3-175a3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=86400 cf-ray 6d563be8cc0483a2-MXP expires Sun, 30 Jan 2022 06:22:40 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 998 B	44ms 18ms	Script text/javascript	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 1b78c14f86347695c6b80dcbfd9836798f2ef74cba278d5f258b708fdebc43b6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 585 x-xss-protection 1; mode=block expires Sat, 29 Jan 2022 23:27:56 GMT
GET H2	200	html_102001.js Show response video.your-notice.com/	0 133 B	70ms 22ms	Script text/html	142.91.9.135 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://video.your-notice.com/html_102001.js Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.91.9.135 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:49 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
GET H/1.1	403 Forbidden	ed36014633829dc70a42dccaefdf3f11.js itineraryupper.com/ed/36/01/	0 0	308ms 107ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://itineraryupper.com/ed/36/01/ed36014633829dc70a42dccaefdf3f11.js Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sat, 29 Jan 2022 23:27:56 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	async.js Show response cdn.adtrue.com/rtb/	7 KB 3 KB	73ms 23ms	Script application/x-javascript	2606:4700:3033::ac43:8bcc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/rtb/async.js Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 14186845 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 16 Nov 2020 01:20:45 GMT server cloudflare etag W/"5fb1d3ed-1c9f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMl7qHLC%2F%2F3dQWSJzOY5YEOzWxyRL7GXh7%2FV7SB72aegHfQKUzcxpYT7WPsMPydPG5D5gPjAB33KCSWzlnnDBKNH6eKSQDoEBdiqbeono9QUSEB9ELRbpeMBX1BY%2BoWITSDiQz5fcMahfzlp3A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=31104000 cf-ray 6d563be97bed59bf-MXP expires Sat, 13 Aug 2022 18:40:31 GMT
GET H2	200	world.png ouo.press/images/	6 KB 6 KB	33ms 32ms	Image image/png	2606:4700:10::6816:3afb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ouo.press/images/world.png Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70f03c74cc197cf154af36fa552a448d9ffebb55081c96e55ef4cf469123fe22 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/WU6xrp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT x-content-type-options nosniff cf-cache-status HIT age 1019358 cf-polished status=not_needed content-length 5692 x-xss-protection 1; mode=block last-modified Wed, 06 May 2015 05:02:52 GMT server cloudflare x-frame-options SAMEORIGIN etag "5549a07c-163c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png expires Thu, 17 Feb 2022 04:18:38 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 6d563be92cf883a2-MXP cf-bgj imgq:85,h2pri
GET H2	200	email-decode.min.js Show response ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 801 B	27ms 26ms	Script application/javascript	2606:4700:10::6816:3afb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ouo.press/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3afb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/WU6xrp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 Jan 2022 18:50:50 GMT server cloudflare etag W/"61f1980a-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 6d563be91cd583a2-MXP vary Accept-Encoding expires Mon, 31 Jan 2022 23:27:56 GMT
GET H2	200	MERxSU9LZgI%2BEEU2HWt1EiwFPT9Dfl5mIEUrXzk9VTcCZjxHaRwoOR0qXyM8EmhTOiJWZkt4YxIwEC4QWSBTc20HfEZ%2FegBmXWs8RSYuICsCZktregJ8F3AsVSFcK35WfVx9LVJ1XCssCXBcL3oEd0V9egB9RH92Ejk Show response aphycolourses.info/	56 KB 23 KB	326ms 105ms	Script application/javascript	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://aphycolourses.info/MERxSU9LZgI%2BEEU2HWt1EiwFPT9Dfl5mIEUrXzk9VTcCZjxHaRwoOR0qXyM8EmhTOiJWZkt4YxIwEC4QWSBTc20HfEZ%2FegBmXWs8RSYuICsCZktregJ8F3AsVSFcK35WfVx9LVJ1XCssCXBcL3oEd0V9egB9RH92Ejk Requested by Host: ouo.press URL: https://ouo.press/sw-mav-n.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Express Resource Hash 12af63ca90df624a0d8619ef2cf17f047ef6ce501fae3d234b63a0d9b3ce1490 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-encoding gzip etag W/"e0f4-haM0dvWgOAC7+K7hQjRipxBt9NQ" x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, POST content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With,content-type
GET H2	200	fab.js Show response ecdn.analysis.fi/static/js/	4 KB 2 KB	39ms 6ms	Script application/javascript	143.204.215.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.analysis.fi/static/js/fab.js Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-121.fra53.r.cloudfront.net Software nginx/1.18.0 / Resource Hash d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 22:31:12 GMT content-encoding gzip last-modified Sat, 29 Jan 2022 20:00:56 GMT server nginx/1.18.0 age 3404 etag W/"61f59cf8-1090" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop FRA53-C1 x-amz-cf-id ZlyGOsGHY7nr7xjeHxWYl6FvEI-sj7oEdcu-0d0jXIBwyP4AV9n29g== via 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront) expires Sat, 29 Jan 2022 23:31:12 GMT
GET H2	200	fi_client.js Show response ecdn.firstimpression.io/	347 KB 92 KB	38ms 7ms	Script application/javascript	99.86.3.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/fi_client.js Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-83.fra6.r.cloudfront.net Software nginx/1.18.0 / PHP/7.3.23 Resource Hash 7a213885fe45d266a0ffe71bf94fd8bedad10df774b8460191f709b75c23ce18 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 22:31:11 GMT content-encoding br age 3405 x-powered-by PHP/7.3.23 x-cache Hit from cloudfront x-xss-protection 0 access-control-allow-origin * last-modified Sat, 29 Jan 2022 22:31:11 UTC server nginx/1.18.0 etag W/"4a75145dbdab0e0e81b01905d9183dc5" vary Accept-Encoding content-type application/javascript via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA6-C1 x-amz-cf-id BYPYJIbtveStC21c0wLA078EtiARmLTMKTijuvhn3M8RZC7aYNH2TA== expires Sat, 29 Jan 2022 23:31:11 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/	355 KB 141 KB	38ms 6ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ouo.press/ Origin https://ouo.press Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 22:54:56 GMT content-encoding gzip x-content-type-options nosniff age 1980 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 143285 x-xss-protection 0 last-modified Mon, 24 Jan 2022 05:03:25 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 29 Jan 2023 22:54:56 GMT
GET H2	200	favicon.ico ad.doubleclick.net/	1 KB 664 B	55ms 7ms	Image image/x-icon	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 01:51:47 GMT content-encoding gzip x-content-type-options nosniff age 77769 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 30 Jan 2022 01:51:47 GMT
GET H2	200	achoice.svg widgets.outbrain.com/images/widgetIcons/	3 KB 3 KB	82ms 19ms	Image image/svg+xml	2.18.234.190 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.outbrain.com/images/widgetIcons/achoice.svg Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-190.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT last-modified Mon, 20 Dec 2021 10:37:08 GMT server AkamaiNetStorage etag "9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109" access-control-allow-methods GET,POST content-type image/svg+xml access-control-allow-origin * cache-control max-age=2592000 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 2735 expires Mon, 28 Feb 2022 23:27:56 GMT
GET H2	200	spc_fi.php Show response cdn.firstimpression.io/delivery/	25 KB 6 KB	52ms 43ms	XHR application/json	99.86.3.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.firstimpression.io/delivery/spc_fi.php?id=7419&url=%2FWU6xrp&charset=UTF-8&ch=23&ref=ouo.press&viewerId=null&referer=&_firid=2098988 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-83.fra6.r.cloudfront.net Software nginx/1.18.0 / PHP/7.3.23 Resource Hash c7278b0c8be04d387f698fca8c31a69c182ca7f364e9ae7001e6126cf7d3027e Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding gzip x-amz-cf-pop FRA6-C1 x-powered-by PHP/7.3.23 x-cache Miss from cloudfront p3p CP="CUR ADM OUR NOR STA NID" pragma no-cache access-control-allow-origin https://ouo.press server nginx/1.18.0 vary Accept-Encoding content-type application/json; charset=UTF-8 via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-amz-cf-id yn3klHGbmginNvAqfMKTW3fBmMObeEqVSLqChaFeMM2Y9TAmv69_wg== expires 0
GET H2	200	prebidamp.js Show response ecdn.firstimpression.io/static/js/	312 KB 88 KB	20ms 6ms	Script application/javascript	99.86.3.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/static/js/prebidamp.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-83.fra6.r.cloudfront.net Software nginx/1.20.0 / Resource Hash 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83 Request headers Referer https://ouo.press/ Origin https://ouo.press Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 22:31:11 GMT content-encoding br last-modified Tue, 14 Dec 2021 15:30:51 GMT server nginx/1.20.0 age 3405 etag W/"61b8b8ab-4e128" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop FRA6-C1 x-amz-cf-id d4of0Uab04WlTfyew3k3jNEObUaZzcqv80GyR23ZYyEe-812cS4JCQ== via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) expires Sat, 29 Jan 2022 23:31:11 GMT
GET H2	200	creative.js Show response cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/	26 KB 9 KB	74ms 31ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ouo.press/ Origin https://ouo.press Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 27026 x-jsd-version 1.13.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19123-FRA, cache-mxp6940-MXP timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6d563bea88b15a3d-MXP
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	134 KB 36 KB	49ms 9ms	Script application/javascript	65.9.71.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.173 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-173.fra56.r.cloudfront.net Software Server / Resource Hash c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW content-encoding gzip etag 8d3665a9b316600491247ca6d78c204c age 44 x-cache Hit from cloudfront server Server x-amz-rid 0PWP0CNHJDHV47X56X6B date Sat, 29 Jan 2022 23:27:15 GMT vary Accept-Encoding content-type application/javascript via 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop FRA56-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id KolRsmDrlNIFt4pcZk5neYd4b0P11CEYhuU2NbY-ODAKEfdcqJ47jA==
GET H2	200	QdVUSTchPBm7nuUeVf70viFl.woff2 fonts.gstatic.com/s/questrial/v17/	19 KB 19 KB	35ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/questrial/v17/QdVUSTchPBm7nuUeVf70viFl.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Questrial Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ouo.press Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 20:52:33 GMT x-content-type-options nosniff age 268523 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19292 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:15:05 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 20:52:33 GMT
GET H2	200	fiamp.js Show response ecdn.firstimpression.io/static/js/ Frame 1641	110 KB 34 KB	7ms 6ms	Script application/javascript	99.86.3.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/static/js/fiamp.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/fi_client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-83.fra6.r.cloudfront.net Software nginx/1.20.0 / Resource Hash c590c66144bdcdc9426a909a82e5df8831f2793760fa5aeac08b803972f928e9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 22:31:11 GMT content-encoding br last-modified Tue, 14 Dec 2021 15:30:51 GMT server nginx/1.20.0 age 3405 etag W/"61b8b8ab-1b866" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop FRA6-C1 x-amz-cf-id pZHF8BxI38mq0yUWQqUyR96NL3mHV8U_Nr2Asdfh_D-m1ERSdvmlAg== via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) expires Sat, 29 Jan 2022 23:31:11 GMT
GET DATA	200 OK	truncated /	592 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	impress Show response exchange.adtrue.com/delivery/ Frame CA44	5 KB 5 KB	512ms 178ms	Script application/javascript	35.163.34.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FWU6xrp&cb=404598444&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/WU6xrp Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.163.34.104 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-163-34-104.us-west-2.compute.amazonaws.com Software nginx / Resource Hash abff3de1810d5f1b52b5cc99b7e4b29dc850b17aaa6523b289e4240a62cf0728 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT server nginx x-adtrue-instance java3 content-length 4626 content-type application/javascript
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 5DDB	40 KB 21 KB	25ms 25ms	Document text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8nkg5puptq9m Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cf6c29f8bdce4ceff2f821a967bb923c8df96a5a0a8242588ca5c55c67ad58d3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-aFn3W+P39f0ncHOI30Jw9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 29 Jan 2022 23:27:56 GMT content-security-policy script-src 'report-sample' 'nonce-aFn3W+P39f0ncHOI30Jw9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 21030 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	prebidamp.js Show response ecdn.firstimpression.io/static/js/ Frame 1641	312 KB 88 KB	6ms 6ms	Script application/javascript	99.86.3.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ecdn.firstimpression.io/static/js/prebidamp.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/fiamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-83.fra6.r.cloudfront.net Software nginx/1.20.0 / Resource Hash 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83 Request headers Referer https://ouo.press/ Origin https://ouo.press Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 22:31:11 GMT content-encoding br last-modified Tue, 14 Dec 2021 15:30:51 GMT server nginx/1.20.0 age 3405 etag W/"61b8b8ab-4e128" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-pop FRA6-C1 x-amz-cf-id cU21yCO7TkhVH6kQt9GOpOK3h_rHM5lW8x9MqPhpltoaQ74_igkDxw== via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) expires Sat, 29 Jan 2022 23:31:11 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 5DDB	51 KB 24 KB	23ms 9ms	Stylesheet text/css	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8nkg5puptq9m Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 16:48:23 GMT content-encoding gzip x-content-type-options nosniff age 110373 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 24 Jan 2022 05:03:25 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 28 Jan 2023 16:48:23 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 5DDB	355 KB 140 KB	20ms 6ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8nkg5puptq9m Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 22:54:56 GMT content-encoding gzip x-content-type-options nosniff age 1980 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 143285 x-xss-protection 0 last-modified Mon, 24 Jan 2022 05:03:25 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 29 Jan 2023 22:54:56 GMT
POST H2	200	lg.php cdn.firstimpression.io/delivery/ Frame 1641	1 B 445 B	41ms 41ms	Ping text/html	99.86.3.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.firstimpression.io/delivery/lg.php?bannerid=65637%7C65638%7C65639%7C83411%7C88461%7C93863&campaignid=18%7C15%7C9%7C44%7C6%7C43&zoneid=110459%7C110459%7C110459%7C110459%7C110459%7C110459 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/fiamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-83.fra6.r.cloudfront.net Software nginx/1.18.0 / PHP/7.3.23 Resource Hash cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:56 GMT content-encoding gzip server nginx/1.18.0 x-amz-cf-pop FRA6-C1 x-powered-by PHP/7.3.23 vary Accept-Encoding x-cache Miss from cloudfront p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://ouo.press cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 x-amz-cf-id ENjLjSYsde8x52NB97oPyiKkshjeYuLvgRh8JxxSrbYyrbsJFkC_MQ== via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) expires 0
POST H2	204	mvo Show response tag.1rx.io/rmp/212927/0/ Frame 1641	0 165 B	50ms 17ms	XHR text/plain	213.19.147.43 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://tag.1rx.io/rmp/212927/0/mvo?z=1r&hbv=6.2,2.1 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ouo.press pragma no-cache date Sat, 29 Jan 2022 23:27:56 GMT cache-control private, max-age=0, no-cache, no-store access-control-allow-credentials true server Tengine
POST H2	204	cdb Show response bidder.criteo.com/ Frame 1641	0 210 B	55ms 14ms	XHR text/plain	178.250.2.131 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=84451415706 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.am5.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 29 Jan 2022 23:27:55 GMT server Finatra vary Origin access-control-allow-origin https://ouo.press access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 1641	19 B 689 B	50ms 28ms	XHR application/json	37.252.173.27 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 29 Jan 2022 23:27:56 GMT X-Proxy-Origin 217.64.151.3; 217.64.151.3; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 0e11c8fd-d361-4e22-957f-129980ca93c7 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/ Frame 1641	4 KB 3 KB	160ms 82ms	XHR application/json	2602:803:c003:200::31 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1317174&size_id=2&rp_schain=1.0,1!firstimpression.io,7419,1,,,&rf=https%3A%2F%2Fouo.press%2FWU6xrp&kw=ouo.press%2Cshortlinks%2Clinkshortener%2CfreeURLshortener&tg_i.ref=https%3A%2F%2Fouo.press%2FWU6xrp&tg_i.page=https%3A%2F%2Fouo.press%2FWU6xrp&tg_i.domain=ouo.press&tg_i.figroup=a9&tk_flint=pbjs_lite_v6.2.0&x_source.tid=3b07ec95-a14e-4a9f-963b-cb29836c31c0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33519314699696534 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 515f9333fa95bd3110fe0e60620a3d46ab2f9518aa72b4335c0f3e4372f850dd Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 29 Jan 2022 23:27:56 GMT Content-Encoding gzip Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://ouo.press Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 1769 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	204	/ Show response hb.emxdgt.com/ Frame 1641	0 154 B	83ms 59ms	XHR text/plain	18.196.230.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hb.emxdgt.com/?t=2000&ts=1643498876720&src=pbjs Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-230-57.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ouo.press date Sat, 29 Jan 2022 23:27:56 GMT cache-control no-cache access-control-allow-credentials true access-control-allow-headers security, Content-Type
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/ Frame 1641	134 KB 36 KB	7ms 6ms	Script application/javascript	65.9.71.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/fiamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.173 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-173.fra56.r.cloudfront.net Software Server / Resource Hash c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW content-encoding gzip etag 8d3665a9b316600491247ca6d78c204c age 44 x-cache Hit from cloudfront server Server x-amz-rid 0PWP0CNHJDHV47X56X6B date Sat, 29 Jan 2022 23:27:15 GMT vary Accept-Encoding content-type application/javascript via 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop FRA56-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id lCzXglPZsF9vvuifiz1mX1GMy8jxRi1eXpYYgcW3WavWpSrlIQ4H4w==
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 5DDB	102 B 134 B	16ms 15ms	Other text/javascript	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8nkg5puptq9m User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Sat, 29 Jan 2022 23:27:56 GMT
GET H2	204	utx Show response goverytra.com/	0 485 B	233ms 203ms	XHR text/plain	18.66.248.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://goverytra.com/utx?tid=787650&top=ouo.press&cb=4vZx7XQlKk4U Requested by Host: aphycolourses.info URL: https://aphycolourses.info/MERxSU9LZgI%2BEEU2HWt1EiwFPT9Dfl5mIEUrXzk9VTcCZjxHaRwoOR0qXyM8EmhTOiJWZkt4YxIwEC4QWSBTc20HfEZ%2FegBmXWs8RSYuICsCZktregJ8F3AsVSFcK35WfVx9LVJ1XCssCXBcL3oEd0V9egB9RH92Ejk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.87 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-87.dus51.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:56 GMT via 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop DUS51-P1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://ouo.press cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id jIqPWUd69g-1hz9zn0eOYZvA4HhHCZK0q_jvTYhTUQH_rH010tqdlw==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/ Frame 1641	0 307 B	9ms 8ms	XHR text/plain	65.9.71.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fouo.press&pubid=4cd01fd0-0780-4b33-a4da-c39467660185 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.173 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-173.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 19:10:11 GMT via 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront) server Server age 15464 x-cache Hit from cloudfront access-control-allow-origin https://ouo.press cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 x-amz-cf-id HU8_xGJIAaXSOkT1QKchHYFitbKC3HyisSJdjIxWBq1kOHn_LEviuQ==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/ Frame 1641	23 B 488 B	43ms 43ms	XHR text/javascript	65.9.71.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fouo.press%2FWU6xrp&pid=D6NtjcOoCXmpz&cb=0&ws=728x90&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%2293863%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&schain=1.0%2C1!firstimpression.io%2C7419%2C1%2C%2C%2C&pubid=4cd01fd0-0780-4b33-a4da-c39467660185&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.173 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-173.fra56.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:56 GMT via 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-C1 x-amz-rid FS4YFJJYVZYR5EM7K7W2 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ouo.press access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id L3yH2lrUV83JZsX0C72p79JwxBZIsvYoH04dMiTDMuKvrJQPmGIDfQ==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1641	6 KB 3 KB	21ms 6ms	XHR application/javascript	65.9.71.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.173 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-173.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 00:05:05 GMT content-encoding gzip vary Accept-Encoding,Origin age 84172 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 21 Jan 2022 02:54:57 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn via 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA56-C1 content-type application/javascript x-amz-cf-id A214SwmYSMDq-6UcLufhKltb36Ru85eZ7HohIMIDTX4qRB-SmAdIXg==
POST H2	200	/ Show response mmandard.com/	0 37 B	349ms 120ms	XHR text/plain	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mmandard.com/ Requested by Host: aphycolourses.info URL: https://aphycolourses.info/MERxSU9LZgI%2BEEU2HWt1EiwFPT9Dfl5mIEUrXzk9VTcCZjxHaRwoOR0qXyM8EmhTOiJWZkt4YxIwEC4QWSBTc20HfEZ%2FegBmXWs8RSYuICsCZktregJ8F3AsVSFcK35WfVx9LVJ1XCssCXBcL3oEd0V9egB9RH92Ejk Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame 5DDB	30 KB 17 KB	40ms 39ms	XHR application/json	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 38bed77529bacaa520b6b549bdc1d1a02cc3c02cd9679cf9c4e0228500ae5ada Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr1ncUAAAAAH3cghg6cOTPGARa8adOf-y9zv2x&co=aHR0cHM6Ly9vdW8ucHJlc3M6NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=8nkg5puptq9m Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type application/x-protobuffer Response headers date Sat, 29 Jan 2022 23:27:56 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16909 x-xss-protection 1; mode=block expires Sat, 29 Jan 2022 23:27:56 GMT
POST H2	200	v1 cdn.firstimpression.io/tracking/habit/ Frame 1641	2 B 405 B	34ms 34ms	Ping text/plain	99.86.3.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.firstimpression.io/tracking/habit/v1?b=1 Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-83.fra6.r.cloudfront.net Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 29 Jan 2022 23:27:56 GMT access-control-request-method * x-amz-cf-pop FRA6-C1 access-control-allow-methods OPTIONS, GET, POST content-type text/plain access-control-allow-origin https://ouo.press access-control-allow-credentials true x-cache Miss from cloudfront access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 2 via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) x-amz-cf-id mlVZwgJekJzaah_h1-ybHHRXwAlHCENQcdGmPAZpCMDXC5NEHMdyBg==
GET H/1.1	200 OK	js Show response tags.mathtag.com/notify/ Frame 637F	2 KB 2 KB	73ms 38ms	Script application/x-javascript	185.29.134.245 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Full URL https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTnprM1pEZ3paV1F0TkRFNU9TMDVZelZoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTQ3NDg1NTQwMDQ5NDk0NDUvOTY5MDAzNS85OTU1OTkzLzkvbVFwSTh1OWhsQVF5WURnLUJKRXNSMVNsbW5VZklXZEN0b21YTnZ5Q3d5NC8xLzkvMC8wLzE3NzM1NjYvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NTQ3NDg1NTQwMDQ5NDk0NDUvenJoLzAvOTk5NS80Ni85OTkvMi8yMDAxOmFjODoyMDozYjAwOjovMC4wMDAvMTY0MzQ5ODg3Ni8xNjQzNTAyNDc2LzkvMTg0Mzgv/BTAMgOuPGYMPCydFC94hmGLxSTY&nodeid=515&group=zrh&auctionid=8554748554004949445&shardkey=8554748554004949445&sid=9955993&cid=9690035&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.169&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.300.0 / Resource Hash 56c04640df0c848f3b27ffd8fd09c88efbdf7bad39f28076a9b7615fbacd3d16 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:56 GMT Content-Encoding gzip x-mm-bid-request-time 1643498876 Last-Modified Sat, 29 Jan 2022 23:27:56 GMT Server MMBD/3.300.0 x-mm-latency 22 (1) P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" x-mm-dbg Count Cache-Control no-cache x-mm-host cdg-router-x98, zrh-bidder-x70 Connection close Content-Type application/x-javascript; charset=UTF-8 Expires Sat, 29 Jan 2022 23:27:55 GMT
GET H/1.1	200	adbcaf5f-bc7a-4a94-b112-3d9c840b5878 beacon-ams3.rubiconproject.com/beacon/d/ Frame 637F	43 B 354 B	154ms 51ms	Image image/avif	2602:803:c003:200::27 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://beacon-ams3.rubiconproject.com/beacon/d/adbcaf5f-bc7a-4a94-b112-3d9c840b5878?oo=0&accountId=18438&siteId=202928&zoneId=1317174&sizeId=2&e=6A1E40E384DA563B5E09CBC4BBDA275E71CDDEADBCEF9BF61F939E831F5426B8777A002265D0388C1E5731BDE3FEEFEB5ABF4BC26238BE18F26BCCFAB17F7F019A58CD73B9A1833D1A54CDADB61B7391B6D123DDCF201A9C3C5752C1B6F7765012A1A442B9348D0AEBADB519238AA9D43513EB448999ED39EB467B389DB2591017484A0970FD32C2EE6F9789AF724F6C4DDE931AD4541DA5005CF44CED6DEC2A1E4E96683EF3D867A3DF6BDBE9F1C588FFD72202373379C7 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 29 Jan 2022 23:27:56 GMT X-Content-Type-Options nosniff X-Frame-Options DENY Content-Type image/avif Cache-Control private, max-age=0, no-cache Connection keep-alive Content-Length 43 X-XSS-Protection 1; mode=block Expires 01 Jan 1970 10:00:00 GMT
GET H/1.1	200 OK	ck-confirm tags.mathtag.com/ Frame 637F Redirect Chain https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTnprM1pEZ3paV1F0TkRFNU9TMDVZelZoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTQ3NDg1NTQwMDQ5NDk0NDUvOTY5MDAzNS85OTU1OTkzLzkvbVFwST... https://tags.mathtag.com/ck-confirm?bid_id=8554748554004949445&node_id=515&exch_id=9	49 B 329 B	73ms 58ms	Image image/gif	185.29.134.245 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/ck-confirm?bid_id=8554748554004949445&node_id=515&exch_id=9 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Server 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.300.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:57 GMT Server MMBD/3.300.0 Content-Type image/gif Cache-Control no-cache x-mm-host cdg-router-x27, zrh-bidder-x70 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Sat, 29 Jan 2022 23:27:56 GMT Redirect headers Date Sat, 29 Jan 2022 23:27:57 GMT x-mm-bid-request-time 1643498876 Last-Modified Sat, 29 Jan 2022 23:27:56 GMT Server MMBD/3.300.0 x-mm-latency 34 (1) P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://tags.mathtag.com/ck-confirm?bid_id=8554748554004949445&node_id=515&exch_id=9 x-mm-dbg Count Cache-Control no-cache x-mm-host cdg-router-x42, zrh-bidder-x70 Connection keep-alive Content-Type text/html; charset=utf-8 Keep-Alive timeout=360 Content-Length 84 Expires Sat, 29 Jan 2022 23:27:56 GMT
GET H/1.1	200 OK	1c1wx3ge11rm Show response hal9000.redintelligence.net/zone/ Frame 637F	10 KB 3 KB	102ms 47ms	Script text/html	159.69.70.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/1c1wx3ge11rm?subid=&gdpr=0&gdpr_consent=&rnd=8554748554004949445&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D201e68a4e2556fe412a53986b6c3d875bcecf39a_2%26mt_aid%3D8554748554004949445%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_cid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F%26redirect%3D Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.70.69.159.clients.your-server.de Software Apache / Resource Hash bf9245b494c4366ae22cbcea0bdf1d4f3ec4417d4953d44d87aa8ebfd4e9cde3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:57 GMT Content-Encoding gzip Server Apache Connection close Content-Length 2954 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	ck-confirm tags.mathtag.com/ Frame 637F	49 B 329 B	123ms 86ms	Image image/gif	185.29.134.245 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/ck-confirm?bid_id=8554748554004949445&node_id=515&exch_id=9 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTnprM1pEZ3paV1F0TkRFNU9TMDVZelZoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTQ3NDg1NTQwMDQ5NDk0NDUvOTY5MDAzNS85OTU1OTkzLzkvbVFwSTh1OWhsQVF5WURnLUJKRXNSMVNsbW5VZklXZEN0b21YTnZ5Q3d5NC8xLzkvMC8wLzE3NzM1NjYvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NTQ3NDg1NTQwMDQ5NDk0NDUvenJoLzAvOTk5NS80Ni85OTkvMi8yMDAxOmFjODoyMDozYjAwOjovMC4wMDAvMTY0MzQ5ODg3Ni8xNjQzNTAyNDc2LzkvMTg0Mzgv/BTAMgOuPGYMPCydFC94hmGLxSTY&nodeid=515&group=zrh&auctionid=8554748554004949445&shardkey=8554748554004949445&sid=9955993&cid=9690035&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.169&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.300.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:57 GMT Server MMBD/3.300.0 Content-Type image/gif Cache-Control no-cache x-mm-host cdg-router-x49, zrh-bidder-x70 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Sat, 29 Jan 2022 23:27:56 GMT
GET H/1.1	200 OK	img pixel.mathtag.com/event/ Frame 637F	43 B 404 B	152ms 51ms	Image image/gif	2.18.233.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=8554748554004949445&v3=1040879&v4=9955993&v5=9690035&mt_nsync=1&no_attr=1 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTnprM1pEZ3paV1F0TkRFNU9TMDVZelZoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTQ3NDg1NTQwMDQ5NDk0NDUvOTY5MDAzNS85OTU1OTkzLzkvbVFwSTh1OWhsQVF5WURnLUJKRXNSMVNsbW5VZklXZEN0b21YTnZ5Q3d5NC8xLzkvMC8wLzE3NzM1NjYvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NTQ3NDg1NTQwMDQ5NDk0NDUvenJoLzAvOTk5NS80Ni85OTkvMi8yMDAxOmFjODoyMDozYjAwOjovMC4wMDAvMTY0MzQ5ODg3Ni8xNjQzNTAyNDc2LzkvMTg0Mzgv/BTAMgOuPGYMPCydFC94hmGLxSTY&nodeid=515&group=zrh&auctionid=8554748554004949445&shardkey=8554748554004949445&sid=9955993&cid=9690035&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.169&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:57 GMT Server MT3 4133 baa842e master cdg-pixel-x5 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 29 Jan 2022 23:27:56 GMT
GET H/1.1	200 OK	img tags.mathtag.com/event/ Frame 637F	49 B 330 B	127ms 79ms	Image image/gif	185.29.134.245 MEDIAMATH-INC
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=8554748554004949445&st=9955993&time=1643498876&nodeid=515 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTnprM1pEZ3paV1F0TkRFNU9TMDVZelZoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTQ3NDg1NTQwMDQ5NDk0NDUvOTY5MDAzNS85OTU1OTkzLzkvbVFwSTh1OWhsQVF5WURnLUJKRXNSMVNsbW5VZklXZEN0b21YTnZ5Q3d5NC8xLzkvMC8wLzE3NzM1NjYvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NTQ3NDg1NTQwMDQ5NDk0NDUvenJoLzAvOTk5NS80Ni85OTkvMi8yMDAxOmFjODoyMDozYjAwOjovMC4wMDAvMTY0MzQ5ODg3Ni8xNjQzNTAyNDc2LzkvMTg0Mzgv/BTAMgOuPGYMPCydFC94hmGLxSTY&nodeid=515&group=zrh&auctionid=8554748554004949445&shardkey=8554748554004949445&sid=9955993&cid=9690035&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.169&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US), Reverse DNS Software MMBD/3.300.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:57 GMT Server MMBD/3.300.0 Content-Type image/gif Cache-Control no-cache x-mm-host cdg-router-x106, zrh-bidder-x70 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Sat, 29 Jan 2022 23:27:56 GMT
GET H/1.1	200 OK	request.php Show response hal90003.redintelligence.net/ Frame 637F Redirect Chain https://hal90003.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=76b150261f&subid=&uid=8639345d1c520a15&screenSize=1600x1200&screenSizeAvail=1600x1200&cli... https://hal90003.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=76b150261f&subid=&uid=8639345d1c520a15&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...	610 B 935 B	82ms 60ms	Script application/x-javascript	138.201.63.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90003.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=76b150261f&subid=&uid=8639345d1c520a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D201e68a4e2556fe412a53986b6c3d875bcecf39a_2%26mt_aid%3D8554748554004949445%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_cid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F%26redirect%3D&documentReferer=https%3A%2F%2Fouo.press%2FWU6xrp&ancestorOrigins=https%3A%2F%2Fouo.press%2Chttps%3A%2F%2Fouo.press&random=1729314786971&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Server 138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.117.63.201.138.clients.your-server.de Software Apache / Resource Hash bf4f549a96742f5d1beb2f4f73d370fa5be033f8dda364f13676f5fdb193e7d4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 29 Jan 2022 23:27:57 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 57826600003834503891606011855003 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 329 Expires Sat, 29 Jan 2022 23:27:57 +0100 Redirect headers Pragma no-cache Date Sat, 29 Jan 2022 23:27:57 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=76b150261f&subid=&uid=8639345d1c520a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D201e68a4e2556fe412a53986b6c3d875bcecf39a_2%26mt_aid%3D8554748554004949445%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_cid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F%26redirect%3D&documentReferer=https%3A%2F%2Fouo.press%2FWU6xrp&ancestorOrigins=https%3A%2F%2Fouo.press%2Chttps%3A%2F%2Fouo.press&random=1729314786971&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Sat, 29 Jan 2022 23:27:57 +0100
GET H3	200	prebid.js Show response cdn.adtrue.com/pb/ Frame CA44	252 KB 77 KB	97ms 48ms	Script application/x-javascript	2606:4700:3033::ac43:8bcc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/pb/prebid.js Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FWU6xrp&cb=404598444&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/WU6xrp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4998609 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 14 Apr 2021 09:06:46 GMT server cloudflare etag W/"6076b0a6-3f06e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXUwhtC%2BD3eAwtibFWtygxIlX9VBGhCgKbLPh9SwYNWoAya7Xnb4bXxF9klsD0srk3ZAOhFHCktiNcHjo7j2lTU4p3sVPOFHHs2TitYPzfDczrFRoNGOWP%2FgMd8z93Lpm3RoWrHjE03P%2B89nwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=31104000 cf-ray 6d563bee6c6e59c5-MXP expires Mon, 28 Nov 2022 02:57:47 GMT
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame CA44	255 KB 79 KB	77ms 18ms	Script text/javascript	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip last-modified Wed, 27 Oct 2021 05:33:12 GMT server Apache/2.2.15 (CentOS) etag "1241a12-3fca8-5cf4eee137dd8" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control public, max-age=71244 accept-ranges bytes content-type text/javascript content-length 80538 expires Sun, 30 Jan 2022 19:15:21 GMT
GET H2	200	ga.js Show response cdn-adtrue.com/track/ Frame CA44	502 B 906 B	82ms 30ms	Script application/x-javascript	2606:4700:3038::6815:ead7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-adtrue.com/track/ga.js Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=12953&ref=https%3A%2F%2Fouo.press%2FWU6xrp&cb=404598444&timeZone=0&adWidth=300&adHeight=250&loc=https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 24347780 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 02 Apr 2021 11:02:09 GMT server cloudflare etag W/"6066f9b1-1f6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khVkAHFXvZvUxRcrttcOACKEqOF8z1BF0x9PgHxPSbXhIdngq%2FwJ6ZXUGlq6HC3lEdLL%2BjSRSn2ZLJXTdKb1tiHhKniEktrWDw0GVHSnqr950VRIHff5korNbssg8Ey2gU%2BSMcT1WxBgHIF9KA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=31104000 cf-ray 6d563bee7f2f5a1f-MXP expires Mon, 18 Apr 2022 04:11:37 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame CA44	96 KB 38 KB	38ms 16ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST Requested by Host: cdn-adtrue.com URL: https://cdn-adtrue.com/track/ga.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 27a01a79b223d9b1903ceb2149ddc1aadcf5c6fda27ccb4c8cb34c1cc816bc64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38008 x-xss-protection 0 last-modified Sat, 29 Jan 2022 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 29 Jan 2022 23:27:57 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	74ms 20ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://ouo.press User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 access-control-allow-origin https://ouo.press access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1552 date Sat, 29 Jan 2022 23:27:56 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame CA44 Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fouo.press%2F&domain=ouo.press&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=zU_30Xx3RWl0VEpob2RmQ0RJaHQ1SFg1Q3ZPOVhoNFFpZ2lmMG9FdEtKcDBNWVB6bkpFeDFaejNod0VCQ2hoNWZQdzN2Wm13eS81cFQ4MHVZcDZSRkowZzE3cWZBb0dtWlRLc2tvZGw5NzJRVTkzdmRISFpMS05VSTcwcF...	345 B 614 B	53ms 23ms	XHR application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=zU_30Xx3RWl0VEpob2RmQ0RJaHQ1SFg1Q3ZPOVhoNFFpZ2lmMG9FdEtKcDBNWVB6bkpFeDFaejNod0VCQ2hoNWZQdzN2Wm13eS81cFQ4MHVZcDZSRkowZzE3cWZBb0dtWlRLc2tvZGw5NzJRVTkzdmRISFpMS05VSTcwcFFqQ1V1aDFpdTRqWkhZUEpTRzdTNno5Nms4MWtKeDByM29kelFreHhPR0xrSmtUcVY0bi91WUFDSlI0dEVFbnV1UlRvcTFBY1VVRTZkUS9vRFJGVGZCMW9ZOVIyOXNxVWx6aFJyN2JrSndGUUIyTElRSjJzPXw&cppv=2 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 552bdca5cb1b6036fbf584414094db95a0ad3cfaddfd150f0e0cb12aca16f6b1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2140 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Sat, 29 Jan 2022 23:27:56 GMT location https://mug.criteo.com/sid?cpp=zU_30Xx3RWl0VEpob2RmQ0RJaHQ1SFg1Q3ZPOVhoNFFpZ2lmMG9FdEtKcDBNWVB6bkpFeDFaejNod0VCQ2hoNWZQdzN2Wm13eS81cFQ4MHVZcDZSRkowZzE3cWZBb0dtWlRLc2tvZGw5NzJRVTkzdmRISFpMS05VSTcwcFFqQ1V1aDFpdTRqWkhZUEpTRzdTNno5Nms4MWtKeDByM29kelFreHhPR0xrSmtUcVY0bi91WUFDSlI0dEVFbnV1UlRvcTFBY1VVRTZkUS9vRFJGVGZCMW9ZOVIyOXNxVWx6aFJyN2JrSndGUUIyTElRSjJzPXw&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://ouo.press cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2095 content-length 482 expires 0
GET H/1.1	200 OK	request_content.php Show response hal90003.redintelligence.net/ Frame 6A05	4 KB 2 KB	37ms 14ms	Document text/html	138.201.63.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90003.redintelligence.net/request_content.php?s=57826600003834503891606011855003&a=3fd919b3 Requested by Host: hal90003.redintelligence.net URL: https://hal90003.redintelligence.net/request.php?zone=1c1wx3ge11rm&nw=20&renderingType=javascript&namespace=76b150261f&subid=&uid=8639345d1c520a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D201e68a4e2556fe412a53986b6c3d875bcecf39a_2%26mt_aid%3D8554748554004949445%26mt_id%3D9690035%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_cid%3Ddc8c61f5-cd7c-4901-84f8-9eedf5fcfa62%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2Fadbcaf5f-bc7a-4a94-b112-3d9c840b5878%2F%26redirect%3D&documentReferer=https%3A%2F%2Fouo.press%2FWU6xrp&ancestorOrigins=https%3A%2F%2Fouo.press%2Chttps%3A%2F%2Fouo.press&random=1729314786971&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.117.63.201.138.clients.your-server.de Software Apache / Resource Hash c895fe92ec72955166a729f0ead4fa6694176620487114f9a0aa3c08a7345c4c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ Response headers Date Sat, 29 Jan 2022 23:27:57 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Sat, 29 Jan 2022 23:27:57 +0100 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 1532 Connection close Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 56AE	281 B 554 B	30ms 7ms	Document text/html	104.109.78.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?&geo=eu&co=de Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 14 Dec 2021 23:07:59 GMT ETag "40014-119-5d32342a551c0" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 29 Jan 2022 23:27:57 GMT Connection keep-alive Vary Accept-Encoding
POST H2	204	cdb Show response bidder.criteo.com/ Frame CA44	0 210 B	16ms 16ms	XHR text/plain	178.250.2.131 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=47896228620 Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.am5.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 29 Jan 2022 23:27:56 GMT server Finatra vary Origin access-control-allow-origin https://ouo.press access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame CA44	138 B 809 B	7ms 6ms	XHR application/json	37.252.173.27 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 64b84b96b7d8ed8eb60f84d54844136be061c0c4d6c46ff87d2469142b400dd7 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 29 Jan 2022 23:27:57 GMT X-Proxy-Origin 217.64.151.3; 217.64.151.3; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid fe65f914-6604-44ff-b9ed-a008f8a31fd5 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ouo.press Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 138 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST		translator hbopenbid.pubmatic.com/ Frame CA44	0 0
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame CA44	165 KB 61 KB	31ms 17ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7413d386568844abf5d716cd73aa7fd36446fda4c538879e8f998505bfc8fd10 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62408 x-xss-protection 0 expires Sat, 29 Jan 2022 23:27:57 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame CA44	49 KB 20 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6783 date Sat, 29 Jan 2022 21:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sat, 29 Jan 2022 23:34:54 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 56AE	32 KB 10 KB	7ms 7ms	Script text/html	104.109.78.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html?&geo=eu&co=de User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:57 GMT Content-Encoding gzip Last-Modified Wed, 15 Dec 2021 23:04:16 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=17892 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9704 Expires Sun, 30 Jan 2022 04:26:09 GMT
GET H2	200	/ Show response track.adform.net/adfscript/ Frame 6A05	767 B 958 B	91ms 20ms	Script text/javascript	37.157.4.25 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/adfscript/?bn=51990306;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal90003.redintelligence.net%2Fc%2Fpfzt9iud8yv59sl%3Ftprde%3D Requested by Host: hal90003.redintelligence.net URL: https://hal90003.redintelligence.net/request_content.php?s=57826600003834503891606011855003&a=3fd919b3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash bdf96bf7eb8acaccaea9f243ff6965e81b833194dc23e6f83ac5be17118b40df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript; charset=utf-8 content-length 565 expires -1
GET H/1.1	200 OK	viewability Show response hal90003.redintelligence.net/ Frame 6A05	0 150 B	43ms 19ms	Script text/html	138.201.63.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90003.redintelligence.net/viewability?s=57826600003834503891606011855003&a=e7f4c033&vb=m Requested by Host: hal90003.redintelligence.net URL: https://hal90003.redintelligence.net/request_content.php?s=57826600003834503891606011855003&a=3fd919b3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.117.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/request_content.php?s=57826600003834503891606011855003&a=3fd919b3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:57 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H3	200	collect Show response www.google-analytics.com/j/ Frame CA44	1 B 21 B	31ms 17ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1597183723&t=pageview&_s=1&dl=https%3A%2F%2Fouo.press%2FWU6xrp&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=YEBAAEABAAAAAC~&jid=153149527&gjid=1761266301&cid=1574075232.1643498877&tid=UA-177299981-5&_gid=1997014270.1643498877&_r=1&gtm=2wg1q0NPLC9ST&z=1496661756 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ouo.press cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/ Frame CA44	0 342 B	49ms 13ms	Ping text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe1q0&_p=1597183723&sr=1600x1200&_gaz=1&ul=en-us&cid=1574075232.1643498877&_s=1&dl=https%3A%2F%2Fouo.press%2FWU6xrp&dt=&sid=1643498877&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ouo.press cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/ Frame CA44	0 342 B	60ms 18ms	Ping text/plain	2a00:1450:400c:c08::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0DTZ6LRDBJ&cid=1574075232.1643498877&gtm=2oe1q0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ouo.press cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Frame CA44	42 B 501 B	40ms 16ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0DTZ6LRDBJ&cid=1574075232.1643498877&gtm=2oe1q0&aip=1&z=12952076 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	60ms 17ms	Preflight application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=zU_30Xx3RWl0VEpob2RmQ0RJaHQ1SFg1Q3ZPOVhoNFFpZ2lmMG9FdEtKcDBNWVB6bkpFeDFaejNod0VCQ2hoNWZQdzN2Wm13eS81cFQ4MHVZcDZSRkowZzE3cWZBb0dtWlRLc2tvZGw5NzJRVTkzdmRISFpMS05VSTcwcFFqQ1V1aDFpdTRqWkhZUEpTRzdTNno5Nms4MWtKeDByM29kelFreHhPR0xrSmtUcVY0bi91WUFDSlI0dEVFbnV1UlRvcTFBY1VVRTZkUS9vRFJGVGZCMW9ZOVIyOXNxVWx6aFJyN2JrSndGUUIyTElRSjJzPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 975 date Sat, 29 Jan 2022 23:27:57 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip vary Accept-Encoding
GET H2	200	bootstrap.js Show response s1.adform.net/stoat/626/s1.adform.net/ Frame 6A05	33 KB 16 KB	91ms 23ms	Script text/javascript	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Requested by Host: track.adform.net URL: https://track.adform.net/adfscript/?bn=51990306;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal90003.redintelligence.net%2Fc%2Fpfzt9iud8yv59sl%3Ftprde%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 3155cd449a2085846e620747cc4f30dbf639cfcf5f4211e1c7224043e8806d45 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip last-modified Wed, 26 Jan 2022 13:59:05 GMT server nginx x-cache-status HIT vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=100000 expires Mon, 31 Jan 2022 03:09:17 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 56AE Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1owR1NQRTMtMUstREtIVg== https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1owR1NQRTMtMUstREtIVg==&google_tc=	170 B 188 B	67ms 47ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1owR1NQRTMtMUstREtIVg==&google_tc= Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1owR1NQRTMtMUstREtIVg==&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 299 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 56AE Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=dc8c61f5-cd7c-4901-84f8-9eedf5fcfa62&expires=28	0 239 B	44ms 8ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=dc8c61f5-cd7c-4901-84f8-9eedf5fcfa62&expires=28 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 611afce88997db6fdd35eb213e662871 Content-Type image/gif Redirect headers Date Sat, 29 Jan 2022 23:27:57 GMT Server MT3 4133 baa842e master zrh-pixel-x5 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=dc8c61f5-cd7c-4901-84f8-9eedf5fcfa62&expires=28 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Sat, 29 Jan 2022 23:27:56 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 56AE Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmYzNDJmNjY4NmIxNzY1NzRjOTVkODlmNDEyYWM1OTYzNGIzMTMzZg https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmYzNDJmNjY4NmIxNzY1NzRjOTVkODlmNDEyYWM1OTYzNGIzMTMzZg&google_tc=	170 B 188 B	35ms 16ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmYzNDJmNjY4NmIxNzY1NzRjOTVkODlmNDEyYWM1OTYzNGIzMTMzZg&google_tc= Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmYzNDJmNjY4NmIxNzY1NzRjOTVkODlmNDEyYWM1OTYzNGIzMTMzZg&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 334 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 56AE Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/NJnfmnYIBWAU3DT3ruPy-Mn5EUdSAgOZEtemQ7w0kco?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1985246006647438868	0 239 B	28ms 28ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1985246006647438868 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 611afce88997db6fdd35eb213e662871 Content-Type image/gif Redirect headers date Sat, 29 Jan 2022 23:27:57 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1985246006647438868 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff
GET H2	200	rubicon match.adsrvr.org/track/cmf/ Frame 56AE	70 B 265 B	106ms 32ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/rubicon Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	451	709414.gif id.rlcdn.com/ Frame 56AE	0 0	39ms 15ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://id.rlcdn.com/709414.gif Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 56AE Redirect Chain https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfXNfQACRkfY8wAy https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfXNfQACRkfY8wAy&_test=YfXNfQACRkfY8wAy	0 239 B	22ms 22ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfXNfQACRkfY8wAy&_test=YfXNfQACRkfY8wAy Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 611afce88997db6fdd35eb213e662871 Content-Type image/gif Redirect headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT via 1.1 varnish server Varnish x-timer S1643498878.595529,VS0,VE0 x-served-by cache-hhn4072-HHN x-cache HIT location https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfXNfQACRkfY8wAy&_test=YfXNfQACRkfY8wAy cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 56AE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAVYyJJixyQPCbzIubSOjd8&google_cver=1	0 239 B	18ms 10ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAVYyJJixyQPCbzIubSOjd8&google_cver=1 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 611afce88997db6fdd35eb213e662871 Content-Type image/gif Redirect headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAVYyJJixyQPCbzIubSOjd8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response track.adform.net/adfserve/ Frame 6A05	4 KB 2 KB	23ms 23ms	Script text/javascript	37.157.4.25 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/adfserve/?CC=1&bn=51990306;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal90003.redintelligence.net%2Fc%2Fpfzt9iud8yv59sl%3Ftprde%3D;js=1;adfxid=1x;5333;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fouo.press Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 943b42500893bcab040747c436fbc39fb4008abbcd06dec28ea777e6a52c231b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript; charset=utf-8 content-length 1990 expires -1
GET DATA	200 OK	truncated / Frame 6A05	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	addDoubleBorder.js Show response cdn.contentspread.net/24i/tools/js/ Frame 6A05	851 B 1 KB	78ms 26ms	Script application/javascript	51.75.147.170 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js Requested by Host: hal90003.redintelligence.net URL: https://hal90003.redintelligence.net/request_content.php?s=57826600003834503891606011855003&a=3fd919b3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.75.147.170 , France, ASN16276 (OVH, FR), Reverse DNS ns3133977.ip-51-75-147.eu Software nginx / Resource Hash abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:57 GMT Last-Modified Tue, 03 May 2016 20:54:50 GMT Server nginx ETag "5729101a-353" Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 851
GET H2	200	Standard Show response s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 6A05	91 KB 39 KB	35ms 34ms	Script text/javascript	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 1b618bee5daf4e8a14ef5aefa5c7e80ea96451fcd48884e8a615e4250a9d4ba8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip last-modified Wed, 26 Jan 2022 13:59:05 GMT server nginx x-cache-status HIT vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=100000 expires Mon, 31 Jan 2022 03:09:21 GMT
POST H2	200	/ track.adform.net/csimpr/ Frame 6A05	35 B 477 B	21ms 20ms	Ping image/gif	37.157.4.25 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/csimpr/?bn=51990306&csi=8EYw7tpWCMP-IGwvlMFR-sfP4YfCSo_R9kimuRGMDcnrygPkIxxfk3EjfKEnm843tgTdDbFOR9ErIQLxeU1vA96vWmW1dlSa0 Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://hal90003.redintelligence.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://hal90003.redintelligence.net cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type image/gif access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
GET H2	200	10674131.js Show response s1.adform.net/Banners/Elements/Files/160090/10674131/ Frame 336C	3 KB 1 KB	22ms 21ms	Script application/x-javascript	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/10674131.js?ADFassetID=10674131&bv=258 Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8a19b85a939fe730b6981fb8b1c8fb083a311dcacd37f897c030415f7afcf8de Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip last-modified Tue, 14 Dec 2021 16:48:48 GMT server nginx etag W/"61b8caf0-bf3" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 content-type application/x-javascript
GET H2	200	screen.css s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	1 KB 863 B	20ms 19ms	Stylesheet text/css	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/screen.css Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 639c03dcce5c64381d1307e6edae4128abde30a0c870139071e6c5725ebb8e48 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip last-modified Tue, 14 Dec 2021 16:48:48 GMT server nginx etag W/"61b8caf0-534" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 content-type text/css
GET H2	200	Adform.DHTML.js Show response s1.adform.net/banners/scripts/rmb/ Frame 336C	30 KB 13 KB	22ms 21ms	Script application/x-javascript	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626 Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip last-modified Fri, 14 May 2021 12:35:38 GMT server nginx etag W/"609e6e9a-76d9" x-cache-status HIT p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 content-type application/x-javascript
GET H2	200	introfill.png s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	117 B 413 B	22ms 21ms	Image image/png	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/introfill.png Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:45 GMT server nginx etag "61b8caed-75" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/png content-length 117
GET H2	200	stoerer.png s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	4 KB 4 KB	22ms 21ms	Image image/png	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/stoerer.png Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 632dbf79906663d624f02e07c694aea26ea7af45d693cc1391dbbd679512e0f0 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:48 GMT server nginx etag "61b8caf0-1011" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/png content-length 4113
GET H2	200	text1.png s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	15 KB 15 KB	25ms 23ms	Image image/png	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/text1.png Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 40a0f5dd67c3872993adfee2988cbe160cad5c07631da96b4a5bc6ca7f4a2eea Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:47 GMT server nginx etag "61b8caef-3c68" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/png content-length 15464
GET H2	200	text2.png s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	5 KB 5 KB	25ms 22ms	Image image/png	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/text2.png Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash d7ee257e5cc157a6b5d47b0c65926f276c1b0b8da2e5df8096c34f415ef8ef3f Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:47 GMT server nginx etag "61b8caef-1216" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/png content-length 4630
GET H2	200	text3.png s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	11 KB 11 KB	28ms 25ms	Image image/png	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/text3.png Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 597493b4a8767f74b1392b10e164426ffe9c11949b209bfecb3596a03ad00e09 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:48 GMT server nginx etag "61b8caf0-2a2b" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/png content-length 10795
GET H2	200	disclaimer.png s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	1 KB 1 KB	28ms 24ms	Image image/png	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/disclaimer.png Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 298a49884af0d3488fc30e1d88878c7dbe1c0a07d17f6d9d64a15f854cc6cd78 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:45 GMT server nginx etag "61b8caed-4cf" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/png content-length 1231
GET H2	200	cta.png s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	3 KB 3 KB	27ms 25ms	Image image/png	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/cta.png Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash deee94b6bae2b88ae952755415c0bb34a56c29c0da375ce2090ab880ac8df973 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:45 GMT server nginx etag "61b8caed-a25" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/png content-length 2597
GET H2	200	logostart.png s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	4 KB 4 KB	27ms 25ms	Image image/png	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/logostart.png Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8801fd6b018fa8b0c6fa01c0e7838c184b64df6557c97baeb0d9041bdf657083 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:48 GMT server nginx etag "61b8caf0-ea3" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/png content-length 3747
GET H2	200	logo.png s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	4 KB 4 KB	35ms 33ms	Image image/png	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/logo.png Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash d0a0a94ad4f9c90d139c619d2d4db0ee85d63b39d7c856f127d432467b7b365d Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:47 GMT server nginx etag "61b8caef-ea5" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/png content-length 3749
GET H2	200	background.jpg s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	5 KB 5 KB	36ms 35ms	Image image/jpeg	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/background.jpg Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 041743565ed84cfbe2769b21e6498731b3c05678cb51ed8cc8cee208e5f907de Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT last-modified Tue, 14 Dec 2021 16:48:47 GMT server nginx etag "61b8caef-14aa" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes content-type image/jpeg content-length 5290
GET H2	200	CSSPlugin.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 336C	38 KB 14 KB	66ms 28ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5885904 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13669 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e71-9833" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qM3sBHAEZXcZYStwi14jaEYH0WT82dd3liThCjZyfnL0TnXkc7LI6n15T4vB9Hye%2Fli8GRCrccid3Mhzc9Mo303jP5BLna%2FaDLxhEyM3Td0%2B3GGHtmNgoonW%2FWggRhHxMsj%2BFs5ZuwTSctGu1BrcBwQS"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6d563bf23a6083b8-MXP expires Thu, 19 Jan 2023 23:27:57 GMT
GET H2	200	EasePack.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 336C	5 KB 2 KB	68ms 29ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2089815 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1730 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e71-146f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Epk5%2FjMjLe11VqsVFdF2j1adt3pfhBAHgtQYCAjhAk3SxTRQH5kCoDuSJuDGjJFqfz5DoluvGoY3A19qze64tCdbxgtJW1NVXoy5oJmIhS8OMJ1mePtaE6MR5Q6LP13Chq1nt5BgZ8xEi%2BypSDurlBd"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6d563bf23a6883b8-MXP expires Thu, 19 Jan 2023 23:27:57 GMT
GET H2	200	TweenLite.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 336C	26 KB 9 KB	67ms 29ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 241434 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8578 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e71-697f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMrKhSzouwXjwQnxk8hFg2lkVOmQh%2FEI9E%2FvUmyMNG9hnQYvaDsIIB0RNnceyHeuNTQfK3j%2Fx9PjqJGgmiDn7KsnWGPdXA89LkwNWGEENx5A%2Fa3T1TyTXNPnnrEhuiKltbCUig8344tF9Ypw7yHdXRmz"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6d563bf23a6e83b8-MXP expires Thu, 19 Jan 2023 23:27:57 GMT
GET H2	200	script.js Show response s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/ Frame 336C	8 KB 1 KB	36ms 35ms	Script application/x-javascript	37.157.6.235 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/Banners/Elements/Files/160090/10674131/bvpath_258/script.js Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.217/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 0fe204cd3e46fd5d2e8fdd9664895e842dd9122d8f41f6393ab3ae00641eda8a Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip last-modified Tue, 14 Dec 2021 16:48:47 GMT server nginx etag W/"61b8caef-1efa" x-cache-status HIT strict-transport-security max-age=0 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin * cache-control public, max-age=604800 content-type application/x-javascript
GET H3	200	passback.js Show response cdn.adtrue.com/rtb/ Frame 73A6	753 B 1010 B	25ms 25ms	Script application/x-javascript	2606:4700:3033::ac43:8bcc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/rtb/passback.js Requested by Host: ouo.press URL: https://ouo.press/WU6xrp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 14183649 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 28 Oct 2020 03:26:52 GMT server cloudflare etag W/"5f98e4fc-2f1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTyJEO%2BWmKxCj8s3m4oJIEQElU%2FBNXr8xsYqCipPLXJDnThHWp%2BHjdrRwU1r9wxIRrliUT76Wp70ekJnNwLV%2BXKg441oyRgQRJIb0LIN1IhbImCUmxneLStgc5nmRd4J9O3n8i7hg8VnPnorwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=31104000 cf-ray 6d563bf56b9f59c5-MXP expires Sat, 13 Aug 2022 19:33:49 GMT
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame CA44	89 KB 28 KB	70ms 32ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:58 GMT content-encoding gzip last-modified Mon, 24 Jan 2022 04:27:55 GMT server nginx etag W/"61ee2acb-16429" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 30 Jan 2022 23:27:58 GMT
GET H2	200	passback Show response exchange.adtrue.com/tag/ Frame 73A6	296 B 487 B	168ms 168ms	Script application/javascript	35.163.34.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=822758049&ref=undefined Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/rtb/passback.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.163.34.104 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-163-34-104.us-west-2.compute.amazonaws.com Software nginx / Resource Hash ee94573c790c8bca4ec1acbd75afa1e705e5488e0ed418e848a1a73b15bf75bd Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:58 GMT server nginx content-length 296 content-type application/javascript
GET H2	200	syncframe Show response gum.criteo.com/ Frame 8945	13 KB 5 KB	21ms 21ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 2454 date Sat, 29 Jan 2022 23:27:58 GMT content-length 5180 strict-transport-security max-age=31536000; preload;
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame CA44	89 KB 28 KB	84ms 52ms	XHR text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 5f1a0eb046f22533fd96fde5da0c9f951cb8b69354839596657271c9af223be0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:58 GMT content-encoding gzip last-modified Mon, 24 Jan 2022 04:27:55 GMT server nginx etag W/"61ee2acb-16429" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 30 Jan 2022 23:27:58 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 8945 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=hNmb4F9UVzdORDV0dVR2eThwWDFnRCUyQllsZ1VkUGw0M3NtTmJEMEtaNDNtZm04cEFuaU5oSTFMY1JF... https://mug.criteo.com/sid?cpp=g0-gvnx5ZndNcmJRd3NNOGhjaHlOU2FxeWMyZmJlbUNmL1g0YVdYaGpkVnlEL29kdytOQUJsU0ZBMTdoNWJXMWZWWnBlV0c2OWNQU1pScEgwcUM0S00xSzN6MjFEVmNZN1pJcFFoS0ZNbGtET3FGRElLaDgzU0hGYnkrdU...	438 B 636 B	35ms 34ms	Fetch application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=g0-gvnx5ZndNcmJRd3NNOGhjaHlOU2FxeWMyZmJlbUNmL1g0YVdYaGpkVnlEL29kdytOQUJsU0ZBMTdoNWJXMWZWWnBlV0c2OWNQU1pScEgwcUM0S00xSzN6MjFEVmNZN1pJcFFoS0ZNbGtET3FGRElLaDgzU0hGYnkrdUZwaFZVRlkzYlJQVDlyZkNhdE5BbytsQUJNRnJkRzJxbFZjb055MUJZeEJoR2p5ejJyUlZiN3A3dVJSaHhXMHZWNldXcDZQZmF2TDJSZXhJMVRaKzFsZW5LWE0wR3pRY3pJMTJxUnV1dzVSWkJoTy95bXpadjVOVk1EZHdybGR5Y2kxSTVwWWIvWjl2NGVRMVg2bTZadGYxeVd3SUx4WmR1WmZSL3QvcWpxMDdQaWRTL0pFMD18&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash ccc26c5e13e7c7392dd46fc7b914a4280d21af5ab8baf358fb0d7e3d2f80a0e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3896 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=g0-gvnx5ZndNcmJRd3NNOGhjaHlOU2FxeWMyZmJlbUNmL1g0YVdYaGpkVnlEL29kdytOQUJsU0ZBMTdoNWJXMWZWWnBlV0c2OWNQU1pScEgwcUM0S00xSzN6MjFEVmNZN1pJcFFoS0ZNbGtET3FGRElLaDgzU0hGYnkrdUZwaFZVRlkzYlJQVDlyZkNhdE5BbytsQUJNRnJkRzJxbFZjb055MUJZeEJoR2p5ejJyUlZiN3A3dVJSaHhXMHZWNldXcDZQZmF2TDJSZXhJMVRaKzFsZW5LWE0wR3pRY3pJMTJxUnV1dzVSWkJoTy95bXpadjVOVk1EZHdybGR5Y2kxSTVwWWIvWjl2NGVRMVg2bTZadGYxeVd3SUx4WmR1WmZSL3QvcWpxMDdQaWRTL0pFMD18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 2072 content-length 567 expires 0
GET H2	200	adtrue.ouo.press.991771.js Show response jsc.adskeeper.com/a/d/ Frame 73A6	2 KB 1 KB	58ms 28ms	Script text/javascript	104.18.17.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=12953&divid=822758049&ref=undefined Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5bd9c7c229050bc0b7d32f6678dad04b00699d0714f9a394a1361286f88a98e Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:58 GMT content-encoding gzip cf-cache-status HIT age 6736 cf-ray 6d563bf6df0f91ed-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 745 x-amz-id-2 byqGxQc8mxQgJRhR21s2eAH1Zi2p7CyqOxaL535tZ9tOpou4/wPFlUZSH3D+medf+F1SlKDLAgY= last-modified Tue, 04 Jan 2022 08:50:15 GMT server cloudflare etag "f989cf3889b059e85b6221d4013db75f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 5G2P64EF7YFQ53TG cache-control public, max-age=14400 accept-ranges bytes content-type text/javascript expires Sun, 30 Jan 2022 03:27:58 GMT
GET H3	200	adtrue.ouo.press.991771.es6.js Show response jsc.adskeeper.com/a/d/ Frame 73A6	226 KB 68 KB	55ms 19ms	Script text/javascript	104.18.17.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js Requested by Host: jsc.adskeeper.com URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fe74cca022be153d2d22e1ec3be4a8094aec3da8f4d6638619a9bef46ebcdd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:58 GMT content-encoding gzip cf-cache-status HIT age 5356 cf-ray 6d563bf73eee9153-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 69549 x-amz-id-2 7BpgwOsFbWeJe8scD/6h5F87zKx01fVQ4NgteeBHnldCahVnYX82tMERzpyf+R5gqId9UC7LjLA= last-modified Tue, 04 Jan 2022 08:50:15 GMT server cloudflare etag "257cfddab414867409a36ddc1105df47" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 6RTMM5C7M9TDH130 cache-control public, max-age=14400 accept-ranges bytes content-type text/javascript expires Sun, 30 Jan 2022 03:27:58 GMT
GET H2	200	publishertag.prebid.113.js Show response static.criteo.net/js/ld/ Frame 1641	85 KB 27 KB	17ms 17ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.113.js Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:58 GMT content-encoding gzip last-modified Wed, 08 Sep 2021 12:50:31 GMT server nginx etag W/"6138b197-1532d" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 30 Jan 2022 23:27:58 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 5AB2	13 KB 5 KB	23ms 22ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ouo.press Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 4149 date Sat, 29 Jan 2022 23:27:58 GMT content-length 5180 strict-transport-security max-age=31536000; preload;
GET H2	200	sid Show response mug.criteo.com/ Frame 5AB2 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=ouo.press&sn=ChromeSyncframe&so=3&topUrl=ouo.press&bundle=hNmb4F9UVzdORDV0dVR2eThwWDFnRCUyQllsZ1VkUGw0M3NtTmJEMEtaNDNtZm04cEFuaU5oSTFMY1JF... https://mug.criteo.com/sid?cpp=IwQycXxLNS9SbmJMRnF1THFjVjY3MkRuZW1HUEljMEhHemRmVE8rUk1UWk8xUlc3V01GYXJFL1pTVWJqSFIzREk3T0k3L0VyRy84WnB1ZWFCd2dPSENDT1pqMk03dHB5eG1MaVFBdCtLWG02WVliQ05pS1lDbXJKVTh4RF...	441 B 642 B	17ms 16ms	Fetch application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=IwQycXxLNS9SbmJMRnF1THFjVjY3MkRuZW1HUEljMEhHemRmVE8rUk1UWk8xUlc3V01GYXJFL1pTVWJqSFIzREk3T0k3L0VyRy84WnB1ZWFCd2dPSENDT1pqMk03dHB5eG1MaVFBdCtLWG02WVliQ05pS1lDbXJKVTh4RFpwQlpZQWdXUS9LWUtFeTZseWI5TkZSa2pPcjVXU2dEbEtQcG1VbHNnMFk3V3o5UUpEdHpCQUNLeGpzY2J1S3R3b054dmlQaUdwL2RtNTBkYmlGVUxhcHdDaXRaS3FaTXVycjV0YnZHVStDZExDS2J4cVkvdDlWaUFmSUFXaE90MU1GeUlrNlZDdjNxMlBLUzhlOThhdzl1VTNwcnRpbjdmWmRGQXloVUdtRlpib1RFWU40dz18&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 411f78ffbdfd30a5b3f76ee878014a9830accac0b3f47a35bc6edc7ed6ccd9fa Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:57 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3080 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Sat, 29 Jan 2022 23:27:58 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=IwQycXxLNS9SbmJMRnF1THFjVjY3MkRuZW1HUEljMEhHemRmVE8rUk1UWk8xUlc3V01GYXJFL1pTVWJqSFIzREk3T0k3L0VyRy84WnB1ZWFCd2dPSENDT1pqMk03dHB5eG1MaVFBdCtLWG02WVliQ05pS1lDbXJKVTh4RFpwQlpZQWdXUS9LWUtFeTZseWI5TkZSa2pPcjVXU2dEbEtQcG1VbHNnMFk3V3o5UUpEdHpCQUNLeGpzY2J1S3R3b054dmlQaUdwL2RtNTBkYmlGVUxhcHdDaXRaS3FaTXVycjV0YnZHVStDZExDS2J4cVkvdDlWaUFmSUFXaE90MU1GeUlrNlZDdjNxMlBLUzhlOThhdzl1VTNwcnRpbjdmWmRGQXloVUdtRlpib1RFWU40dz18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1833 content-length 567 expires 0
GET H/1.1	200 OK	viewability Show response hal90003.redintelligence.net/ Frame 6A05	0 150 B	33ms 12ms	Script text/html	138.201.63.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90003.redintelligence.net/viewability?s=57826600003834503891606011855003&a=e7f4c033&vb=v Requested by Host: hal90003.redintelligence.net URL: https://hal90003.redintelligence.net/request_content.php?s=57826600003834503891606011855003&a=3fd919b3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.117 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.117.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal90003.redintelligence.net/request_content.php?s=57826600003834503891606011855003&a=3fd919b3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:58 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H2	200	/ track.adform.net/serving/unload/ Frame 6A05	35 B 477 B	30ms 30ms	Ping image/gif	37.157.4.25 ADFORM
General Check archive.org Show headers Download Go to Full URL https://track.adform.net/serving/unload/?version=15&unload=2821899300017998195@@51990306,3657967124193271526,100|1002|0|0|0|0|0|0|0||34|1|||||1|0|0|MZOiHHPzEa9cPlakbYq96ULd672IH3nzDdfDLo1nsG2ucrtuHnVDPYm3nyX34Xgm0|||11||0 Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://hal90003.redintelligence.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:59 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://hal90003.redintelligence.net cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type image/gif access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
GET H2	200	/ Show response c.adskeeper.com/pv/ Frame 73A6	0 307 B	35ms 25ms	Script text/plain	104.18.17.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adskeeper.com/pv/?pv=5&cbuster=1643498879022174592446&uniqId=09b68&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fouo.press%2FWU6xrp&cxurl=https%3A%2F%2Fouo.press%2FWU6xrp&lu=https%3A%2F%2Fouo.press%2FWU6xrp&sessionId=61f5cd7f-07a84&pageView=1&pvid=17ea82ab82fa0f4dcad&site=624865&implVersion=11&dpr=1 Requested by Host: jsc.adskeeper.com URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:59 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6d563bf9fea691ed-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	adskeeper_svg.svg cdn.adskeeper.co.uk/images/ Frame 73A6	4 KB 2 KB	56ms 25ms	Image image/svg+xml	104.19.134.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:59 GMT content-encoding br cf-cache-status HIT age 3224 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id PQQY40JG1BTA00NB x-amz-id-2 jn8iFc6HIZ78ziSodiCEP66Q9ApPuT2TQqxEag+8wBEQ/l8XxqONp5qtUsNtHzGMPfbkonGCXqs= last-modified Tue, 08 Dec 2020 08:34:59 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root etag W/"93f6d1136fb77e38a0a2c72108588f09" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 6d563bfa396b696a-FRA expires Sun, 30 Jan 2022 03:27:59 GMT
GET H2	200	1 Show response servicer.adskeeper.com/991771/ Frame 73A6	1008 B 876 B	44ms 34ms	Script application/x-javascript	104.18.17.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.adskeeper.com/991771/1?pv=5&cbuster=1643498879096679561310&uniqId=09b68&niet=4g&nisd=false&jsv=es6&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fouo.press%2FWU6xrp&cxurl=https%3A%2F%2Fouo.press%2FWU6xrp&lu=https%3A%2F%2Fouo.press%2FWU6xrp&sessionId=61f5cd7f-07a84&pageView=1&pvid=17ea82ab82fa0f4dcad&implVersion=11&dpr=1 Requested by Host: jsc.adskeeper.com URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d2faff437dace887e382f31c3cbbbd359ccf4ee5ea09d4eb54cc0a0931a96e8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:59 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/x-javascript; charset=utf-8 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6d563bfa6fed91ed-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	adskeeper_svg.svg cdn.adskeeper.co.uk/images/ Frame 73A6	4 KB 2 KB	30ms 18ms	Image image/svg+xml	104.19.134.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg Requested by Host: jsc.adskeeper.com URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.80 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:59 GMT content-encoding br cf-cache-status HIT age 5665 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id DGZCAX9CWX36WC7K x-amz-id-2 AthsKfTWaersj37sZ5GTy1c70c5nDDL1zUHrhn2kLJmlSINOo041xGf/gHoxs1qqyNtCkZ9Zgh8= last-modified Tue, 08 Dec 2020 08:34:59 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root etag W/"93f6d1136fb77e38a0a2c72108588f09" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 6d563bfacc0a9199-FRA expires Sun, 30 Jan 2022 03:27:59 GMT
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E3OWViZDJlZWQ2OTBjNTk3M2NmOWU2NmZkYzAyMGIxLmpwZw.webp s-img.adskeeper.com/g/6946113/492x277/64x0x1083x722/ Frame 73A6	14 KB 14 KB	407ms 380ms	Image image/webp	104.18.17.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.com/g/6946113/492x277/64x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E3OWViZDJlZWQ2OTBjNTk3M2NmOWU2NmZkYzAyMGIxLmpwZw.webp?v=1643498879-C1ujrUj8PK9iBnfRlChWu_RtrlUX3lchvgGVGzwONnY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8a258ad32642ae9a98ea58c94c16e2b9c21d2052ec940b148d1231ffda9c0ae Request headers Referer https://ouo.press/ Origin https://ouo.press Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 23:27:59 GMT cf-cache-status MISS last-modified Thu, 11 Nov 2021 15:57:23 GMT x-mg-request-uuid eb67f16d-9e2f-470f-94d5-8c035968134d expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 6d563bfaefb192ba-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14428 server cloudflare
GET H2	200	i.js Show response cm.adskeeper.com/ Frame 73A6	0 160 B	118ms 109ms	Script application/javascript	104.18.17.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.adskeeper.com/i.js?&cbuster=1643498879183192324528 Requested by Host: jsc.adskeeper.com URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:59 GMT content-encoding gzip cf-cache-status MISS last-modified Sat, 29 Jan 2022 23:27:59 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6d563bfaf90991ed-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	i-noref.js Show response cm.adskeeper.com/ Frame 806D	0 80 B	106ms 105ms	Script application/javascript	104.18.17.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.adskeeper.com/i-noref.js?cbuster=1643498879199174509131 Requested by Host: jsc.adskeeper.com URL: https://jsc.adskeeper.com/a/d/adtrue.ouo.press.991771.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:59 GMT content-encoding gzip cf-cache-status MISS last-modified Sat, 29 Jan 2022 23:27:59 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 6d563bfb092591ed-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H/1.1	200	806.json Show response id5-sync.com/g/v2/ Frame CA44	213 B 527 B	39ms 10ms	XHR application/json	51.75.146.199 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/806.json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.75.146.199 , France, ASN16276 (OVH, FR), Reverse DNS p12.id5-sync.com Software / Resource Hash e0ef7e0ad993309639290f566f68673224f0537ada40cc45141afdff9b5dfb0a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://ouo.press Date Sat, 29 Jan 2022 23:27:59 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type application/json;charset=UTF-8
GET H2	451	envelope Show response api.rlcdn.com/api/identity/ Frame CA44	44 B 323 B	38ms 14ms	XHR text/plain	34.120.133.55 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.rlcdn.com/api/identity/envelope?pid=1258 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 55.133.120.34.bc.googleusercontent.com Software / Resource Hash da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 29 Jan 2022 23:27:59 GMT via 1.1 google x-content-type-options nosniff access-control-allow-headers Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With access-control-allow-methods GET, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin https://ouo.press access-control-allow-credentials true alt-svc clear content-length 44
GET H2	200	id Show response id.crwdcntrl.net/ Frame CA44	63 B 333 B	124ms 50ms	XHR application/json	52.17.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-84-146.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 87360c69553badf7235b79890c95babeae2f409462da16545deb22ec87341e43 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 29 Jan 2022 23:27:59 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://ouo.press cache-control no-cache x-server 10.45.22.100 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 63 expires 0
GET H2	200	rid Show response match.adsrvr.org/track/ Frame CA44	109 B 538 B	32ms 32ms	XHR application/json	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 2097a43d6c4deef73ed0dd42162133124a20ffd6874ec10303bf251173b92138 Request headers Referer https://ouo.press/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Sat, 29 Jan 2022 23:27:59 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://ouo.press cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 109 expires Mon, 28 Feb 2022 23:27:59 GMT
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame C1E1	52 KB 17 KB	79ms 18ms	Document text/html	151.101.129.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.129.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.18.0 (Ubuntu) Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Fri, 28 Jan 2022 02:33:10 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Sat, 29 Jan 2022 23:27:59 GMT Age 75287 X-Served-By cache-lga21923-LGA, cache-hhn4081-HHN X-Cache HIT, HIT X-Cache-Hits 191101, 1004982 X-Timer S1643498880.965877,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 929E	281 B 554 B	18ms 18ms	Document text/html	104.109.78.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 14 Dec 2021 23:07:59 GMT ETag "40014-119-5d32342a551c0" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 29 Jan 2022 23:27:59 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	check.html Show response biddr.brealtime.com/ Frame 47A2	926 B 1 KB	89ms 15ms	Document text/html	104.17.119.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://biddr.brealtime.com/check.html Requested by Host: ecdn.firstimpression.io URL: https://ecdn.firstimpression.io/static/js/prebidamp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ Response headers Date Sat, 29 Jan 2022 23:27:59 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive x-amz-id-2 THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY= x-amz-request-id 15DG7FS62Q387667 Last-Modified Tue, 08 Sep 2020 13:51:51 GMT CF-Cache-Status HIT Age 5666 Expires Sat, 29 Jan 2022 23:28:59 GMT Cache-Control public, max-age=60 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Server cloudflare CF-RAY 6d563bffdc599136-FRA Content-Encoding gzip
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 929E	32 KB 10 KB	23ms 23ms	Script text/html	104.109.78.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash f46cc92a45e5d2f9007c9aff6ea24d395c901a5878f441733bb5d08682f4765a Request headers Accept-Language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 23:27:59 GMT Content-Encoding gzip Last-Modified Wed, 15 Dec 2021 23:04:16 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=17890 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9704 Expires Sun, 30 Jan 2022 04:26:09 GMT
GET H/1.1	200 OK	bounce Show response ib.adnxs.com/ Frame C1E1 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 801 B	52ms 52ms	Script text/html	37.252.173.27 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Server 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 29 Jan 2022 23:28:00 GMT X-Proxy-Origin 217.64.151.3; 217.64.151.3; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 396efc01-6a28-48a4-a9c6-1fdd48f8dbe0 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Sat, 29 Jan 2022 23:27:59 GMT X-Proxy-Origin 217.64.151.3; 217.64.151.3; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid ecba9687-5601-4657-aa04-d59dc5a8c58e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	c c.adskeeper.com/ Frame 73A6	43 B 403 B	29ms 28ms	Image image/gif	104.18.17.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.adskeeper.com/c?f=1&pv=3&v=300|250|12|PkXcLssc5ghBEYDnoHKKAPptRljF7AP4i9FM_wkOi19ARpFF7KSVmE7bkW5AuJlk&fw=1&extjs=66044&cid=991771&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=184b4653-815b-11ec-ad1c-e43d1a2a53a0&tt=Direct&iv=11&pageImp=1&pvid=17ea82ab82fa0f4dcad&cbuster=1643498880675565864629&tpl=0 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ouo.press/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Sat, 29 Jan 2022 23:28:00 GMT cf-cache-status DYNAMIC x-mg-request-uuid 7d4a4d41-7f3f-479f-a521-8e33cca0c53f expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 6d563c044d9a9153-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame C1E1	0 729 B	7ms 6ms	Script text/html	37.252.173.27 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 29 Jan 2022 23:28:00 GMT X-Proxy-Origin 217.64.151.3; 217.64.151.3; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid ee42e548-de0c-41d0-bd64-01765e0fd334 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

hbopenbid.pubmatic.com

URL

https://hbopenbid.pubmatic.com/translator?source=prebid-client